ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50 All Questions

View all questions & answers for the 312-50 exam
Go to Exam

Exam 312-50 topic 8 question 117 discussion

Actual exam question from ECCouncil's 312-50
Question #: 117
Topic #: 8
[All 312-50 Questions]

Which of the following tools can be used for passive OS fingerprinting?

  • A. tcpdump
  • B. nmap
  • C. ping
  • D. tracert
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
The passive operating system fingerprinting is a feature built into both the pf and tcpdump tools.
References: http://geek00l.blogspot.se/2007/04/tcpdump-privilege-dropping-passive-os.html
by Anuel777 at Nov. 19, 2021, 9:56 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
karpal
8 months ago
Selected Answer: A
tcpdump is passive.
upvoted 1 times
...
Anuel777
1 year, 11 months ago
You might aswell fingerprint the target OS by using ping, and watching the TTL it displays. If the TTL is 64: The target is a Linux Host If the TTL is 128: The target is a Windows Host
upvoted 1 times
dorinh
1 year, 11 months ago
Yes, but this method is Active since you are interecting with the target system
upvoted 3 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago