CompTIA PenTest+ (PT0-002) — Question 231

In the process of active service enumeration, a penetration tester identifies an SMTP daemon running on one of the target company's servers.

Which of the following actions would best enable the tester to perform phishing in a later stage of the assessment?

Answer options

• A. Test for RFC-defined protocol conformance.
• B. Attempt to brute force authentication to the service.
• C. Perform a reverse DNS query and match to the service banner.
• D. Check for an open relay configuration.

Correct answer: D

Explanation

Checking for an open relay configuration is crucial because it allows the tester to send emails without authentication, which is essential for phishing. The other options either focus on standard compliance, authentication, or domain name resolution, which do not directly assist in executing phishing attacks.