210-255 · Question #106
Which type of intrusion event is an attacker retrieving the robots. txt file from target site?
The correct answer is D. reconnaissance. Retrieving the robots.txt file is a reconnaissance activity. The robots.txt file tells search engine crawlers which directories or pages not to index - which inadvertently reveals sensitive paths (e.g., /admin, /backup) an attacker can target. This is passive information gatherin
Question
Which type of intrusion event is an attacker retrieving the robots. txt file from target site?
Options
- Aexploitation
- Bweaponization
- Cscanning
- Dreconnaissance
How the community answered
(33 responses)- A3% (1)
- B3% (1)
- D94% (31)
Explanation
Retrieving the robots.txt file is a reconnaissance activity. The robots.txt file tells search engine crawlers which directories or pages not to index - which inadvertently reveals sensitive paths (e.g., /admin, /backup) an attacker can target. This is passive information gathering, the hallmark of the reconnaissance phase of the Cyber Kill Chain. It is not exploitation (A) because no vulnerability is being leveraged, not weaponization (B) because no payload is being crafted, and not scanning (C) because no active probing of ports or services is occurring - it is simply retrieving a publicly accessible file to learn about the site's structure.
Topics
Community Discussion
No community discussion yet for this question.