CompTIA PenTest+ (PT0-002) — Question 13

A Chief Information Security Officer wants a penetration tester to evaluate the security awareness level of the company's employees.
Which of the following tools can help the tester achieve this goal?

Answer options

• A. Metasploit
• B. Hydra
• C. SET
• D. WPScan

Correct answer: C

Explanation

The Social Engineering Toolkit (SET) is specifically designed for testing social engineering and security awareness, making it the best choice for evaluating employee awareness. Metasploit focuses on exploiting vulnerabilities, Hydra is a password cracking tool, and WPScan is tailored for WordPress vulnerability assessments, none of which directly assess employee security awareness.