CompTIA PenTest+ PT0-002 Practice Question
During a penetration test, you are tasked with crafting a phishing campaign to test the organization's resilience to social engineering efforts. Using the Social Engineering Toolkit, which of the following would be the BEST approach to emulate a realistic spear-phishing attack?
Clone a known trusted site and slightly modify it to collect user credentials.
Modify the organization's public website to redirect to your malicious site.
Replicate an exact copy of their public website to confuse employees.
Send out generic business-related documents that contain no organization-specific information.