In a penetration test, which phase focuses on gathering information about the target network or device?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the CCST Cybersecurity Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

In a penetration test, which phase focuses on gathering information about the target network or device?

Explanation:
Gathering information about the target network or device is the reconnaissance phase, often called discovery. In this stage, testers map out what exists on the target, identify hosts, services, open ports, operating systems, and potential entry points. They use both passive methods (like OSINT and observing leaked data) and active methods (scanning and enumeration) to build a picture of the environment before attempting any access. This information sets the direction for later testing steps. The other phases serve different purposes: exploitation is about taking advantage of vulnerabilities to gain access; post-exploitation focuses on what you can do after you’ve breached the system; and lateral movement involves moving through the network to reach additional assets.

Gathering information about the target network or device is the reconnaissance phase, often called discovery. In this stage, testers map out what exists on the target, identify hosts, services, open ports, operating systems, and potential entry points. They use both passive methods (like OSINT and observing leaked data) and active methods (scanning and enumeration) to build a picture of the environment before attempting any access. This information sets the direction for later testing steps.

The other phases serve different purposes: exploitation is about taking advantage of vulnerabilities to gain access; post-exploitation focuses on what you can do after you’ve breached the system; and lateral movement involves moving through the network to reach additional assets.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy