CompTIA PenTest+ (PT0-002) — Question 459
Company.com has hired a penetration tester to conduct a phishing test. The tester wants to set up a fake log-in page and harvest credentials when target employees click on links in a phishing email. Which of the following commands would best help the tester determine which cloud email provider the log-in page needs to mimic?
Answer options
- A. dig company.com MX
- B. whois company.com
- C. curl www.company.com
- D. dig company.com A
Correct answer: A
Explanation
The correct answer, A (dig company.com MX), is effective because it retrieves the mail exchange records for the domain, indicating which cloud email provider is used. Option B (whois company.com) provides registration details but not email provider specifics. Option C (curl www.company.com) fetches the web page content, and option D (dig company.com A) retrieves the IP address but does not provide email provider information.