About This Domain
Domain 4 — Attacks and Exploits — accounts for 35% of the PENTEST certification exam. This domain evaluates your understanding of network attacks (vlan hopping, on-path, service exploitation), authentication attacks (brute-force, pass-the-hash, credential stuffing), host-based attacks (privilege escalation, process injection), and related concepts. Network, host, web, cloud, and AI-based attacks. To pass this section you need practical knowledge of how these technologies work together.
What You'll Be Tested On
- Network attacks (VLAN hopping, on-path, service exploitation)
- Authentication attacks (brute-force, pass-the-hash, credential stuffing)
- Host-based attacks (privilege escalation, process injection)
- Web application attacks (SQLi, XSS, directory traversal)
- Cloud attacks (container escapes, IAM misconfiguration)
- AI attacks (prompt injection, model manipulation)
Key Technologies in This Domain
Study Strategy for Domain 4
At 35% of the exam, this is the highest-weighted domain — invest proportionally more study time here.
Exam Tips for Domain 4
This is 35% — the biggest domain. Know tools (Metasploit, Burp Suite) and all attack surfaces including cloud and AI.
Frequently Asked Questions
How many questions come from Domain 4?
Domain 4 (Attacks and Exploits) makes up 35% of the PENTEST exam.
What should I focus on for Domain 4?
Key topics include Attacks & Exploits.
How should I prepare for Attacks and Exploits questions?
Review key topics, then practice with domain-specific questions focusing on real-world scenarios.
What's the best order to study PENTEST domains?
Start with highest-weighted: Engagement Management (13%), Reconnaissance and Enumeration (21%), Vulnerability Discovery and Analysis (17%), Attacks and Exploits (35%), Post-Exploitation and Lateral Movement (14%).
Practice Domain 4 Questions
Test your knowledge of Attacks and Exploits with practice questions from our PENTEST question bank.
Start Practice Quiz →