Exam PT0-003 Topic 4 Question 64 Discussion

Actual exam question for CompTIA's PT0-003 exam
Question #: 64
Topic #: 4
A client warns the assessment team that an ICS application is maintained by the manufacturer. Any tampering of the host could void the enterprise support terms of use. Which of the following techniques would be most effective to validate whether the application encrypts communications in transit?

Suggested Answer: A Vote an answer

Using port mirroring on a firewall appliance is the safest and most non-intrusive way to validate if the application encrypts data in transit.
Why Port Mirroring?
Port mirroring (SPAN) enables traffic from the ICS system to be copied and sent to a monitoring device without affecting the host system.
This avoids any tampering with the application or host, preserving enterprise support terms.
Other Options:
B (Installing packet capture software): Installing software on the server would violate the terms of use and tamper with the host.
C (Reconfiguring the application): Reconfiguring the application to use a proxy would require modification, violating the terms of use.
D (Requesting that certificate pinning be disabled): This would involve modifying the application configuration, which is against the terms of use.
CompTIA Pentest+ Reference:
Domain 2.0 (Information Gathering and Vulnerability Identification)
ICS and SCADA Security Guidelines

by Irma at Feb 14, 2026, 07:40 AM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

0
0
0
10