CompTIA Pentest+ EXAM QUESTIONSBANK 2024|GUARANTEED SET|VERIFIED|COMPLETE EXAM RESOURCE

Methodology - Accurate Answer__ is a system of methods used in a particular area of study or activity. Pentest Methodology - Accurate Answer__: 1. Planning & Scoping 2. Info Gathering & Vulnerability ID 3. Attacks & Exploits 4. Reporting & Communication NIST SP 800-115 Methodology - Accurate Answer__: 1. Planning 2. Discovery 3. Attack 4. Reporting Planning a Penetration Test - Accurate Answer__, Questions to ask: ▪ Why Is Planning Important? ▪ Who is the Target Audience? ▪ Budgeting ▪ Resources and Requirements ▪ Communication Paths ▪ What is the End State? ▪ Technical Constraints ▪ Disclaimers Planning a Penetration Test - Budgeting - Accurate Answer__: ▪ Controls many factors in a test ▪ If you have a large budget, you can perform a more in-depth test __● Increased timeline for testing __● Increased scope __● Increased resources (people, tech, etc.) Planning a Penetration Test - Resources and Requirements - Accurate Answer__: ▪ What resources will the assessment require? ▪ What requirements will be met in the testing? __● Confidentiality of findings __● Known vs. unknown vulnerabilities __● Compliance-based assessment Planning a Penetration Test - Communication Paths - Accurate Answer__: ▪ Who do we communicate with about the test? ▪ What info will be communicated and when? ▪ Who is a trusted agent if testing goes wrong? Planning a Penetration Test - What is the End State? - Accurate Answer__: ▪ What kind of report will be provided after test? ▪ Will you provide an estimate of how long remediations would take? Planning a Penetration Test - Technical Constraints - Accurate Answer__: ▪ What constraints limited your ability to test? ▪ Provide the status in your report __● Tested __● Not Tested __● Can't Be Tested Planning a Penetration Test - Disclaimers - Accurate Answer__: ▪ Point-in-Time Assessment __● Results were accurate when the pentest occurred ▪ Comprehensiveness __● How complete was the test? __● Did you test the entire organization or only specific objectives? Rules of Engagement (RoE) - Accurate Answer__ are detailed guidelines and constraints regarding the