Exam PT0-002 topic 1 question 344 discussion

Actual exam question from CompTIA's PT0-002

Question #: 344
Topic #: 1

Company.com has hired a penetration tester to conduct a phishing test. The tester wants to set up a fake log-in page and harvest credentials when target employees click on links in a phishing email. Which of the following commands would best help the tester determine which cloud email provider the log-in page needs to mimic?

A. dig company.com MX
B. whois company.com
C. curl www.company.com
D. dig company.com A

Show Suggested Answer

Suggested Answer: A 🗳️

by 7899388 at Sept. 6, 2024, 5:04 a.m.

Comments

Submit Cancel

7899388

11 months, 1 week ago

Selected Answer: A

The correct answer is A. dig company.com MX. Here’s why: • The MX (Mail Exchange) record is used to specify the mail server responsible for receiving email for a domain. By using the dig company.com MX command, the penetration tester can determine which email provider Company.com is using, allowing them to mimic the appropriate log-in page for the phishing test. The other options do not directly help with identifying the cloud email provider: • B. whois company.com provides domain registration information but does not give details about email services. • C. curl www.company.com retrieves the webpage content but is unrelated to email providers. • D. dig company.com A retrieves the IP address of the domain but does not provide email-specific information.

upvoted 2 times

...