At the start of a penetration test, the tester checks OSINT resources for information about the client environment. Which of the following types of reconnaissance is the tester performing?
Passive reconnaissance involves gathering publicly available information about a target without directly interacting with the target systems. Checking OSINT (Open Source Intelligence) sources is a typical passive technique used to collect data without alerting the target.
Active reconnaissance (A) involves direct interaction with the target. Offensive (C) and defensive (D) refer to broader security postures and are not specific reconnaissance types.
Passive reconnaissance is a foundational step in penetration testing and covered in the Threats and Vulnerabilities domain of SY0-701【6:Chapter 2†CompTIA Security+ Study Guide】
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit