CompTIA PenTest+ (PT0-001) — Question 165

Which of the following would be the BEST for performing passive reconnaissance on a target's external domain?

Answer options

• A. Peach
• B. CeWL
• C. OpenVAS
• D. Shodan

Correct answer: D

Explanation

Shodan is the best choice for passive reconnaissance as it allows users to search for devices connected to the internet and gather information without direct interaction. Peach, CeWL, and OpenVAS are not specifically designed for passive reconnaissance; Peach is focused on web application testing, CeWL is for generating wordlists from websites, and OpenVAS is a vulnerability scanner that requires active interaction.