GCIH · Question #804
Which of the following describes OSINT?
The correct answer is A. The collection of publicly available information used for reconnaissance against a target. OSINT stands for Open Source Intelligence and refers exclusively to the gathering and analysis of publicly available information for reconnaissance against a target.
Question
Which of the following describes OSINT?
Options
- AThe collection of publicly available information used for reconnaissance against a target
- BThe use of online or open source tools to gain unauthorized access to a target's internal network
- CThe use of public websites and social media for command and control of compromised targets
- DThe collection of active threat information from different sources for creating targeted IOCs
How the community answered
(32 responses)- A88% (28)
- B3% (1)
- C3% (1)
- D6% (2)
Why each option
OSINT stands for Open Source Intelligence and refers exclusively to the gathering and analysis of publicly available information for reconnaissance against a target.
OSINT is the disciplined practice of collecting, correlating, and analyzing information that is freely and legally accessible from public sources - including websites, social media, public records, WHOIS data, and news - to build a profile of a target during the passive reconnaissance phase. It does not involve unauthorized access and leaves no footprint on the target's systems.
Using tools to gain unauthorized access to internal networks describes active exploitation or intrusion, which is fundamentally different from OSINT's passive, legal, public-source-only methodology.
Using public websites and social media for command and control describes a C2 (Command and Control) evasion technique used to manage compromised hosts, which is unrelated to intelligence gathering.
Collecting active threat data to generate IOCs describes threat intelligence (TI) analysis, a distinct operational discipline that goes beyond publicly available passive reconnaissance.
Concept tested: OSINT definition and passive reconnaissance methodology
Source: https://www.cisa.gov/sites/default/files/2024-08/OSINT_Primer_508.pdf
Topics
Community Discussion
No community discussion yet for this question.