Eccouncil Exam ECSAv10 Topic 1 Question 86 Discussion

Actual exam question for Eccouncil's ECSAv10 exam

Question #: 86
Topic #: 1

[All ECSAv10 Questions]

Information gathering is performed to:

i) Collect basic information about the target company and its network

ii) Determine the operating system used, platforms running, web server versions, etc.

iii) Find vulnerabilities and exploits

Which of the following pen testing tests yields information about a company's technology infrastructure?

ASearching for web page posting patterns

BAnalyzing the link popularity of the company's website

CSearching for trade association directories

DSearching for a company's job postings

Show Suggested Answer

Suggested Answer: D

by Sylvie at Dec 06, 2024, 10:44 AM

Limited Time Offer

25%

Off

Get Premium ECSAv10 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Tamekia

7 days ago

I'm going with (i) and (ii) on this one. Gotta have that solid foundation of knowledge before you can really dive in. Although, I have to say, searching for job postings sounds like a great way to get a peek behind the curtain. Maybe I'll try that next time I'm feeling a bit like a corporate spy.

upvoted 0 times

...

Gerald

12 days ago

Hmm, let's see... I'd say (i) and (ii) are the way to go. You gotta know what you're dealing with before you can start poking around. Though, I have to admit, the idea of searching for job postings to learn about a company's tech is kind of genius. Maybe I'll try that next time I'm feeling a little mischievous.

upvoted 0 times

...

Adelina

16 days ago

Ooh, this one's a tricky one. I'd have to go with (i) and (ii) - gotta know your enemy, am I right? Although, personally, I'd throw in a bit of (iii) just for the fun of it. Can't have a pen test without a little vulnerability hunt, right?

upvoted 0 times

...

1 months ago

I think the answer is B) Analyzing the link popularity of the company's website.

upvoted 0 times

...