CompTIA Study Materials
AWS Study Materials
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA PenTest+ PT0-002 Practice Question

A penetration tester has been tasked with gathering information about a target company without directly interacting with the company's systems. Which of the following methods would be most effective and appropriate for the tester to utilize to obtain potential user names, technology stacks, and job roles within the company?

  • Social media scraping to review profiles and posts for key employee information

  • Reviewing the company's open-source code contributions for potential user names and job roles

  • Using Shodan to scan for vulnerable company assets and extract employee information

  • Performing DNS lookups to identify potential usernames and job roles

Subscribe to avoid duplicate questions and track your progress over time
This question is for objective:
Information Gathering and Vulnerability Scanning
Your Score:
Information Gathering and Vulnerability Scanning
Attacks and Exploits
Reporting and Communication
Tools and Code Analysis
Planning and Scoping