Company.org has requested a black-box security assessment be performed on key cyber terrain. On area of concern is the company’s SMTP services. The security assessor wants to run reconnaissance before taking any additional action and wishes to determine which SMTP server is Internet-facing.
Which of the following commands should the assessor use to determine this information?
A. dnsrecon "”d company.org "”t SOA
B. dig company.org mx
C. nc "”v company.org
D. whois company.org
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
B. dig company.org mx
The correct answer is A. The formatting of this website converted the – into a “”. The real question has dashes.
The answer is definitely B.
You’re on the right track though. The reason A is NOT correct is that the “-t SOA” makes the command specifically look for name servers with a “Start of Authority” record. Since we’re looking for SMTP we know it needs to be mail so we want an MX record.
B, for sure.
A would be correct if it was like this: dnsrecon -d -t std
Agreed – Dig
Answer is B – dig mx gives you the SMTP info – try it yourself (linux/unix system)