Comptia-PenTest-pt0-001 – Question78

A penetration tester has been assigned to perform an external penetration assessment of a company. Which of the following steps would BEST help with the passive-information-gathering process? (Choose two.)

Wait outside of the companys building and attempt to tailgate behind an employee.
B. Perform a vulnerability scan against the companys external netblock, identify exploitable vulnerabilities, and attempt to gain access.
C. Use domain and IP registry websites to identify the companys external netblocks and external facing applications.
D. Search social media for information technology employees who post information about the technologies they work with.
E. Identify the companys external facing webmail application, enumerate user accounts and attempt password guessing to gain access.

Section: (none)

Correct Answer: DE