112-52 Question #115: Real Exam Question with Answer & Explanation

The correct answer is C. Exploitation. Exploitation (C) is the phase where a tester actively attempts to leverage identified vulnerabilities to gain unauthorized access or demonstrate real-world impact - it's the "hands-on attack" phase. Reconnaissance (A) comes before exploitation and focuses solely on gathering info

Ethical Hacking Fundamentals

Question

Which phase of penetration testing involves attempting to exploit identified vulnerabilities?

Options

AReconnaissance
BReporting
CExploitation
DRemediation

Explanation

Exploitation (C) is the phase where a tester actively attempts to leverage identified vulnerabilities to gain unauthorized access or demonstrate real-world impact - it's the "hands-on attack" phase. Reconnaissance (A) comes before exploitation and focuses solely on gathering information about the target (scanning, OSINT, enumeration). Reporting (B) is the final phase, documenting findings and remediation recommendations after all testing is complete. Remediation (D) is not even a penetration testing phase - it's what the client does afterward to fix the vulnerabilities that were found.

Memory tip: Think of the phases in order - R-S-E-R (Recon → Scanning → Exploitation → Reporting). "Exploitation" sits right in the middle where the real attacking happens, sandwiched between discovery and documentation.

Topics

#Penetration Testing#Exploitation Phase#Vulnerability Testing#Methodology

Community Discussion

No community discussion yet for this question.

Full 112-52 Practice