Exam CS0-003 topic 1 question 13 discussion

The analyst is witnessing the following step in the attack framework: B. Reconnaissance Explanation: In the context described, where an external IP address is actively conducting network and vulnerability scans across external-facing assets of the company network, this activity aligns with the reconnaissance phase of an attack.

B. Reconnaissance

I pass my brothers and systers with this exam, but many question doesn't is here. You need Study more. The BBQ show the way, but the way change in all time, because the question changes in every moment, but this exam is very very good for you.

This is Active Reconnaissance.

The answer is B: Reconnaissance because of the fact that the IP address is located outside of the company network indicates that someone external to the organization is actively scanning the company's external-facing assets. This aligns with the initial phase of an attack where attackers seek to gather information about potential entry points into the target environment.

When an IP address outside of the company network is observed running network and vulnerability scans across external-facing assets, it indicates that the attacker is gathering information about the organization's network infrastructure and potential weaknesses. This activity aligns with the reconnaissance stage, as the attacker is actively probing the target's defenses and vulnerabilities to gather intelligence for potential future attacks. Therefore, the analyst is witnessing the reconnaissance stage of an attack framework.

The answer is B. Reconnaissance.