Exam 312-50v12 topic 1 question 282 discussion

ChatGPT also says D. Reasons why others are wrong: A. Creating a profile of external links and file structures ❌ This is closer to website spidering or content discovery, not footprinting at the system level. B. Using a brute-force attack ❌ This is an active attack method — not passive reconnaissance like footprinting. C. Using a vulnerability scanner ❌ This falls under vulnerability assessment or scanning, which usually comes after footprinting.

Well, I am not sure that D is correct in this specific case. The question says "When considering how an attacker MAY EXPLOIT a WEB SERVER". It's not general question about footprinting and getting knowledge about sites, employees, network range, physical location etc It is question directed at web server footprinting in the context of exploitation. I would say the answer is C, and this is about active footprinting that means finding services running and weaknesses (vulnerabilities) that could be exploited. My answer is C.

Gather valuable system-level data such as account details, operating system, software versions, server names, and database schema details

D. I got full marks and this is one of the questions.

CEHv12 - 1810

old Question #: 362 from V11 - it's D

D is correct

The course speaks of a "blueprint" that will be created when the footprinting is complete. This would include the server names, account details, and domains that are available from the company's footprint. I would think that D is the more accurate answer. Ref: Module 2 pg 107-108.

D. When an attacker gathers system-level data, including account details and server names

Team is this CEH method correct

I think the A is more suitable A. When an attacker creates a complete profile of the site's external links and file structures remains the best fit for the concept of web server footprinting as described in the context of the original question.