CompTIA PenTest+ (PT0-003) — Question 7

A penetration tester is performing network reconnaissance. The tester wants to gather information about the network without causing detection mechanisms to flag the reconnaissance activities. Which of the following techniques should the tester use?

Answer options

• A. Sniffing
• B. Banner grabbing
• C. TCP/UDP scanning
• D. Ping sweeps

Correct answer: A

Explanation

Sniffing is the best method because it allows the tester to capture and analyze network traffic passively, making it less likely to be detected. In contrast, methods like TCP/UDP scanning and ping sweeps actively probe the network, which can raise alarms. Banner grabbing, while informative, also involves direct interaction with services that might trigger detection mechanisms.