Cisco
210-255 · Question #138
210-255 Question #138: Real Exam Question with Answer & Explanation
The correct answer is B: Redirecting users to a source and scanning traffic to learn about the target. Reconnaissance is limited to passively or actively gathering information about a target; redirecting users is an active attack technique that manipulates legitimate traffic flows beyond mere information gathering.
Attack Methods
Question
Which of the following is not an example of reconnaissance?
Options
- ASearching the robots.txt file
- BRedirecting users to a source and scanning traffic to learn about the target
- CScanning without completing the three-way handshake
- DCommunicating over social media
Explanation
Reconnaissance is limited to passively or actively gathering information about a target; redirecting users is an active attack technique that manipulates legitimate traffic flows beyond mere information gathering.
Common mistakes.
- A. Searching robots.txt is passive OSINT reconnaissance that reveals restricted paths and site structure without alerting or disrupting the target.
- C. Half-open SYN scanning is active reconnaissance that enumerates open ports by sending SYN packets without completing the TCP three-way handshake.
- D. Using social media to gather details about personnel or systems is a recognized OSINT and social engineering reconnaissance technique.
Concept tested. Distinguishing reconnaissance from active attack techniques
Reference. https://attack.mitre.org/tactics/TA0043/
Topics
#reconnaissance#attack methods#network scanning#information gathering
Community Discussion
No community discussion yet for this question.