nerdexam
EC-Council

312-50V10 · Question #895

What would be the fastest way to perform content enumeration on a given web server by using the Gobuster tool?

The correct answer is D. Performing content enumeration using the bruteforce mode and random file extensions. Gobuster is a directory and file brute-forcing tool used for web content enumeration. The stated correct answer is D - bruteforce mode with random file extensions. In this mode, Gobuster appends multiple varied file extensions (e.g., .php, .html, .txt, .asp) to each attempted pat

Hacking Web Applications

Question

What would be the fastest way to perform content enumeration on a given web server by using the Gobuster tool?

Options

  • APerforming content enumeration using the bruteforce mode and 10 threads
  • BShipping SSL certificate verification
  • CPerforming content enumeration using a wordlist
  • DPerforming content enumeration using the bruteforce mode and random file extensions

How the community answered

(23 responses)
  • A
    13% (3)
  • B
    4% (1)
  • C
    4% (1)
  • D
    78% (18)

Explanation

Gobuster is a directory and file brute-forcing tool used for web content enumeration. The stated correct answer is D - bruteforce mode with random file extensions. In this mode, Gobuster appends multiple varied file extensions (e.g., .php, .html, .txt, .asp) to each attempted path, generating more combinations per cycle and broadening coverage rapidly without being constrained to a fixed wordlist. Option A (bruteforce with 10 threads) does improve speed but 10 threads is modest. Option B (skipping SSL verification) reduces handshake overhead but does not fundamentally accelerate content discovery. Option C (wordlist) is the most common real-world approach but is bounded by the wordlist's scope. NOTE: In practice, most security professionals consider a targeted wordlist (C) to be the most efficient method. Answer D as marked likely reflects specific CEH exam material framing around maximizing enumeration breadth.

Topics

#Gobuster#content enumeration#web directory brute force#wordlist scanning

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice