Exam SY0-701 topic 1 question 513 discussion

OSINT (Open-Source Intelligence) refers to gathering publicly available information from sources like websites, social media, forums, and public records. Collecting evidence of malicious activity often involves analyzing public threat reports, leaked data, or attacker footprints found in open sources.

Hacker collect finds the target victim, and it's info in the open sources, eventually attacking. OSINT for Social Engineering Testing: Information Gathering: Employee names from LinkedIn Company structure from websites Email formats from public posts Phone numbers from directories Office locations from Google Maps

Answer: A. Social engineering testing Open Source Intelligence (OSINT) involves gathering information from publicly available sources. Social engineering testing often uses OSINT to collect data about individuals or organizations to craft convincing phishing attacks or other social engineering tactics. Why the other options are not correct: C. Collecting evidence of malicious activity Collecting evidence of malicious activity typically involves forensic analysis of compromised systems or networks, which relies on internal data and artifacts rather than publicly available information. D. Producing IOCs for malicious artifacts Producing Indicators of Compromise (IOCs) involves analyzing malware or attack patterns to create signatures or identifiers. This process is based on technical analysis of malicious artifacts, not on publicly available information.