nerdexam
Exams312-50V10Questions#33
EC-Council

312-50V10 · Question #33

312-50V10 Question #33: Real Exam Question with Answer & Explanation

The correct answer is A: Banner Grabbing. Banner grabbing is a reconnaissance technique that reads service banners returned by open ports to identify the operating system and software versions running on a target. It is a direct method for OS fingerprinting during the information-gathering phase.

Question

A hacker named Jack is trying to compromise a bank's computer system. He needs to know the operating system of that computer to launch further attacks. What process would help him?

Options

  • ABanner Grabbing
  • BIDLE/IPID Scanning
  • CSSDP Scanning
  • DUDP Scanning

Explanation

Banner grabbing is a reconnaissance technique that reads service banners returned by open ports to identify the operating system and software versions running on a target. It is a direct method for OS fingerprinting during the information-gathering phase.

Common mistakes.

  • B. IDLE/IPID scanning is a stealthy port scanning technique that uses a zombie host to obscure the attacker's identity and does not directly reveal OS information.
  • C. SSDP scanning targets Universal Plug and Play devices on a local network and is used for device discovery, not OS identification.
  • D. UDP scanning identifies open UDP ports and available services but does not inherently provide OS identification information.

Concept tested. Banner grabbing for OS fingerprinting reconnaissance

Reference. https://owasp.org/www-community/attacks/Banner_Grabbing

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 312-50V10 Practice