CompTIA PenTest+ (PT0-001) — Question 96
A penetration tester has been asked to conduct a penetration test on a REST-based web service. Which of the following items is required?
Answer options
- A. The latest vulnerability scan results
- B. A list of sample application requests
- C. An up-to-date list of possible exploits
- D. A list of sample test accounts
Correct answer: B
Explanation
Having a list of sample application requests is crucial for a penetration tester because it allows them to understand how to interact with the REST-based web service effectively. The other options, while potentially useful, do not provide the necessary context or specific examples of requests that the tester can use to probe the web service.