callicon +1 210 504 8191
whatsAppIcon +1 210 415 9856
emailIcon info@koenig-solutions.com
koenig-logo
Login
whatsAppIcon +1 210 415 9856
phoneIcon +1 210 504 8191
koenig-logo
All Courses

CompTIA Pentest+ Quiz Questions and Answers

Answer :
  • Forward DNS lookup

Explanation :

A forward DNS lookup queries the name server for a domain or hostname, for which the DNS server will then provide the associated IP address; this function is present at the heart of the internet, as the use of human-readable terms such as "google.com" in web browsers would fail without it. Put another way, in the absence of a service such as DNS, we would be required to use machine-readable logical addresses alone (that is, IP addresses) to do nearly anything across a network. A DNS zone transfer is a type of DNS transaction wherein a DNS database is replicated to the requesting system. DNS zone transfers can be of great benefit to penetration testers if internal corporate name servers permit them; knowledge of the entirety of an organization's IP space and hostnames can be of immense value in identifying potential targets during a penetration test. A reverse DNS lookup takes a user-provided IP address and then queries a name server for the host(s) or domain(s) with which that address is associated. Investigation is incorrect because it is not a term with an explicit definition in the lexicon of penetration testing.
Answer :
  • FOCA

Explanation :

FOCA is a free, GNU-licensed tool that gathers information by scraping metadata from Microsoft Office documents, which can include usernames, e-mail addresses, and real names. Note that while FOCA can be run in Linux and Unix variants using WINE (a compatibility layer or interface that allows Windows applications to run on *nix operating systems), the question specifically mentions that the tool was written for Windows, rather than stating that it only runs in Windows. While Maltego and recon-ng are capable of scraping metadata from files with the use of transforms or modules, neither of these tools was written specifically for the Windows operating system family. Theharvester is limited to what can be pulled directly from a website; scraping the contents of files stored on a website is beyond its capabilities. In addition, theharvester is like Maltego and recon-ng in that it was not written specifically for the Windows operating system.
Answer :
  • Passive information gathering

Explanation :

Passive information gathering is the process of assessing a target to collect preliminary knowledge about systems, software, networks, or people without directly engaging the target or its assets. Reconnaissance is a broader term that can describe both passive and active information-gathering efforts. Web searching is just one specific activity which is performed while passive information gathering. Active information gathering is the process of collecting information about target systems, software, networks, or people in a manner which requires direct engagement with the target or its assets.
Answer :
  • FTP port:14147

Explanation :

Search and filter terms in Shodan must be provided in the format search_string filter:value. In the example given, FTP port:14147 will search for FTP connections available on the open Internet and then filter all but those running on port 14147 from the search results. The other options are incorrect because search and filter terms in Shodan must be provided in the format search_string filter:value.
Answer :
  • Facebook

Explanation :

Although theharvester can query many data sources, Facebook is not one of them, which makes it the correct answer. Pay careful attention to questions that are stated with a negating term such as "is not" or "are not." Google, LinkedIn, and Twitter are all valid data sources for theharvester, making these incorrect choices for this question.
Answer :
  • Metadata analysis

Explanation :

Metadata analysis is the term for collecting open-source intelligence by parsing published documents for information hidden within to reveal usernames, e-mail addresses, or other sensitive data.
Answer :
  • Domain administrator GPS coordinates

Explanation :

Whois domain registration information can be quite detailed, the most one can expect to find concerning geographic location is a physical address
Answer :
  • Any information or data obtained via publicly available sources that is used to aid or drive decision-making processes

Explanation :

Any information or data obtained via publicly available sources that is used to aid or drive decision-making processes
Answer :
  • Data mining

Explanation :

Data mining is the process by which large data sets are analyzed to reveal patterns or hidden anomalies.
Answer :
  • Google

Explanation :

Yahoo is not used by FOCA when it searches for documents, making this the correct answer.