PT0-003
Vulnerability Discovery and Analysis
medium
Question 1 of 17

A penetration tester is using Nikto to scan a web server. What category of vulnerabilities is Nikto PRIMARILY designed to detect?

ASQL injection and XSS in application code
BWeb server misconfigurations, outdated software, and known vulnerable files
CNetwork-level vulnerabilities and open ports
DActive Directory misconfigurations

More Vulnerability Discovery and Analysis Questions

17 questions

Full CompTIA PenTest+ Practice Test

All topics covered

All CompTIA PenTest+ Questions

Browse by topic

Related Questions

Which vulnerability scanning tool is commonly associated with credentialed (authenticated) scanning ...

easy

A penetration tester performs an unauthenticated vulnerability scan and receives a result flagging a...

medium

A penetration tester is performing DAST (Dynamic Application Security Testing) on a web application....

medium

A penetration tester reviews a Nessus scan report and notices that a Windows server is flagged for M...

hard

A penetration tester performs a credentialed Nessus scan of a Linux server and receives a critical f...

hard
View all Vulnerability Discovery and Analysis questions

Educational Content — CertQnA practice questions are written against official exam objectives, covering the same domains tested on the real exam. All content is original and independent — not actual exam questions, not affiliated with any certification vendor. Learn more about our content policy

Discussion

Be the first to share your understanding of this concept

⚠️ Discussion is for concept clarification only. Do not share or request actual exam questions or answers.

Sign in to join the discussion

Sign InCreate free account