CompTIA PenTest+ (PT0-002) — Question 293

A penetration tester is configuring a vulnerability management solution to perform a scan of Linux servers on an enterprise network. The client wants to reduce potential disruptions as much as possible. Which of the following types of accounts should the tester use?

Answer options

• A. Read-only user
• B. SSH LDAP user
• C. Domain administrator
• D. Unprivileged user

Correct answer: A

Explanation

Using a Read-only user account allows the penetration tester to gather necessary information without making any changes to the system, thus minimizing disruption. In contrast, a Domain administrator has extensive permissions that could inadvertently affect system stability, while SSH LDAP user and Unprivileged user accounts may not have sufficient access to perform a thorough scan.