CompTIA PenTest+ PT0-002 Practice Question
A penetration tester is initiating a passive reconnaissance exercise. The goal is to gather as much information as possible about the target corporation without alerting any defensive systems. Which of the following actions would be MOST effective for identifying the technologies used by the corporation, potentially leading to discovery of related vulnerabilities?
Reviewing job postings for detailed technology stack information.
Scrutinizing website SSL certificates and their revocation status.
Inspecting website links via manual exploration to detect network endpoints.
Issuing a tailored packet crafting exercise to enumerate devices.