In the process of active service enumeration, a penetration tester identifies an SMTP daemon running on one of the target company’s servers.
Which of the following actions would BEST enable the tester to perform phishing in a later stage of the assessment?
A . Test for RFC-defined protocol conformance.
B. Attempt to brute force authentication to the service.
C. Perform a reverse DNS query and match to the service banner.
D. Check for an open relay configuration.
Answer: D
Explanation:
SMTP is a protocol associated with mail servers. Therefore, for a penetration tester, an open relay configuration can be exploited to launch phishing attacks.
Latest PT0-002 Dumps Valid Version with 110 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund