PT0-002 · Question #519
PT0-002 Question #519: Real Exam Question with Answer & Explanation
The correct answer is B: Shodan. To gather information about a target company without sending direct network packets that could alert a SOC, a penetration tester should use passive reconnaissance tools like Shodan.
Question
A penetration tester is gathering information about a target company for a penetration test in order to tailor the type of attacks. However, the tester is worried about sending packets to the company that could tip off the SOC before the attacks begin. Which of the following sources should the tester use to achieve this objective?
Options
- ANmap
- BShodan
- CCeWL
- DNessus
Explanation
To gather information about a target company without sending direct network packets that could alert a SOC, a penetration tester should use passive reconnaissance tools like Shodan.
Common mistakes.
- A. Nmap is an active network scanner that sends packets to target systems to discover open ports and services, which would likely be detected by a SOC.
- C. CeWL (Custom Word List Generator) is a tool used to spider a website and create a custom wordlist for password cracking, which does not provide information about network infrastructure without sending packets.
- D. Nessus is an active vulnerability scanner that sends numerous packets to identify vulnerabilities, making it highly detectable by a SOC.
Concept tested. Passive reconnaissance tools
Reference. https://www.shodan.io/
Topics
Community Discussion
No community discussion yet for this question.