A penetration tester is reviewing the following DNS reconnaissance results for comptia.org from dig: ... ;; ANSWER SECTION comptia.org. 3569 IN MX comptia.org-mail.protection.outlook.com. comptia.org. 3569 IN A 3.219.13.186. comptia.org. 3569 IN NS ns1.comptia.org. comptia.org. 3569 IN SOA haven. administrator.comptia.org. comptia.org. 3569 IN MX new.mx0.comptia.org. comptia.org. 3569 IN MX new.mx1.comptia.org. Which of the following potential issues can the penetration tester identify based on this output?

Questions › Category: PT0-002 › A penetration tester is reviewing the following DNS reconnaissance results for comptia.org from dig: … ;; ANSWER SECTION comptia.org. 3569 IN MX comptia.org-mail.protection.outlook.com. comptia.org. 3569 IN A 3.219.13.186. comptia.org. 3569 IN NS ns1.comptia.org. comptia.org. 3569 IN SOA haven. administrator.comptia.org. comptia.org. 3569 IN MX new.mx0.comptia.org. comptia.org. 3569 IN MX new.mx1.comptia.org. Which of the following potential issues can the penetration tester identify based on this output?

0 Vote Up Vote Down

Admin Staff asked 6 months ago

A penetration tester is reviewing the following DNS reconnaissance results for comptia.org from dig:
...
;; ANSWER SECTION
comptia.org. 3569 IN  MX  comptia.org-mail.protection.outlook.com. comptia.org. 3569 IN  A   3.219.13.186. comptia.org. 3569 IN  NS  ns1.comptia.org. comptia.org. 3569 IN  SOA haven. administrator.comptia.org. comptia.org. 3569 IN  MX  new.mx0.comptia.org. comptia.org. 3569 IN  MX  new.mx1.comptia.org.
Which of the following potential issues can the penetration tester identify based on this output?

A. At least one of the records is out of scope.

B. There is a duplicate MX record.

C. The NS record is not within the appropriate domain.

D. The SOA records outside the comptia.org domain.








 

Suggested Answer: B

Community Answer: A



This question is in PT0-002 CompTIA PenTest+ Exam
For getting CompTIA PenTest+ Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by CompTIA. 
Trademarks, certification & product names are used for reference only and belong to CompTIA.
The website does not contain actual questions and answers from CompTIA's Certification Exams.

A Chief Information Security Officer wants to evaluate the security of the company's e-commerce application. Which of the following tools should a penetration tester use FIRST to obtain relevant information from the application without triggering alarms?

AZ-104 Practice Test Free

Recommended

AZ-104 Practice Test Free

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Welcome Back!

Create New Account!

Retrieve your password

A Chief Information Security Officer wants to evaluate the security of the company's e-commerce application. Which of the following tools should a penetration tester use FIRST to obtain relevant information from the application without triggering alarms?

AZ-104 Practice Test Free

Related Questions

Recommended

AZ-104 Practice Test Free

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Welcome Back!

Create New Account!

Retrieve your password