SY0-501 · Question #349
SY0-501 Question #349: Real Exam Question with Answer & Explanation
The correct answer is C: Active reconnaissance. The penetration tester is actively gathering information like usernames and attempting to obtain passwords through social engineering, which are actions characteristic of active reconnaissance undertaken to plan an attack.
Question
A penetration tester harvests potential usernames from a social networking site. The penetration tester then uses social engineering to attempt to obtain associated passwords to gain unauthorized access to shares on a network server. Which of the following methods is the penetration tester MOST likely using?
Options
- AEscalation of privilege
- BSQL injection
- CActive reconnaissance
- DProxy server
Explanation
The penetration tester is actively gathering information like usernames and attempting to obtain passwords through social engineering, which are actions characteristic of active reconnaissance undertaken to plan an attack.
Common mistakes.
- A. Escalation of privilege occurs after initial access has been gained, when an attacker attempts to obtain higher-level permissions, which is not what the scenario describes.
- B. SQL injection is a web application vulnerability exploitation technique used to manipulate database queries, which is unrelated to the social engineering and information gathering described.
- D. A proxy server acts as an intermediary for network requests and, while potentially used during an attack, does not describe the method of information gathering or credential harvesting itself.
Concept tested. Penetration testing phases, active reconnaissance
Reference. https://learn.microsoft.com/en-us/microsoft-365/security/defender/attack-kill-chain
Community Discussion
No community discussion yet for this question.