CompTIA PenTest+ (PT0-003) — Question 206

A penetration tester is conducting a vulnerability scan. The tester wants to see any vulnerabilities that may be visible from outside of the organization. Which of the following scans should the penetration tester perform?

Answer options

• A. SAST
• B. Sidecar
• C. Unauthenticated
• D. Host-based

Correct answer: C

Explanation

The correct answer is C, Unauthenticated, because this type of scan evaluates vulnerabilities without requiring any credentials, simulating an external attacker's perspective. The other options, such as SAST and Host-based scans, focus on different aspects of security and may not provide the external visibility needed for this scenario.