CompTIA PenTest+ (PT1-002) — Question 21

A penetration tester wants to perform reconnaissance without being detected. Which of the following activities have a MINIMAL chance of detection? (Choose two.)

Answer options

• A. Open-source research
• B. A ping sweep
• C. Traffic sniffing
• D. Port knocking
• E. A vulnerability scan
• F. An Nmap scan

Correct answer: A, C

Explanation

Open-source research (A) is a low-profile activity that typically does not raise any alarms, as it involves gathering information from publicly available sources. Traffic sniffing (C), while potentially more intrusive, can also go unnoticed if conducted passively on a network, unlike methods such as ping sweeps (B) or vulnerability scans (E) that actively probe for responses and can easily be detected.