PT0-002 · Question #419
PT0-002 Question #419: Real Exam Question with Answer & Explanation
Sign in or unlock PT0-002 to reveal the answer and full explanation for question #419. The question stem and answer options stay visible for context.
Question
A penetration tester is conducting an assessment of an organization that has both a web and mobile application. While testing the user profile page, the penetration tester notices that additional data is returned in the API response, which is not displayed in the web user interface. Which of the following is the most effective technique to extract sensitive user data?
Options
- ACompare PI I from data leaks to publicly exposed user profiles.
- BTarget the user profile page with a denial-of-service attack.
- CTarget the user profile page with a reflected XSS attack.
- DCompare the API response fields to GUI fields looking for PH.
Unlock PT0-002 to see the answer
You've previewed enough free PT0-002 questions. Unlock PT0-002 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.