Basic Concept: Reconnaissance is the information gathering phase of an attack. LLMs can be enhanced to perform more effective reconnaissance by giving them access to current, specific information beyond their training data cutoff. CompTIA SecAI+ covers AI augmentation techniques including RAG under AI-assisted security.
Why A is Correct: RAG enhances an LLM by connecting it to an external knowledge base or real-time data sources that it can query during inference. For reconnaissance purposes, a RAG-enabled LLM can access up-to-date organizational information, technical documentation, and intelligence feeds that go beyond its static training data. This makes the LLM significantly more capable for gathering current, targeted intelligence about specific organizations or infrastructure.
Why B is Wrong: Creating a web scraper is a basic data collection technique. While AI can help write scraper code, the scraper itself is a simple script that does not enhance the LLM ' s intelligence or reasoning capabilities for sophisticated reconnaissance.
Why C is Wrong: Instructing an AI assistant to query as an administrator is a prompt manipulation attempt. An LLM cannot actually gain elevated permissions through a prompt instruction; this describes social engineering or privilege escalation via prompting, not a performance enhancement technique.
Why D is Wrong: Prompting a chatbot to describe naming patterns is a basic use of an existing LLM ' s knowledge. It does not strengthen or enhance the model ' s capabilities; it merely queries what the model already knows from training data, which may be outdated or generic.
Submit