Passive Recon Quiz: Can You Master OSINT Without Touching?

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Thames
T
Thames
Community Contributor
Quizzes Created: 7097 | Total Attempts: 80,150
| Questions: 20 | Updated: Jul 2, 2026
Quiz
Please wait...
Question 1 / 21
🏆 Rank #--
0 %
0/100
Score 0/100

1. Passive reconnaissance differs from active reconnaissance primarily in that it does not ____.

Submit
Please wait...
About This Quiz
Passive Recon Quiz: Can You Master OSINT Without Touching? - Quiz

Test your understanding of Passive Reconnaissance (PenTest+) techniques and OSINT methodologies. This quiz evaluates your knowledge of information gathering without direct system interaction, covering DNS enumeration, public records research, social engineering reconnaissance, and threat intelligence sources. Master the foundational skills needed to conduct ethical penetration testing and security assessments.

2.

What first name or nickname would you like us to use?

You may optionally provide this to label your report, leaderboard, or certificate.

2. Which passive reconnaissance approach involves monitoring job postings to identify technologies and infrastructure a company uses?

Submit

3. Company whitepapers and technical documentation discovered through passive research can reveal ____.

Submit

4. What is the key ethical principle that distinguishes legitimate passive reconnaissance from unauthorized surveillance?

Submit

5. Passive reconnaissance using the Wayback Machine provides information about ____.

Submit

6. Which of these sources would be considered passive for threat intelligence gathering?

Submit

7. Passive reconnaissance using certificate transparency logs can reveal what information?

Submit

8. What does MX record enumeration reveal during passive DNS reconnaissance?

Submit

9. GitHub repositories can reveal sensitive information during passive reconnaissance, such as ____.

Submit

10. Which social engineering reconnaissance method involves researching public information about employees without direct contact?

Submit

11. Which tool is commonly used for passive DNS enumeration and does not directly query the target's nameservers?

Submit

12. What is the primary risk of passive reconnaissance to the target organization?

Submit

13. Which technique involves examining email headers and metadata without sending any packets to the target?

Submit

14. What information can typically be obtained from reviewing a company's LinkedIn profiles passively?

Submit

15. Google dorking is an example of passive reconnaissance because it relies on what?

Submit

16. Which public resource can reveal historical DNS records and previous IP addresses associated with a domain?

Submit

17. What does OSINT stand for in the context of security research?

Submit

18. Shodan is primarily used for discovering what type of information about internet-connected devices?

Submit

19. Which of the following is considered a passive reconnaissance technique?

Submit

20. What is the primary advantage of using WHOIS lookups during passive reconnaissance?

Submit
×
Saved
Thank you for your feedback!
View My Results
Cancel
  • All
    All (20)
  • Unanswered
    Unanswered ()
  • Answered
    Answered ()
Passive reconnaissance differs from active reconnaissance primarily in...
Which passive reconnaissance approach involves monitoring job postings...
Company whitepapers and technical documentation discovered through...
What is the key ethical principle that distinguishes legitimate...
Passive reconnaissance using the Wayback Machine provides information...
Which of these sources would be considered passive for threat...
Passive reconnaissance using certificate transparency logs can reveal...
What does MX record enumeration reveal during passive DNS...
GitHub repositories can reveal sensitive information during passive...
Which social engineering reconnaissance method involves researching...
Which tool is commonly used for passive DNS enumeration and does not...
What is the primary risk of passive reconnaissance to the target...
Which technique involves examining email headers and metadata without...
What information can typically be obtained from reviewing a company's...
Google dorking is an example of passive reconnaissance because it...
Which public resource can reveal historical DNS records and previous...
What does OSINT stand for in the context of security research?
Shodan is primarily used for discovering what type of information...
Which of the following is considered a passive reconnaissance...
What is the primary advantage of using WHOIS lookups during passive...
play-Mute sad happy unanswered_answer up-hover down-hover success oval cancel Check box square blue
Alert!