CompTIA PenTest+ (PT0-001) — Question 129
A company has engaged a penetration tester to perform an assessment for an application that resides in the company's DMZ. Prior to conducting testing, in which of the following solutions should the penetration tester's IP address be whitelisted?
Answer options
- A. WAF
- B. HIDS
- C. NIDS
- D. DLP
Correct answer: C
Explanation
The correct answer is C, NIDS, because it monitors network traffic for suspicious activity and would need to recognize the penetration tester's IP to avoid false positives. The other options, WAF, HIDS, and DLP, serve different purposes such as web application protection, host-based intrusion detection, and data loss prevention, respectively, but they do not specifically relate to the network monitoring context needed here.