CompTIA PenTest+ (PT0-002) — Question 214

A company recently moved its software development architecture from VMs to containers. The company has asked a penetration tester to determine if the new containers are configured correctly against a DDoS attack.

Which of the following should a tester perform FIRST?

Answer options

• A. Check the strength of the encryption settings.
• B. Determine if security tokens are easily available.
• C. Run a vulnerability check against the hypervisor.
• D. Scan the containers for open ports.

Correct answer: D

Explanation

The correct answer is D, as scanning the containers for open ports is crucial to identify potential entry points for DDoS attacks. Checking encryption settings or security tokens (A and B) comes later in the assessment process, and running a vulnerability check against the hypervisor (C) is not directly related to the container's configuration.