adplus-dvertising

Welcome to the Information Gathering MCQs Page

Dive deep into the fascinating world of Information Gathering with our comprehensive set of Multiple-Choice Questions (MCQs). This page is dedicated to exploring the fundamental concepts and intricacies of Information Gathering, a crucial aspect of CompTIA PenTest+ Certification Exam PT0 002. In this section, you will encounter a diverse range of MCQs that cover various aspects of Information Gathering, from the basic principles to advanced topics. Each question is thoughtfully crafted to challenge your knowledge and deepen your understanding of this critical subcategory within CompTIA PenTest+ Certification Exam PT0 002.

frame-decoration

Check out the MCQs below to embark on an enriching journey through Information Gathering. Test your knowledge, expand your horizons, and solidify your grasp on this vital area of CompTIA PenTest+ Certification Exam PT0 002.

Note: Each MCQ comes with multiple answer choices. Select the most appropriate option and test your understanding of Information Gathering. You can click on an option to test your knowledge before viewing the solution for a MCQ. Happy learning!

Information Gathering MCQs | Page 1 of 17

Explore more Topics under CompTIA PenTest+ Certification Exam PT0 002

Q1.
What is the first step in many penetration tests?

a.

Active intelligence gathering

b.

Passive intelligence gathering

c.

Engaging target systems

d.

Documenting target organization

Discuss
Answer: (b).Passive intelligence gathering Explanation:The first step in many penetration tests is to gather information about the organization via passive intelligence gathering methods.
Q2.
What does OSINT stand for in the context of information gathering for penetration tests?

a.

Open Source Investigation Techniques

b.

Operational System Interaction

c.

Open Source Intelligence

d.

Operational Security and Information Networking Technologies

Discuss
Answer: (c).Open Source Intelligence Explanation:OSINT stands for open source intelligence, which includes data from publicly available sources such as DNS registrars, web searches, security-centric search engines, and various other information sources.
Q3.
What does OSINT help determine in the context of penetration testing?

a.

Organization's policies

b.

Organization's financial status

c.

Organization's footprint

d.

Organization's marketing strategy

Discuss
Answer: (c).Organization's footprint Explanation:OSINT is often used to determine the organization’s footprint: a listing of all the systems, networks, and other technology that an organization has.
Q4.
What is CVE?

a.

A cybersecurity conference

b.

A government agency

c.

Common Vulnerabilities and Exposures

d.

Cybersecurity Verification Engine

Discuss
Answer: (c).Common Vulnerabilities and Exposures Explanation:CVE stands for Common Vulnerabilities and Exposures, and it identifies vulnerabilities by name, number, and description, providing a common scheme for referring to vulnerabilities.
Q5.
Which organization developed the Common Weakness Enumeration (CWE) list?

a.

CIA

b.

FBI

c.

MITRE Corporation

d.

NSA

Discuss
Answer: (c).MITRE Corporation Explanation:The Common Weakness Enumeration (CWE) is a community-developed list developed and maintained by the MITRE Corporation.
Q6.
What does the Common Weakness Enumeration (CWE) list focus on?

a.

Hardware weaknesses

b.

Software weaknesses

c.

Network weaknesses

d.

Physical security weaknesses

Discuss
Answer: (b).Software weaknesses Explanation:The Common Weakness Enumeration (CWE) tackles a broad range of software weaknesses and breaks them down by research concepts, development concepts, and architectural concepts.
Q7.
What may on-site penetration testing involve?

a.

Remote access control testing

b.

Dumpster diving

c.

Social engineering engagements

d.

Network and system analysis

Discuss
Answer: (b).Dumpster diving Explanation:On-site penetration testing may involve activities such as dumpster diving to recover paper records and other information.
Q8.
What type of information can public records provide in the context of physical location information?

a.

Internal practices and procedures

b.

Ownership and tax records

c.

Personnel names and email addresses

d.

Technologies used by the organization

Discuss
Answer: (b).Ownership and tax records Explanation:Public records can provide ownership and tax records, which can be useful in understanding physical locations during penetration testing.
Q9.
What physical security elements might a penetration tester look for when understanding a target's physical locations?

a.

Software used

b.

Email addresses of personnel

c.

Locations of cameras, entrances, and exits

d.

Internal practices and procedures

Discuss
Answer: (c).Locations of cameras, entrances, and exits Explanation:When understanding physical locations, a penetration tester might look for physical security elements like locations of cameras, entrances, exits, guards, fences, and other controls.
Q10.
How can electronic documents assist in understanding an organization's structure?

a.

By providing information on technologies used

b.

By detailing internal practices and procedures

c.

By offering names and email addresses of personnel

d.

All of the above

Discuss
Answer: (d).All of the above Explanation:Electronic documents can provide information on technologies used, internal practices and procedures, as well as names and email addresses of personnel.
Page 1 of 17

Suggested Topics

Are you eager to expand your knowledge beyond CompTIA PenTest+ Certification Exam PT0 002? We've curated a selection of related categories that you might find intriguing.

Click on the categories below to discover a wealth of MCQs and enrich your understanding of Computer Science. Happy exploring!

MATLAB

Hone your computational mathematics skills with our MATLAB MCQs. Understand...

R Programming

Unleash the power of statistical computing with our R Programming MCQs. Topics cover...

Object Oriented Programming

Enhance your coding skills with our Object Oriented Programming MCQs. Understand...

C Programming

Master one of the most widely used programming languages with our C Programming MCQs....

Discrete Mathematics

Refine your mathematical skills essential for computer science with our Discrete...

Operating System

Dive deep into the core of computers with our Operating System MCQs. Learn about...

MongoDB

Learn the leading NoSQL database with our MongoDB MCQs. Understand everything from...

MS Office

Master the suite of productivity tools with our MS Office MCQs. From Word and Excel...

Data Structures and Algorithms

Journey through the fundamentals of Data Structures and Algorithms with our extensive...