A penetration tester is conducting reconnaissance against a target organization. To build a comprehensive profile, they use a variety of OSINT tools, including Nmap, theHarvester, and WHOIS. Which piece of information below is uniquely provided by a WHOIS query as opposed to the other tools?
The geographical coordinates of the primary data center.
A list of open TCP ports and running services on the mail server.
A list of employee email addresses found on public search engines.
The registrar's name and the domain's registration expiration date.
A WHOIS query specifically retrieves domain registration data from public records. This includes the registrar's name, and the domain's registration and expiration dates. While tools like theHarvester gather public email addresses and Nmap identifies open ports and services, the domain's registration details are the unique purview of a WHOIS lookup.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What tools are commonly used to perform a domain lookup?
Open an interactive chat with Bash
What kind of information can a WHOIS query reveal?
Open an interactive chat with Bash
Why is domain registration data important for penetration testers?