CompTIA PenTest+ PT0-002 Practice Question

A penetration tester is performing passive reconnaissance on a target organization and wants to gather information about various subdomains without directly interacting with the organization's name server. Which of the following methods would be the BEST to accomplish this task?

  • Use a third-party service to obtain DNS records

  • Analyze web traffic between the organization and public web services to find DNS-related data

  • Deploy an outdated version of a DNS analysis tool in hopes it may bypass notice

  • Perform speculative execution of domain names to reveal subdomains

CompTIA PenTest+ PT0-002
Information Gathering and Vulnerability Scanning
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Bash, the Crucial Exams Chat Bot
AI Bot