A penetration tester is preparing to perform activities for - CompTIA Pentest+ PT0-003

Question

A penetration tester is preparing to perform activities for a client that requires minimal disruption to company operations.
Which of the following are considered passive reconnaissance tools? (Choose two.)

Answers
  1. correct
  5. correct
Explanation

Correct Answers:A. Wireshark E. Shodan

Passive reconnaissance involves gathering information about a target without directly interacting with its systems to avoid detection or disruption.

  1. Wireshark 

    • Wireshark is a packet capture tool that allows a penetration tester to analyze network traffic passively. It does not generate traffic or actively scan a target but instead listens to existing network traffic, making it a passive reconnaissance tool.

  2. Shodan 

    • Shodan is an internet-wide search engine that scans and indexes devices connected to the internet. A penetration tester can use it to search for publicly available information about a target's infrastructure (e.g., exposed services, open ports, vulnerable devices) without directly interacting with the target. This makes it a passive reconnaissance tool.

Why the Other Options are Incorrect?

Nessus

  • Nessus is an active vulnerability scanner. It sends probes and interacts with the target network to identify vulnerabilities, making it an active reconnaissance tool, not passive.

Retina

  • Retina is another vulnerability scanner that actively scans for security weaknesses, generating network traffic and potentially disrupting services. This makes it an active reconnaissance tool rather than a passive one.

Burp Suite 

  • Burp Suite is a web security testing tool used for actively scanning and interacting with web applications. It allows a penetration tester to manipulate traffic, conduct intrusive testing, and actively engage with a target, which is not considered passive reconnaissance.
View Full Course Content Try our Free Questions

No Payment Cards Needed

CompTIA Pentest+ exam

Normally $69

$45/month

Subjects Included
  • CompTIA Pentest+
Additional Features
  • Over 300 Practice Questions with Answers
  • Quizzes in every Lesson Provided
  • Detailed Analysis of Questions with Answers and Explanations
  • Detailed Notes with Chapters, Topics & Lessons
  • 24/7 Live chat support
  • 24/7 WhatsApp support
  • One Full Month Access

Related Courses

Discover a range of courses designed to provide you with the knowledge and skills needed to excel in your chosen field.

a prepsaret exam featured image
CompTIA Prep

220-1201 - CompTIA A+ Exam Core 1

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

220-1202 - CompTIA A+ Exam Core 2

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

CompTIA SecurityX CAS-005

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

CompTIA Cloud Essentials+ CLO-002

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

CompTIA Network+ N10-009

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

CompTIA Security+ SY0-701

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

CompTIA Data + DA0-001

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

CompTIA Linux+ XK0-005

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

CompTIA CySA+ CSO-003

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

CompTIA DataSys+ DS0-001

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

CompTIA Tech+ FC0-U71

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

CompTIA Cloud+ CV0-004

Start Course Prep
a prepsaret exam featured image
CompTIA Prep

CompTIA Server+ SK0-005

Start Course Prep

Easy way to pass your test within a week with prepsaret

You don’t need one month to study and pass your test.
With Prepsaret, it takes you a few days to grasp all the concepts needed to pass your exams

View Courses Offered