nerdexam
Cisco

210-255 · Question #106

Which type of intrusion event is an attacker retrieving the robots. txt file from target site?

The correct answer is D. reconnaissance. Retrieving the robots.txt file is a reconnaissance activity. The robots.txt file tells search engine crawlers which directories or pages not to index - which inadvertently reveals sensitive paths (e.g., /admin, /backup) an attacker can target. This is passive information gatherin

Attack Methods

Question

Which type of intrusion event is an attacker retrieving the robots. txt file from target site?

Options

  • Aexploitation
  • Bweaponization
  • Cscanning
  • Dreconnaissance

How the community answered

(33 responses)
  • A
    3% (1)
  • B
    3% (1)
  • D
    94% (31)

Explanation

Retrieving the robots.txt file is a reconnaissance activity. The robots.txt file tells search engine crawlers which directories or pages not to index - which inadvertently reveals sensitive paths (e.g., /admin, /backup) an attacker can target. This is passive information gathering, the hallmark of the reconnaissance phase of the Cyber Kill Chain. It is not exploitation (A) because no vulnerability is being leveraged, not weaponization (B) because no payload is being crafted, and not scanning (C) because no active probing of ports or services is occurring - it is simply retrieving a publicly accessible file to learn about the site's structure.

Topics

#reconnaissance#cyber kill chain#robots.txt#passive recon

Community Discussion

No community discussion yet for this question.

Full 210-255 Practice