PT0-002 Question #400: Real Exam Question with Answer & Explanation

The correct answer is A: Dumpster diving. The penetration tester should try dumpster diving next, which is an attack that involves searching through trash bins or dumpsters for discarded documents or items that may contain sensitive or useful information. Dumpster diving can reveal information such as passwords, account

Information Gathering and Vulnerability Scanning

Question

A penetration tester breaks into a company's office building and discovers the company does not have a shredding service. Which of the following attacks should the penetration tester try next?

Options

ADumpster diving
BPhishing
CShoulder surfing
DTailgating

Explanation

The penetration tester should try dumpster diving next, which is an attack that involves searching through trash bins or dumpsters for discarded documents or items that may contain sensitive or useful information. Dumpster diving can reveal information such as passwords, account numbers, credit card numbers, invoices, receipts, memos, contracts, or employee records. The penetration tester can use this information to gain access to systems or networks, impersonate users or employees, or perform social engineering attacks.

Topics

#Physical security#Information gathering#Dumpster diving#Reconnaissance

Community Discussion

No community discussion yet for this question.

Full PT0-002 Practice Browse All PT0-002 Questions