Which of the following pen testing tests yields information about a company’s technology infrastructure?

Information gathering is performed to:
i) Collect basic information about the target company and its network
ii) Determine the operating system used, platforms running, web server versions, etc.
iii) Find vulnerabilities and exploits

Which of the following pen testing tests yields information about a company’s technology infrastructure?

Information gathering is performed to:
i) Collect basic information about the target company and its network
ii) Determine the operating system used, platforms running, web server versions, etc.
iii) Find vulnerabilities and exploits

Which of the following pen testing tests yields information about a company’s technology infrastructure?

A.
Searching for web page posting patterns

B.
Analyzing the link popularity of the company’s website

C.
Searching for trade association directories

D.
Searching for a company’s job postings

Show Hint

Leave a Reply 5

Your email address will not be published. Required fields are marked *

Alie

Alie

A and D are applicable. Ecsa V8 page 233 and 234

Reply

Naveen Kumar

Naveen Kumar

D according to ECSAv8

Reply

Q 

Q 

D is definitely the correct answer.

From a company’s job postings, we can see lots of information like this: “We now recruit people skillful at AngularJS, JSP, MS SQL Server. We want to build a whole new procurement system…”

Therefore, we can know what kind of the technology this company uses for their systems.

Reply