CompTIA Security+ (SY0-501) — Question 169

A penetration tester is crawling a target website that is available to the public. Which of the following represents the actions the penetration tester is performing?

Answer options

• A. URL hijacking
• B. Reconnaissance
• C. White box testing
• D. Escalation of privilege

Correct answer: B

Explanation

The correct answer is B, as reconnaissance involves gathering information about a target, which is exactly what the penetration tester is doing by crawling the website. The other options refer to different security practices: URL hijacking involves manipulating URLs, white box testing is a testing methodology with source code access, and escalation of privilege deals with gaining higher access rights after an initial compromise.