Which of the following actions would BEST enable the tester to perform phishing in a later stage of the assessment?

In the process of active service enumeration, a penetration tester identifies an SMTP daemon running on one of the target company’s servers.

Which of the following actions would BEST enable the tester to perform phishing in a later stage of the assessment?
A . Test for RFC-defined protocol conformance.
B. Attempt to brute force authentication to the service.
C. Perform a reverse DNS query and match to the service banner.
D. Check for an open relay configuration.

Answer: D

Explanation:

SMTP is a protocol associated with mail servers. Therefore, for a penetration tester, an open relay configuration can be exploited to launch phishing attacks.

Latest PT0-002 Dumps Valid Version with 110 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments