Q. What does the Common Weakness Enumeration (CWE) list focus on?

View solution

Q. What may on-site penetration testing involve?

View solution

Q. What type of information can public records provide in the context of physical location information?

View solution

Q. What physical security elements might a penetration tester look for when understanding a target's physical locations?

View solution

Q. How can electronic documents assist in understanding an organization's structure?

View solution

Q. What tool is designed to allow quick viewing of document metadata?

View solution

Q. Which metadata scanning tool uses a search engine to gather metadata information from various file types?

View solution

Q. Where can valuable metadata be found in common business files like Microsoft Office files and PDFs?

View solution

Q. What web archive provides point-in-time snapshots of websites and other data?

View solution

Q. How can social media platforms like LinkedIn and Facebook be leveraged to identify employees?

View solution

Q. What can be valuable in identifying an organization's technology stack?

View solution

Q. What is external footprinting in the context of passive reconnaissance?

View solution

Q. Who manages the Domain Name System (DNS) root zone?

View solution

Q. What information can be obtained through a WHOIS query?

View solution

Q. What information can be obtained from WHOIS information about a domain?

View solution

Q. How can the host command in Linux be useful for information gathering?

View solution

Q. What tool is commonly used for DNS lookups on Windows, Linux, and macOS systems?

View solution

Q. What type of information can be obtained from TLS certificates?

View solution

Q. What does an out-of-date TLS certificate indicate?

View solution

Q. How can a penetration tester conduct a DNS zone transfer using the 'dig' command?

View solution