adplus-dvertising

Welcome to the Information Gathering MCQs Page

Dive deep into the fascinating world of Information Gathering with our comprehensive set of Multiple-Choice Questions (MCQs). This page is dedicated to exploring the fundamental concepts and intricacies of Information Gathering, a crucial aspect of CompTIA PenTest+ Certification Exam PT0 002. In this section, you will encounter a diverse range of MCQs that cover various aspects of Information Gathering, from the basic principles to advanced topics. Each question is thoughtfully crafted to challenge your knowledge and deepen your understanding of this critical subcategory within CompTIA PenTest+ Certification Exam PT0 002.

frame-decoration

Check out the MCQs below to embark on an enriching journey through Information Gathering. Test your knowledge, expand your horizons, and solidify your grasp on this vital area of CompTIA PenTest+ Certification Exam PT0 002.

Note: Each MCQ comes with multiple answer choices. Select the most appropriate option and test your understanding of Information Gathering. You can click on an option to test your knowledge before viewing the solution for a MCQ. Happy learning!

Information Gathering MCQs | Page 4 of 17

Explore more Topics under CompTIA PenTest+ Certification Exam PT0 002

Q31.
Which of the following databases is an open wireless network database?

a.

Shodan

b.

Censys

c.

Wigle.net

d.

ExifTool

Discuss
Answer: (c).Wigle.net Explanation:Wigle.net is an open wireless network database where wardriving data can be matched to.
Q32.
What is the purpose of public BGP route information servers known as BGP looking glasses?

a.

To provide information about wireless networks

b.

To facilitate wardriving activities

c.

To offer routing information for organizations

d.

To conduct DNS zone transfers

Discuss
Answer: (c).To offer routing information for organizations Explanation:BGP looking glasses provide routing information for organizations, offering insight into how their external network connectivity is set up.
Q33.
What is wardriving?

a.

Scanning for vulnerabilities in databases

b.

Scanning for wireless networks while mobile

c.

Scanning for exposed systems using security search engines

d.

Scanning for vulnerabilities in web applications

Discuss
Answer: (b).Scanning for wireless networks while mobile Explanation:Wardriving is the process of scanning for wireless networks while mobile, usually in a car or by walking through open areas.
Q34.
What is the purpose of security search engines like Shodan and Censys?

a.

To actively probe networks for vulnerabilities

b.

To provide up-to-date information for penetration testers

c.

To facilitate warwalking activities

d.

To search for exposed systems belonging to an organization

Discuss
Answer: (d).To search for exposed systems belonging to an organization Explanation:Security search engines like Shodan and Censys are used to search for exposed systems belonging to an organization by domain or IP address.
Q35.
How can penetration testers use the Google Hacking Database (GHDB) for information gathering?

a.

To perform active reconnaissance

b.

To find résumés and email addresses

c.

To obtain ideas relevant to intelligence gathering

d.

To conduct DNS zone transfers

Discuss
Answer: (c).To obtain ideas relevant to intelligence gathering Explanation:The Google Hacking Database (GHDB) can be used by penetration testers to obtain ideas that may be relevant to their intelligence gathering.
Q36.
What is the purpose of sites like haveibeenpwned.com and tools like pwnedOrNot?

a.

To search for exposed systems belonging to an organization

b.

To find résumés and email addresses

c.

To provide access to existing password dump information

d.

To conduct DNS zone transfers

Discuss
Answer: (c).To provide access to existing password dump information Explanation:Sites like haveibeenpwned.com and tools like pwnedOrNot provide easy access to existing password dump information.
Q37.
Why are source code repositories like GitHub important for penetration testers?

a.

They provide access to existing password dump information

b.

They facilitate warwalking activities

c.

They help in obtaining and analyzing configuration details, interfaces, and IP addresses

d.

They conduct zone transfers for DNS information

Discuss
Answer: (c).They help in obtaining and analyzing configuration details, interfaces, and IP addresses Explanation:Source code repositories like GitHub are important for penetration testers as they provide information about configurations, interfaces, IP addresses, and other useful details.
Q38.
What challenge do penetration testers face in passive enumeration tasks for cloud and hosted services?

a.

Lack of tools for reconnaissance

b.

Shared infrastructure and dynamic IP addresses

c.

Difficulty in accessing public DNS information

d.

Limited availability of code in source code repositories

Discuss
Answer: (b).Shared infrastructure and dynamic IP addresses Explanation:Penetration testers face the challenge of shared infrastructure and dynamic IP addresses in passive enumeration tasks for cloud and hosted services.
Q39.
What infrastructure as code tools are generating useful code for penetration testers?

a.

Shodan, Censys, and FOCA

b.

CloudFormation, Ansible, Puppet, Chef, and SaltStack

c.

WHOIS, nslookup, and dig

d.

Wardriving, warwalking, and wardriving

Discuss
Answer: (b).CloudFormation, Ansible, Puppet, Chef, and SaltStack Explanation:Infrastructure as code tools like CloudFormation, Ansible, Puppet, Chef, and SaltStack are generating useful code for penetration testers.
Q40.
What is the primary goal of active reconnaissance in the penetration testing process?

a.

To gather information via passive methods

b.

To build a list of potential targets

c.

To conduct DNS zone transfers

d.

To perform wardriving activities

Discuss
Answer: (b).To build a list of potential targets Explanation:The primary goal of active reconnaissance in the penetration testing process is to build a list of potential targets.
Page 4 of 17

Suggested Topics

Are you eager to expand your knowledge beyond CompTIA PenTest+ Certification Exam PT0 002? We've curated a selection of related categories that you might find intriguing.

Click on the categories below to discover a wealth of MCQs and enrich your understanding of Computer Science. Happy exploring!

Web Technologies

Master the building blocks of the web with our Web Technologies MCQs. From HTML and...

SQL Server

Master Microsoft's database server with our SQL Server MCQs. Topics cover database...

Cyber Security

Understand the fundamentals of safeguarding digital assets with our Cyber Security...

Wireless and Mobile Communications

Get to grips with modern communication technologies with our Wireless and Mobile...

Neural Networks

Dive into the world of Artificial Intelligence with our Neural Networks MCQs. Uncover...

Formal Languages and Automata Theory

Discover the mathematical models of computation with our Formal Languages and...

Cryptography and Network Security

Secure your knowledge of information security with our Cryptography and Network...

PHP

Venture into server-side scripting with our PHP MCQs. Cover everything from syntax...

R Programming

Unleash the power of statistical computing with our R Programming MCQs. Topics cover...