During a penetration-testing engagement, a consultant performs reconnaissance of a client to identify potential targets for a phishing campaign. Which of the following would allow the consultant to retrieve email addresses for technical and billing contacts quickly, without triggering any of the client's cybersecurity tools?
(Choose two.)
To retrieve email addresses for technical and billing contacts quickly and without triggering any of the client's cybersecurity tools, the consultant should use passive reconnaissance methods. Scraping social media sites can provide accessible email addresses that employees may have listed publicly without triggering any alerts. Similarly, using the WHOIS lookup tool provides domain registration details, including contact information for technical and billing purposes, without raising cybersecurity defenses. These methods are effective for gathering information discreetly.
I will go A and C here
This should be A and C. Technical and billing addresses are usually posted on company websites and company social media sites for the their clients to access. The WHOIS lookup will only avail info for the company registrant, an abuse email contact, etc but it may not contain details for billing addresses.
You are correct, in addition, WHOIS lookup is considered an active recon tool so it might trigger alerts.
No it won't. You can do a WhoIs Lookup on Domain Tools and it definitely has the technical contacts on there and not just the registrant
Whois, is not an active reconnaissance tool. It’s passive. The information you gather using whois, is public knowledge that anyone can see or get. https://www.linkedin.com/pulse/passive-reconnaissance-tools-nitin-bhanderi
I think Correct Answer is A, C. WHOIS lookup can't be correct because the question state ...without triggering any cybersecurity tools.
I believe others are overthinking this. Simplify the question with the answers. If you don't want to alert any of the detection tools, don't use any tools at all. A and C
I think it’s B and C
you right it's B and C
A because to identify potential targets for a phishing campaign B because any who is have the technical and billing contacts
Duplicate of https://www.examtopics.com/exams/comptia/pt0-002/view/29/ Some examples of security measures on a website that could potentially trigger cybersecurity tools during crawling or scanning activities include: Web Application Firewall (WAF): A WAF is designed to detect and block malicious web traffic, including activities that may be considered suspicious, such as repeated or aggressive crawling or scanning of the website. Intrusion Detection System/Intrusion Prevention System (IDS/IPS): An IDS/IPS is designed to detect and prevent unauthorized access or malicious activities on a network or website. It may be configured to detect patterns of crawling or scanning activities and trigger alerts or block access. Rate limiting or throttling: The website may have rate limiting or throttling mechanisms in place to limit the number of requests or connections from a single IP address or user agent within a certain time frame. Exceeding these limits may trigger alerts or blocks. Captchas or challenge-response mechanisms: Custom security scripts or tools: