[&] Which of the following is NOT typically achievable through passive crawling with Burp Suite?
- Identifying hidden directories
- Building a sitemap
- Detecting hidden files
- Executing malicious payloads -- Correct

[&] What makes the community edition of Burp Suite sufficient for performing passive crawling in this context?
- It includes all necessary features for passive crawling -- Correct
- It supports automated brute-force attacks
- It has advanced scanning capabilities
- It allows modifying intercepted requests

[&] What is a potential benefit of discovering development files while performing passive crawling?
- They speed up the crawling process
- They provide a list of available plugins
- They automatically fix vulnerabilities
- They might contain hidden functionality or credentials -- Correct

[&] Which Burp Suite tool is specifically used to add IP addresses or URLs to the scope for passive crawling?
- Proxy
- Scanner
- Spider
- Target -- Correct

[&] Why is it important to configure the scope in Burp Suite before starting passive crawling?
- To reduce network traffic
- To limit the crawling to relevant parts of the web application -- Correct
- To authenticate the user automatically
- To minimize CPU usage

[&] What is the main purpose of performing passive crawling with Burp Suite?
- To build a sitemap and identify hidden files and directories -- Correct
- To launch brute-force attacks on login forms
- To configure Burp Suite for future scans
- To actively exploit vulnerabilities in web applications