CompTIA CASP+ (CAS-003) — Question 51

Company.org has requested a black-box security assessment be performed on key cyber terrain. One area of concern is the company's SMTP services. The security assessor wants to run reconnaissance before taking any additional action and wishes to determine which SMTP server is Internet-facing.
Which of the following commands should the assessor use to determine this information?

Answer options

• A. dnsrecon ג€"d company.org ג€"t SOA
• B. dig company.org mx
• C. nc ג€"v company.org
• D. whois company.org

Correct answer: A

Explanation

The correct command is A, as 'dnsrecon -d company.org -t SOA' helps identify the authoritative name servers for the domain, which is vital for understanding the SMTP setup. Option B, 'dig company.org mx', would provide MX records but not specifically identify the Internet-facing SMTP server. Option C, 'nc -v company.org', is more suited for checking connectivity rather than identifying SMTP servers, and Option D, 'whois company.org', retrieves registration information rather than specific service details.