nerdexam
EC-Council

312-50V10 · Question #932

In order to tailor your tests during a web-application scan, you decide to determine which web- server version is hosting the application. On using the sV flag with Nmap. you obtain the following resp

The correct answer is B. Banner grabbing. NOTE - the provided correct answer (C) appears to be an error in the answer key; the technique described is banner grabbing (B). Using Nmap -sV to read service version strings returned by an open port is the definition of banner grabbing, not a dictionary attack.

Scanning Networks

Question

In order to tailor your tests during a web-application scan, you decide to determine which web- server version is hosting the application. On using the sV flag with Nmap. you obtain the following response:

80/tcp open http-proxy Apache Server 7.1.6 What Information-gathering technique does this best describe?

Options

  • AWhOiS lookup
  • BBanner grabbing
  • CDictionary attack
  • DBrute forcing

How the community answered

(18 responses)
  • A
    6% (1)
  • B
    89% (16)
  • D
    6% (1)

Why each option

NOTE - the provided correct answer (C) appears to be an error in the answer key; the technique described is banner grabbing (B). Using Nmap -sV to read service version strings returned by an open port is the definition of banner grabbing, not a dictionary attack.

AWhOiS lookup

WHOIS lookup queries domain registration databases for ownership and contact records, not live service banners from a running web server.

BBanner grabbingCorrect

Banner grabbing is a passive information-gathering technique where an attacker reads the response header or banner a service returns when queried. Nmap's -sV flag sends probe requests to open ports and parses the service banner - in this case extracting 'Apache Server 7.1.6' from the HTTP response - to identify software and version without attempting any credentials or guessing.

CDictionary attack

A dictionary attack attempts authentication by trying a list of known words or passwords against a login mechanism; no credentials are being tested when running Nmap -sV.

DBrute forcing

Brute forcing exhaustively tries all possible credential combinations against an authentication service, which is unrelated to reading version banners from open service ports.

Concept tested: Banner grabbing for web server version identification

Source: https://nmap.org/book/man-version-detection.html

Topics

#banner grabbing#Nmap -sV#web server fingerprinting#version detection

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice