Which of the following commands should the assessor use to determine this information?

Company.org has requested a black-box security assessment be performed on key cyber terrain. On area of concern is the company’s SMTP services. The security assessor wants to run reconnaissance before taking any additional action and wishes to determine which SMTP server is Internet-facing.
Which of the following commands should the assessor use to determine this information?
A. dnsrecon "”d company.org "”t SOA
B. dig company.org mx
C. nc "”v company.org
D. whois company.org

How to PASS CAS-004 in First Attempt?

FULL Printable PDF and Software. VALID exam to help you PASS.

comptia-exams

6 thoughts on “Which of the following commands should the assessor use to determine this information?

  1. The correct answer is A. The formatting of this website converted the – into a “”. The real question has dashes.

    1. The answer is definitely B.

      You’re on the right track though. The reason A is NOT correct is that the “-t SOA” makes the command specifically look for name servers with a “Start of Authority” record. Since we’re looking for SMTP we know it needs to be mail so we want an MX record.

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.