CompTIA PenTest+ PT0-002 Practice Question

A penetration tester is performing passive reconnaissance on a target organization and wants to gather information about various subdomains without directly interacting with the organization's name server. Which of the following methods would be the BEST to accomplish this task?

  • Analyze web traffic between the organization and public web services to find DNS-related data

  • Perform speculative execution of domain names to reveal subdomains

  • Deploy an outdated version of a DNS analysis tool in hopes it may bypass notice

  • Use a third-party service to obtain DNS records

CompTIA PenTest+ PT0-002
Information Gathering and Vulnerability Scanning
Your Score:
Settings & Objectives

Check or uncheck an objective to set which questions you will receive.

Bash, the Crucial Exams Chat Bot
AI Bot