CompTIA Security+ (SY0-601) — Question 317

A security analyst is using OSINT to gather information to verify whether company data is available publicly. Which of the following is the best application for the analyst to use?

Answer options

• A. theHarvester
• B. Cuckoo
• C. Nmap
• D. Nessus

Correct answer: A

Explanation

theHarvester is specifically designed for gathering public information about a target, making it the ideal tool for OSINT tasks. Cuckoo is focused on malware analysis, Nmap is a network scanning tool, and Nessus is used for vulnerability scanning, none of which are suited for public data verification.