adplus-dvertising

Welcome to the Information Gathering MCQs Page

Dive deep into the fascinating world of Information Gathering with our comprehensive set of Multiple-Choice Questions (MCQs). This page is dedicated to exploring the fundamental concepts and intricacies of Information Gathering, a crucial aspect of CompTIA PenTest+ Certification Exam PT0 002. In this section, you will encounter a diverse range of MCQs that cover various aspects of Information Gathering, from the basic principles to advanced topics. Each question is thoughtfully crafted to challenge your knowledge and deepen your understanding of this critical subcategory within CompTIA PenTest+ Certification Exam PT0 002.

frame-decoration

Check out the MCQs below to embark on an enriching journey through Information Gathering. Test your knowledge, expand your horizons, and solidify your grasp on this vital area of CompTIA PenTest+ Certification Exam PT0 002.

Note: Each MCQ comes with multiple answer choices. Select the most appropriate option and test your understanding of Information Gathering. You can click on an option to test your knowledge before viewing the solution for a MCQ. Happy learning!

Information Gathering MCQs | Page 17 of 17

Explore more Topics under CompTIA PenTest+ Certification Exam PT0 002

Q161.
Chris runs an Nmap scan of the 10.10.0.0/16 network that his employer uses as an internal network range for the entire organization. If he uses the -T0 flag, what issue is he likely to encounter?

a.

The scan will terminate when the host count reaches 0.

b.

The scan will not scan IP addresses in the .0 network.

c.

The scan will progress at a very slow speed.

d.

The scan will only scan for TCP services.

Discuss
Answer: (c).The scan will progress at a very slow speed. Explanation:The -T flag in Nmap is used to set scan timing. Timing settings range from 0 (paranoid) to 5 (insane). By default, it operates at 3, or normal. With timing set to a very slow speed, Chris will run his scan for a very, very long time on a /16 network.
Q162.
Which of the following Nmap output formats is unlikely to be useful for a penetration tester?

a.

-oA

b.

-oS

c.

-oG

d.

-oX

Discuss
Answer: (b).-oS Explanation:The Script Kiddie output format that Nmap supports is entirely for funβ€” you should never have a practical need to use the -oS flag for an actual penetration test.
Q163.
During an early phase of his penetration test, Mike recovers a binary executable file that he wants to quickly analyze for useful information. Which of the following will quickly give him a view of potentially useful information in the binary?

a.

Netcat

b.

strings

c.

Hashmod

d.

Eclipse

Discuss
Answer: (b).strings Explanation:The strings command parses a file for strings of text and outputs them. It is often useful for analyzing binary files, since you can quickly check for information with a single quick command-line tool. Netcat, while often called a pentester’s Swiss Army knife, isn’t useful for this type of analysis. Eclipse is an IDE and would be useful for editing code or for managing a full decompiler in some cases.
Q164.
Jack is conducting a penetration test for a customer in Japan. What NIC will he most likely have to check for information about his client’s networks?

a.

RIPE

b.

ARIN

c.

APNIC

d.

LACNIC

Discuss
Answer: (c).APNIC Explanation:The Asia-Pacific NIC covers Asia, Australia, New Zealand, and other countries in the region. RIPE covers central Asia, Europe, the Middle East, and Russia, and ARIN covers the United States, Canada, parts of the Caribbean region, and Antarctica.
Q165.
Lin believes that the organization she is scanning may have load balancers in use. Which of the following techniques will help her detect them if they are DNS-based load balancers?

a.

Use Nmap and look for service port differences.

b.

Use ping and check for TTL and IP changes.

c.

Use Nessus and check for service version differences.

d.

Use WHOIS to check for multiple hostnames.

Discuss
Answer: (b).Use ping and check for TTL and IP changes. Explanation:Checking for DNS load balancing via ping requires checking time to live (TTL) and IP address differences. Using Nmap or Nessus is less likely to be successful, because most devices in a pool should provide the same services and service versions. WHOIS records do not show load balancing details.
Q166.
Charles uses the following hping command to send traffic to a remote system:
hping remotesite.com -S -V -p 80

What type of traffic will the remote system see?

a.

HTTP traffic to TCP port 80

b.

TCP SYNs to TCP port 80

c.

HTTPS traffic to TCP port 80

d.

A TCP three-way handshake to TCP port 80

Discuss
Answer: (b).TCP SYNs to TCP port 80 Explanation:Charles has issued a command that asks hping to send SYN traffic (-S ) in verbose mode (-V ) to remotesite.com on port 80.
Q167.
What does a result of * * * mean during a traceroute?

a.

No route to the host exists.

b.

All hosts are queried.

c.

There is no response to the query, perhaps a timeout, but traffic is going through.

d.

A firewall is blocking responses.

Discuss
Answer: (c).There is no response to the query, perhaps a timeout, but traffic is going through. Explanation:A series of three asterisks during a traceroute means that the host query has failed but that traffic is passing through. Many hosts are configured to not respond to this type of traffic but will route traffic properly.
Q168.
Rick wants to describe flaws found in an organization’s internally developed web applications using a standard model. Which of the following is best suited to his need?

a.

CWE

b.

The Diamond Model

c.

CVE

d.

OWASP

Discuss
Answer: (a).CWE Explanation:The Common Weakness Enumeration is a community-developed list of hardware and software weaknesses. Although OWASP provides a massive amount of application security knowledge, it is not in and of itself a listing or standard for listing flaws. The Diamond Model is a model designed to evaluate intrusions, and CVE, the Common Vulnerabilities and Exposures database, focuses on vulnerabilities for commercial and open source projects and thus will not typically be used for internal applications and code.
Q169.
Why would a penetration tester look for expired certificates as part of an information-gathering and enumeration exercise?

a.

They indicate improper encryption, allowing easy decryption of traffic.

b.

They indicate services that may not be properly updated or managed.

c.

Attackers install expired certificates to allow easy access to systems.

d.

Penetration testers will not look for expired certificates; they only indicate procedural issues.

Discuss
Answer: (b).They indicate services that may not be properly updated or managed. Explanation:Penetration testers are always on the lookout for indicators of improper maintenance. Lazy or inattentive administrators are more likely to make mistakes that allow penetration testers in.
Q170.
John has gained access to a system that he wants to use to gather more information about other hosts in its local subnet. He wants to perform a port scan but cannot install other tools to do so. Which of the following tools isn’t usable as a port scanner?

a.

Hping

b.

Netcat

c.

Telnet

d.

ExifTool

Discuss
Answer: (d).ExifTool Explanation:All of these tools except ExifTool are usable as port scanners with some clever use of command-line flags and options.
Page 17 of 17

Suggested Topics

Are you eager to expand your knowledge beyond CompTIA PenTest+ Certification Exam PT0 002? We've curated a selection of related categories that you might find intriguing.

Click on the categories below to discover a wealth of MCQs and enrich your understanding of Computer Science. Happy exploring!

Digital Communication

Master the basics of electronic communication with our Digital Communication MCQs....

Cyber Security

Understand the fundamentals of safeguarding digital assets with our Cyber Security...

Internet of Things (IoT)

Discover how devices communicate with each other in the smart world with our IoT...

Computer Hardware

Explore the tangible components of computers with our Computer Hardware MCQs. Learn...

Formal Languages and Automata Theory

Discover the mathematical models of computation with our Formal Languages and...

Digital Logic Design

Understand the foundation of digital computers with our Digital Logic Design MCQs....

JavaScript

Strengthen your web development skills with our JavaScript MCQs. Understand core...

CompTIA PenTest+ Certification Exam PT0 002

Prepare for the CompTIA PenTest+ PT0-002 exam with our targeted MCQs. Covering...

Cloud Computing

Stay on top of the biggest trend in IT with our Cloud Computing MCQs. These questions...