ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-002 All Questions

View all questions & answers for the CS0-002 exam
Go to Exam

Exam CS0-002 topic 1 question 228 discussion

Actual exam question from CompTIA's CS0-002
Question #: 228
Topic #: 1
[All CS0-002 Questions]

A penetration tester physically enters a datacenter and attaches a small device to a switch. As part of the tester's effort to evaluate which nodes are present on the network; the tester places the network agape in promiscuous mode and logs traffic for later analysis. Which of the following is the tester performing?

  • A. Credential scanning
  • B. Passive scanning
  • C. Protocol analysis
  • D. SCAP scanning
  • E. Network segmentation
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by bob12356 at Dec. 14, 2022, 12:29 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ARYANXE
1 year, 7 months ago
The penetration tester, by placing the network adapter in promiscuous mode and logging traffic for later analysis, is performing: C. Protocol analysis In this scenario, the tester is not actively scanning for credentials, which would involve attempting to gather usernames and passwords. Instead, the focus is on monitoring and analyzing network traffic passively. This aligns more closely with the concept of protocol analysis, where the tester observes and analyzes the protocols and traffic on the network without actively interacting or attempting to manipulate it.
upvoted 1 times
...
Starburst
2 years ago
It makes more sense when it reads: "A penetration tester physically enters a datacenter and attaches a small device to a switch. As part of the tester's effort to evaluate which nodes are present on the network; the tester places the network adapter in promiscuous mode and logs traffic for later analysis. Which of the following is the tester performing?"
upvoted 2 times
...
2Fish
2 years, 3 months ago
Selected Answer: B
B. This is typical of putting your device (NIC) whatever in promiscuous mode, collecting packets for later analysis.
upvoted 1 times
...
jleonard_ddc
2 years, 3 months ago
Selected Answer: C
When a network is placed in promiscuous mode, this is done with the intention of retrieving or sniffing packets. This helps feed the packets to a protocol analyzer to log and analyze traffic. The small device in the switch would be the hardware that is part of the hybrid (software + hardware) approach to protocol analysis. WRONG ANSWERS • A – credential scanning is not a passive method in any way, and refers to the use of login credentials to test sys • B – passive scanning is typically a way of looking for vulnerabilities without actively logging into them or triggering them in any way • D – SCAP is a system for assisting with patch scanning and vulnerabilities. This is not what is described and might not be part of a pen tester’s efforts. • E – network segmentation is a logical division of networks using the firmware/software. It can also be done via hardware, but would be done so in the case of unique, separate hardware (switches) for that dedicated network.
upvoted 2 times
...
CatoFong
2 years, 4 months ago
Selected Answer: B
B. is correct
upvoted 2 times
...
bob12356
2 years, 6 months ago
Selected Answer: B
Passive scanning involves monitoring network traffic without actively sending any packets or requests.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel