PrepAway - Latest Free Exam Questions & Answers

What phase of the penetration test is the tester curren…

A penetration tester was hired to perform a penetration test for a bank. The tester began searching for IP
ranges owned by the bank, performing lookups on the bank’s DNS servers, reading news articles online about
the bank, watching what times the bank employees come into work and leave from work, searching the bank’s
job postings (paying special attention to IT related jobs), and visiting the local dumpster for the bank’s corporate
office. What phase of the penetration test is the tester currently in?

PrepAway - Latest Free Exam Questions & Answers

A.
Information reporting

B.
Vulnerability assessment

C.
Active information gathering

D.
Passive information gathering

2 Comments on “What phase of the penetration test is the tester curren…

  1. Benjy says:

    Answer C

    Google told me:
    Active information gathering means you are in one way or the other directly interacting with the system(s). An example of active information gathering is when a tool such as Nmap is used. Passive information gathering on the other hand, means you passively “sit” and learn about the Active information gathering means you are in one way or the other directly interacting with the system(s). An example of active information gathering is when a tool such as Nmap is used. Passive information gathering on the other hand, means you passively “sit” and learn about the system(s) as information passes in your path.system(s) as information passes in your path.
    Sooo….

  2. Tetra-Grammaton-Cleric says:

    The answer is correct: D – Passive information gathering

    In no way did the pentester ‘interact’ with the target. They ‘sat’ and ‘watched’ from afar and used other external means of information gathering. Your own comment (pasted twice) attests to this fact.


Leave a Reply