CompTIA CASP+ (CAS-003) — Question 295

A company contracts a security consultant to perform a remote white-box penetration test. The company wants the consultant to focus on Internet-facing services without negatively impacting production services. Which of the following is the consultant MOST likely to use to identify the company's attack surface? (Choose two.)

Answer options

• A. Web crawler
• B. WHOIS registry
• C. DNS records
• D. Company's firewall ACL
• E. Internal routing tables
• F. Directory service queries

Correct answer: B, C

Explanation

The WHOIS registry provides information about domain ownership and registration, which can help identify potential points of attack. DNS records also reveal details about domain names and associated IP addresses, crucial for understanding the attack surface. The other options, while informative, do not specifically focus on identifying Internet-facing services in the same way.