Question

Company.org has requested a black-box security assessment be performed on key cyber terrain. One area of concern is the company's SMTP services. The security assessor wants to run reconnaissance before taking any additional action and wishes to determine which SMTP server is Internet-facing.

Which of the following commands should the assessor use to determine this information?

A. dnsrecon -d -t SOA
B. dig mx
C. nc -v
D. whois

Answer 1

The assessor should use the 'dig mX' command to determine the Internet-facing SMTP server of company.org.

Step-by-step explanation:

To determine which SMTP server of company.org is Internet-facing, the security assessor can use the command dig mX. The 'dig' command is a DNS tool that allows you to query DNS records. By using the 'mX' option, the assessor will retrieve the mail exchanger (MX) records of company.org. The MX records contain information about the SMTP servers responsible for handling emails sent to company.org.

For example, the assessor can enter the command 'dig mx company.org' in the command line. The output will display the MX records associated with company.org, revealing which SMTP server is Internet-facing.