Information obtained from a WHOIS database cannot be used to identify potential administrative contacts for social engineering during a penetration test.
The correct answer is false. A WHOIS query often returns valuable information about a domain, such as the domain registrar, the registrant's contact information, and when the domain was registered. This information can be invaluable to a penetration tester for identifying potential administrative contacts for social engineering purposes. It can also help in understanding the domain’s history and structure, which might aid in further penetration testing activities.