A security analyst is hired to examine a software company. The analyst intends to compile information from public sources and also run a network probe. Which approach is more likely to avoid detection by the company’s internal monitoring?
Using a network application to enumerate open services on the target
Collecting network data packets from internal systems of the company
Reviewing job boards for relevant postings about the company’s technology stack
Sending crafted messages to the organization’s domain for banner details
Examining job boards involves reading publicly available information. This does not engage the target's infrastructure or create network traffic, which helps reduce chances of being detected. Other options involve direct probing or capturing data from the organization’s environment, which can be monitored and logged by the company’s systems.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why does reviewing job boards reduce detection during reconnaissance?
Open an interactive chat with Bash
What kinds of information can job postings reveal during reconnaissance?
Open an interactive chat with Bash
How does passive reconnaissance differ from active reconnaissance?