A penetration tester has been tasked with reconnaissance to determine which ports are open on the network. Which of the following tasks should be done FIRST? (Choose two.)
yes! thank you for this answer. Just read this from Mike's book:
Having found an open port, another way for a malicious user to
gain information and additional access is to probe a host’s open
ports to learn details about running services. This is known as
banner grabbing.
First start with;
A penetration test is an active test that attempts to exploit
discovered vulnerabilities. It starts with a vulnerability scan and then
bypasses or actively tests security controls to exploit vulnerabilities.
A Network/port scanner scans systems for open ports and attempts to
discover what services and protocols are running.
Banner grabbing queries remote systems to detect their operating
system, along with services, protocols, and applications running on
the remote system.
Pick your answer this.
Tracert—A command-line tool used to trace the route between two systems.
Once you agree that A is part of the answer then B becomes pointless really because Network Scanning does what B does plus more.
Purpose of network scanning:
a)To discover live hosts/computer, IP address, and open ports of the victim.
b)To discover services that are running on a host computer.
c)To discover the Operating System and system architecture of the target.
d)To discover and deal with vulnerabilities in Live hosts.
https://www.w3schools.in/ethical-hacking/scanning-techniques/
Port Scan & Banner Grab.
It's not a tracert because traceroute works at the network layer (OSI layer 3) and TCP or UDP ports are defined in either layer 4 of the OSI model.
Correct answers are :
A. Network scan
B. Banner grab
More information :
https://www.giac.org/paper/gsec/2473/network-reconnaissance-detection-prevention/104296
Banner grabbing is a technique used to gain information about a computer system on a network and the services running on its open ports. More information : https://en.wikipedia.org/wiki/Banner_grabbing
"First" is the most important part of this question, as some people already pointed out, you need to know where things are 1st before you decide to find more information about those systems.
The answer must be A and C. It's definitely not D or E, leaving us with A, B and C. Since we are asked what to do first it would make sense to check the system is online, understand what hops are required to reach X destination and also to perform a network scan to determine what ports are open. I believe a banner grab would only be performed after these steps were completed! Not to mention that banner grabs are not covered within the exam objectives so that alone should help us narrow things down a little.
The answer should be A and B. Network Scan: Network scanning refers to the use of a computer network to gather information regarding computing systems | Banner grab: Banner grabbing is a technique used to gain information about a computer system on a network and the services running on its open ports
This section is not available anymore. Please use the main Exam Page.N10-007 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
waveyzalgos
Highly Voted 5 years, 1 month agobetty_boop
4 years, 8 months agoErodriguez812
Highly Voted 5 years, 2 months agoGranddude
Most Recent 3 years, 3 months agoDarryJan
4 years, 1 month agomfombi
4 years, 5 months agoCrazyFat
4 years, 6 months agoKLT316
4 years, 7 months agob0ugi3
4 years ago[Removed]
4 years, 9 months agoHuh
4 years, 8 months agoCharcoal2899
5 years agoPoppins
5 years, 1 month agoRealityishere1995
5 years, 1 month agoBOT007
5 years, 5 months agoLynot123
4 years, 5 months ago