CompTIA PenTest+ (PT1-002) — Question 44

A large client wants a penetration tester to scan for devices within its network that are Internet facing. The client is specifically looking for Cisco devices with no authentication requirements. Which of the following settings in Shodan would meet the client's requirements?

Answer options

• A. ג€cisco-iosג€ ג€admin+1234ג€
• B. ג€cisco-iosג€ ג€no-passwordג€
• C. ג€cisco-iosג€ ג€default-passwordsג€
• D. ג€cisco-iosג€ ג€last-modifiedג€

Correct answer: B

Explanation

The correct option is B, '€cisco-ios€ €no-password€', as it specifically targets Cisco devices that do not have any authentication set up. Option A includes an authentication requirement, while C implies the use of default credentials, both of which do not align with the client's request for devices without authentication. Option D is irrelevant as it pertains to modification dates rather than authentication settings.