Footprinting and Reconnaissance 2023 Questions and
Answers with complete solution
Which of the following database is used to delete the history of the target website?
TCP/IP and IPSec filters
archive.org
WhoIs Lookup database
Implement VPN
archive.org
A penetration tester was hired to perform a penetration test for a bank. The tester began
searching for IP ranges owned by the bank, performing lookups on the bank's DNS
servers, reading news articles online about the bank, watching the bank employees time
in and out, searching the bank's job postings (paying special attention to IT-related
jobs), and visiting the local dumpster for the bank's corporate office. What phase of the
penetration test is the tester currently in?
Information reporting
Vulnerability assessment
Active information gathering
Passive information gathering
Passive information gathering
Passive reconnaissance involves collecting information through which of the following?
Social engineering
Traceroute analysis
Email tracking
Publicly accessible sources
Publicly accessible sources
Which of the following technique is used to gather information about the target without
direct interaction with the target?
, Active Footprinting
Scanning
Passive Footprinting
Enumeration
Passive Footprinting
Which of the following is a network threat?
Privilege escalation
Arbitrary code execution
Session hijacking
SQL injection
Session hijacking
InfoTech Security hired a penetration tester Sean to do physical penetration testing. On
the first day of his assessment, Sean goes to the company posing as a repairman and
starts checking trash bins to collect the sensitive information.
What is Sean trying to do?
Trying to attempt social engineering using phishing
Trying to attempt social engineering by eavesdropping
Trying to attempt social engineering by shoulder surfing
Trying to attempt social engineering by dumpster diving
Trying to attempt social engineering by dumpster diving
Which of the following countermeasure helps organizations to prevent information
disclosure through banner grabbing?
Configure IIS
Configure web servers
TCP/IP and IPSec
Implement VPN
Configure IIS
Answers with complete solution
Which of the following database is used to delete the history of the target website?
TCP/IP and IPSec filters
archive.org
WhoIs Lookup database
Implement VPN
archive.org
A penetration tester was hired to perform a penetration test for a bank. The tester began
searching for IP ranges owned by the bank, performing lookups on the bank's DNS
servers, reading news articles online about the bank, watching the bank employees time
in and out, searching the bank's job postings (paying special attention to IT-related
jobs), and visiting the local dumpster for the bank's corporate office. What phase of the
penetration test is the tester currently in?
Information reporting
Vulnerability assessment
Active information gathering
Passive information gathering
Passive information gathering
Passive reconnaissance involves collecting information through which of the following?
Social engineering
Traceroute analysis
Email tracking
Publicly accessible sources
Publicly accessible sources
Which of the following technique is used to gather information about the target without
direct interaction with the target?
, Active Footprinting
Scanning
Passive Footprinting
Enumeration
Passive Footprinting
Which of the following is a network threat?
Privilege escalation
Arbitrary code execution
Session hijacking
SQL injection
Session hijacking
InfoTech Security hired a penetration tester Sean to do physical penetration testing. On
the first day of his assessment, Sean goes to the company posing as a repairman and
starts checking trash bins to collect the sensitive information.
What is Sean trying to do?
Trying to attempt social engineering using phishing
Trying to attempt social engineering by eavesdropping
Trying to attempt social engineering by shoulder surfing
Trying to attempt social engineering by dumpster diving
Trying to attempt social engineering by dumpster diving
Which of the following countermeasure helps organizations to prevent information
disclosure through banner grabbing?
Configure IIS
Configure web servers
TCP/IP and IPSec
Implement VPN
Configure IIS
