CompTIA PenTest+ (PT0-003) — Question 45

During an assessment, a penetration tester obtains access to an internal server and would like to perform further reconnaissance by capturing LLMNR traffic. Which of the following tools should the tester use?

Answer options

• A. Burp Suite
• B. Netcat
• C. Responder
• D. Nmap

Correct answer: C

Explanation

Responder is specifically designed to capture LLMNR traffic and respond to name resolution requests, making it the appropriate tool for this task. Burp Suite is primarily a web application security tool, Netcat is a versatile networking utility but not specifically for LLMNR, and Nmap is used for network discovery and security auditing, not for capturing LLMNR traffic.