During an external penetration test you begin by collecting publicly available information about a target organization-WHOIS records, employee email addresses from social media, DNS data obtained through a third-party server, and recent press releases-without sending any traffic to the company's hosts. According to the standard hacker methodology, which phase are you carrying out?
The activity described is passive reconnaissance, also known as footprinting. In this phase the attacker gathers as much information as possible from publicly accessible sources-search engines, social networks, WHOIS, DNS records-without directly interacting with or sending packets to the target's systems. Because no probes touch the victim's infrastructure, it is considered passive rather than active reconnaissance. Scanning and enumeration involve direct contact with target hosts (for example, port scans), exploitation involves using discovered vulnerabilities to obtain access, and maintaining access occurs only after an initial compromise has succeeded.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the difference between passive reconnaissance and active reconnaissance?
Open an interactive chat with Bash
What tools are commonly used for passive reconnaissance?
Open an interactive chat with Bash
Why is passive reconnaissance important in penetration testing?
Open an interactive chat with Bash
What is passive reconnaissance in ethical hacking?
Open an interactive chat with Bash
How is passive reconnaissance different from active scanning?
Open an interactive chat with Bash
Why is passive reconnaissance important in penetration testing?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Information Security and Ethical Hacking Overview
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .