CompTIA PenTest+ (PT0-001) — Question 193

A penetration tester wants to script out a way to discover all the RPTR records for a range of IP addresses. Which of the following is the MOST efficient to utilize?

Answer options

• A. nmap -p 53 -oG dnslist.txt | cut -d ג€:ג€ -f 4
• B. nslookup -ns 8.8.8.8 << dnslist.txt
• C. for x in {1...254}; do dig -x 192.168.$x.$x; done
• D. dig -r > echo ג€8.8.8.8ג€ >> /etc/resolv.conf

Correct answer: A

Explanation

Option A is the most efficient because it uses nmap to scan for DNS records and outputs the results to a file, which can then be easily parsed. Option B is incorrect as it attempts to query a single DNS server without fully utilizing the DNS range. Option C is not as efficient because it involves a loop that executes multiple dig commands individually, leading to longer execution times. Option D is invalid as it incorrectly combines commands and doesn't relate to retrieving RPTR records effectively.