PT0-003 Exam Dumps - CompTIA PenTest+ Exam

Software Composition Analysis (SCA) is used to analyze dependencies in applications and identify vulnerable open-source libraries.

Option A (VM - Virtual Machine) ❌: A VM is a computing environment, not a vulnerability detection tool.

Option B (IAST - Interactive Application Security Testing) ❌: IAST analyzes runtime behavior, but it does not specialize in detecting vulnerable libraries.

Option C (DAST - Dynamic Application Security Testing) ❌: DAST scans running applications for vulnerabilities, but it does not analyze open-source libraries.

Option D (SCA - Software Composition Analysis) ✅: Correct.

Identifies security flaws in dependencies.

Used for managing supply chain risks.

📖 Reference: CompTIA PenTest+ PT0-003 Official Guide – Software Composition Analysis (SCA)

Channel Scanning:

Wireless communications can be disrupted by identifying and interfering with the channels used by Wi-Fi networks.

Channel scanning allows the tester to map all active Wi-Fi channels, identify the target network, and determine possible jamming or interference strategies.

Why Not Other Options?

A (Port mirroring): This applies to wired network traffic duplication for monitoring purposes and is unrelated to wireless disruption.

B (Sidecar scanning): Not a relevant technique in the context of wireless disruption.

C (ARP poisoning): This targets Ethernet/IP communication in a local network, not wireless communication at the radio frequency level.

CompTIA Pentest+ References:

Domain 3.0 (Attacks and Exploits)

Wireless Network Disruption Techniques