A security firm has been hired to perform an external penetration test against a company. The only information the firm received was the company name. Which of the following passive reconnaissance approaches would be MOST likely to yield positive initial results?
A. Specially craft and deploy phishing emails to key company leaders.
B. Run a vulnerability scan against the company's external website.
C. Runtime the company's vendor/supply chain.
D. Scrape web presences and social-networking sites.
A. Specially craft and deploy phishing emails to key company leaders.
B. Run a vulnerability scan against the company's external website.
C. Runtime the company's vendor/supply chain.
D. Scrape web presences and social-networking sites.