A security analyst is identifying potential vulnerabilities in the network. Which TWO of the following are examples of passive reconnaissance?
Google search uses public data without interacting with the target network.
Why this answer
Passive reconnaissance involves gathering information without directly interacting with the target systems. A Google search for company information (Option B) collects publicly available data from search engine caches and indexed pages, which does not send any packets to the target's network. A WHOIS lookup (Option C) queries public registration databases for domain ownership and contact details, again without touching the target's infrastructure.
Both methods rely on third-party sources and leave no trace on the target's systems.
Exam trap
Cisco often tests the distinction between passive and active reconnaissance by including 'vulnerability scan' as a distractor, because candidates may mistakenly think it is passive since it can be run with minimal privileges, but it always involves direct interaction with the target.