CompTIA PenTest+ (PT1-002) — Question 37

In the process of active service enumeration, a penetration tester identifies an SMTP daemon running on one of the target company's servers. Which of the following actions would BEST enable the tester to perform phishing in a later stage of the assessment?

Answer options

• A. Test for RFC-defined protocol conformance.
• B. Attempt to brute force authentication to the service.
• C. Perform a reverse DNS query and match to the service banner.
• D. Check for an open relay configuration.

Correct answer: D

Explanation

Checking for an open relay configuration is crucial as it allows the tester to send emails from the server without authentication, which is a common technique used in phishing attacks. The other options either focus on compliance, authentication challenges, or service identification, which do not directly facilitate phishing in the same way that exploiting an open relay does.