312-50V10 · Question #484
A company recently hired your team of Ethical Hackers to test the security of their network systems. The company wants to have the attack be as realistic as possible. They did not provide any informat
The correct answer is B. Reconnaissance. When given only a company name and no other information, ethical hackers begin with reconnaissance to passively and actively gather information before any active testing can occur.
Question
A company recently hired your team of Ethical Hackers to test the security of their network systems. The company wants to have the attack be as realistic as possible. They did not provide any information besides the name of their company. What phase of security testing would your team jump in right away?
Options
- AScanning
- BReconnaissance
- CEscalation
- DEnumeration
How the community answered
(65 responses)- A6% (4)
- B89% (58)
- C3% (2)
- D2% (1)
Why each option
When given only a company name and no other information, ethical hackers begin with reconnaissance to passively and actively gather information before any active testing can occur.
Scanning occurs after reconnaissance, once the tester has identified IP ranges, domains, and live hosts to actively probe for open ports and services.
Reconnaissance is the first phase of the ethical hacking methodology, used to collect as much information as possible about the target using the minimal input provided (such as a company name). Both passive techniques (OSINT, DNS lookups, WHOIS) and active techniques are applied here to build a target profile before proceeding to scanning or enumeration.
Escalation (privilege escalation) is a late-phase activity that occurs after initial access has already been gained - it cannot be the starting point.
Enumeration follows scanning and is used to extract detailed information like user accounts and shares from systems already identified as active targets.
Concept tested: Ethical hacking phases - reconnaissance as entry point
Source: https://www.eccouncil.org/cybersecurity-exchange/ethical-hacking/hacking-phases/
Topics
Community Discussion
No community discussion yet for this question.