CompTIA PenTest+ (PT1-002) — Question 34

A company that requires minimal disruption to its daily activities needs a penetration tester to perform information gathering around the company's web presence.
Which of the following would the tester find MOST helpful in the initial information-gathering steps? (Choose two.)

Answer options

• A. IP addresses and subdomains
• B. Zone transfers
• C. DNS forward and reverse lookups
• D. Internet search engines
• E. Externally facing open ports
• F. Shodan results

Correct answer: D, F

Explanation

Internet search engines (D) provide a broad range of publicly available information that can be useful in understanding the company's online footprint. Shodan results (F) offer insights into devices and services exposed to the internet, which is crucial for a penetration tester. The other options, while potentially useful, either require more technical access or do not provide as comprehensive an overview in the initial phase.