Reconnaissance — CompTIA PenTest+ (PT0-002) Practice Questions
Reconnaissance is the information-gathering phase of a penetration test in which the tester collects data about the target without necessarily touching its production systems directly. PT0-002 distinguishes passive reconnaissance, which uses publicly available sources such as WHOIS records, DNS lookups, certificate transparency logs, and social media, from active reconnaissance, which involves direct interaction with target infrastructure. Candidates must know common open-source intelligence (OSINT) tools and techniques, as well as how gathered data feeds into later phases such as scanning and exploitation planning. Effective reconnaissance often determines the quality and credibility of the entire engagement.
Free questions on reconnaissance
Which of the following is NOT a common information gathering technique?
Free question · medium · full answer + explanation
More reconnaissance questions in the full bank
- You need to perform reconnaissance on a target network. Which command-line tool performs DNS enumeration? Unlock answer & explanation →
- What information can be obtained from LDAP enumeration on Active Directory? Unlock answer & explanation →
- An organization requests a penetration test of their classified network segment. The tester is not provided with any network diagrams, credentials, or system documentation. What type of assessment is this? Unlock answer & explanation →