CompTIA
PT0-001 · Question #213
PT0-001 Question #213: Real Exam Question with Answer & Explanation
The correct answer is D: A penetration test has a broad scope and focuses more on vulnerability identification while a red. Penetration tests are broad and vulnerability-focused, while red team engagements are narrow and objective-driven, emulating sophisticated threat actors.
Engagement management
Question
Which of the following BEST describes the difference between a red team engagement and a penetration test?
Options
- AA penetration test has a broad scope and emulates advanced persistent threats while a red team
- BA red team engagement has a broad scope and emulates advanced persistent threats, while a
- CA red team engagement has a broad scope and focuses more on vulnerability identification, while
- DA penetration test has a broad scope and focuses more on vulnerability identification while a red
Explanation
Penetration tests are broad and vulnerability-focused, while red team engagements are narrow and objective-driven, emulating sophisticated threat actors.
Common mistakes.
- A. This reverses the definitions - it incorrectly attributes APT emulation and broad scope to the penetration test rather than the red team.
- B. Red team engagements are explicitly narrow and objective-focused, not broad; broad scope belongs to penetration tests.
- C. Red team engagements do not focus on vulnerability identification - comprehensive vulnerability discovery is the purpose of a penetration test, not a red team exercise.
Concept tested. Red team vs penetration test scope and methodology differences
Reference. https://csrc.nist.gov/glossary/term/red_team_exercise
Topics
#red team#penetration testing#engagement scope#methodology
Community Discussion
No community discussion yet for this question.