Valid PT0-003 Dumps shared by ExamDiscuss.com for Helping Passing PT0-003 Exam! ExamDiscuss.com now offer the newest PT0-003 exam dumps, the ExamDiscuss.com PT0-003 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com PT0-003 dumps with Test Engine here:
A client warns the assessment team that an ICS application is maintained by the manufacturer. Any tampering of the host could void the enterprise support terms of use. Which of the following techniques would be most effective to validate whether the application encrypts communications in transit?
Correct Answer: A
Since direct interaction with the ICS application is restricted, the best way to analyze network traffic without modifying the system is to use port mirroring on a firewall or network switch. * Option A (Port mirroring) #: * Correct. Port mirroring (SPAN) copies network traffic without modifying the host system. * Allows passive analysis of whether encryption is used. * Option B (Packet capture on the server) #: * Requires modifying the host, which is prohibited by the client. * Option C (Reconfiguring the app to use a proxy) #: * Modifies application settings, which violates the client's terms. * Option D (Disabling certificate pinning) #: * Requires changes to security settings, which is not allowed in this scenario. # Reference: CompTIA PenTest+ PT0-003 Official Guide - Passive Traffic Analysis for ICS Systems