CompTIA PenTest+ (PT0-003) — Question 100

A penetration tester wants to use multiple TTPs to assess the reactions (alerted, blocked, and others) by the client's current security tools. The threat-modeling team indicates the TTPs in the list might effect their internal systems and servers. Which of the following actions would the tester most likely take?

Answer options

• A. Use a BAS tool to test multiple TTPs based on the input from the threat-modeling team.
• B. Perform an internal vulnerability assessment with credentials to review the internal attack surface.
• C. Use a generic vulnerability scanner to test the TTPs and review the results with the threat-modeling team.
• D. Perform a full internal penetration test to review all the possible exploits that could affect the systems.

Correct answer: A

Explanation

The correct answer is A because a BAS (Breach and Attack Simulation) tool allows the tester to safely simulate various TTPs without causing harm to the systems, as indicated by the threat-modeling team's concerns. Options B, C, and D involve more intrusive actions that may not align with the team's warnings regarding potential impacts on internal systems.