Question: 19
Why would you consider sending an email to an address that you know does not exist within the company you are performing a Penetration Exam for?
A. To determine who is the holder of the root account
B. To perform a DoS
C. To create needless SPAM
D. To illicit a response back that will reveal information about email servers and how they treat
undeliverable mail
E. To exam for virus protection
Answer: D
Explanation:
Sending a bogus email is one way to find out more about internal servers. Also, to gather
additional IP addresses and learn how they treat mail.
No comments:
Post a Comment