Which of the following is the BEST passive method of obtaining the technical contacts for the website?
A penetration tester is conducting an engagement against an internet-facing web application and planning a phishing campaign.
Which of the following is the BEST passive method of obtaining the technical contacts for the website?
A . WHOIS domain lookup
B. Job listing and recruitment ads
C. SSL certificate information
D. Public data breach dumps
Answer: A
Explanation:
The BEST passive method of obtaining the technical contacts for the website would be a WHOIS domain lookup. WHOIS is a protocol that provides information about registered domain names, such as the registration date, registrant’s name and contact information, and the name servers assigned to the domain. By performing a WHOIS lookup, the penetration tester can obtain the contact information of the website’s technical staff, which can be used to craft a convincing phishing email.
Latest PT0-002 Dumps Valid Version with 110 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund