Which of the following penetration testing phases involves reconnaissance or data gathering?

A.
Attack phase

B.
Pre-attack phase

C.
Post-attack phase

D.
Out-attack phase

Explanation:

The pre-attack phase is the first step for a penetration tester. The pre-attack phase involves
reconnaissance or data gathering. It also includes gathering data from Whois, DNS, and network
scanning, which help in mapping a target network and provide valuable information regarding the
operating system and applications running on the systems. Penetration testing involves locating the
IP block and using domain name Whois to find personnel contact information.
Answer option A is incorrect. The attack phase is the most important phase of penetration testing.
Different exploitive and responsive hacking tools are used to monitor and test the security of
systems and the network. Some of the actions performed in the attack phase are as follows:
Penetrating the perimeter
Escalating privileges
Executing, implanting, and retracting
Answer option C is incorrect. The post-attack phase involves restoring the system to normal pre-test
configurations. It includes removing files, cleaning registry entries, and removing shares and
connections. Analyzing all the results and presenting them in a comprehensive report is also the part
of this phase. These reports include objectives, observations, all activities undertaken, and the
results of test activities, and may recommend fixes for vulnerabilities.