CompTIA Study Materials
AWS Study Materials
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA PenTest+ PT0-002 Practice Question

A penetration tester is crafting an email to impersonate a senior executive of a large corporation as part of a security assessment. The goal is to manipulate another high-ranking executive into disclosing sensitive company information. Which of the following tactics would be MOST effective for this scenario?

  • Register a domain name that is a common misspelling of the company’s actual domain to send the email from, in the hopes that it goes unnoticed.

  • Impersonate a trusted co-worker in a department not usually interacting with the executive to increase the likelihood of the executive responding due to curiosity.

  • Initiate a generic email phishing campaign with a broad and common theme hoping to catch the executive among other employees.

  • Craft the content to seem like an urgent issue unique to the company that requires immediate attention, using specific jargon and references known only to the executive team.

This question is for objective:
Attacks and Exploits
Your Score:
Attacks and Exploits
Information Gathering and Vulnerability Scanning
Reporting and Communication
Tools and Code Analysis
Planning and Scoping