Question

A penetration tester is conducting an assessment on Comptia.org and runs the following command from a coffee shop while connected to the public Internet:

C:\>nslookup -querytype=MX
Server: Unknown
Address:

MX preference=10, mail exchanger =
MX preference=20, mail exchanger =
Internet address =


Which of the following should the penetration tester conclude about the command output?

A. The public/private views on the Comptia.org DNS servers are misconfigured
B. Comptia.org is running an older mail server, which may be vulnerable to exploits
C. The DNS SPF records have not been updated for Comptia.org
D. is a backup mail server that may be more vulnerable to attack

Answer 1

Without the specific server names and internet addresses in the nslookup command output, the penetration tester cannot conclude definitive information about the configuration or vulnerabilities of Comptia.org's mail servers.

Step-by-step explanation:

When a penetration tester runs an nslookup command with -querytype=MX against Comptia.org, they are querying for the Mail Exchange (MX) records, which specify the mail servers responsible for accepting email messages on behalf of a domain. The command output shown indicates that there are at least two mail servers configured with different preferences, but the actual server names and internet addresses are not revealed in the question. Therefore, it is impossible to determine the conclusion accurately without this information. However, the lack of visible server information in the output does not necessarily indicate misconfiguration, vulnerabilities in the mail server, outdated SPF records, or that a particular server is a backup or more vulnerable to attack.