Exam PT0-001 topic 1 question 78 discussion

Actual exam question from CompTIA's PT0-001

Question #: 78
Topic #: 1

A penetration tester has been assigned to perform an external penetration assessment of a company. Which of the following steps would BEST help with the passive-information-gathering process? (Choose two.)

A. Wait outside of the company's building and attempt to tailgate behind an employee.
B. Perform a vulnerability scan against the company's external netblock, identify exploitable vulnerabilities, and attempt to gain access.
C. Use domain and IP registry websites to identify the company's external netblocks and external facing applications.
D. Search social media for information technology employees who post information about the technologies they work with.
E. Identify the company's external facing webmail application, enumerate user accounts and attempt password guessing to gain access.

Show Suggested Answer

Suggested Answer: DE 🗳️

by [deleted] at March 22, 2020, 3:42 a.m.

Comments

Submit Cancel

[Removed]

Highly Voted 5 years, 1 month ago

Passive..... C and D

upvoted 21 times

mr_robot

5 years ago

Agree! C and D. Info taken from the PenTest+ Practice Tests Book - SYBEX: "Open-source intelligence (OSINT) is any information that is publicly available and can be passively gathered. Because it is passively gathered, you can’t use methods that actively engage the target organization to gather OSINT. For example, running a vulnerability scan is an active method, as is penetrating the organization’s facility or wheedling information out of a disgruntled employee. On the other hand, gathering information from the organization’s DNS registrar or reading job postings on the organization’s website are examples of passively gathering public information."

upvoted 12 times