nerdexam
EC-Council

312-50V11 · Question #155

What type of OS fingerprinting technique sends specially crafted packets to the remote OS and analyzes the received response?

The correct answer is B. Active. Active OS fingerprinting generates specially crafted probe packets directed at a target and identifies the operating system by analyzing the target's responses, unlike passive fingerprinting which only observes existing traffic.

Scanning Networks

Question

What type of OS fingerprinting technique sends specially crafted packets to the remote OS and analyzes the received response?

Options

  • APassive
  • BActive
  • CReflective
  • DDistributive

How the community answered

(40 responses)
  • B
    90% (36)
  • C
    8% (3)
  • D
    3% (1)

Why each option

Active OS fingerprinting generates specially crafted probe packets directed at a target and identifies the operating system by analyzing the target's responses, unlike passive fingerprinting which only observes existing traffic.

APassive

Passive OS fingerprinting identifies the OS by observing and analyzing traffic already flowing on the network without sending any probes, making it stealthier but dependent on capturing existing communications.

BActiveCorrect

Active OS fingerprinting tools such as Nmap send deliberately crafted TCP, UDP, and ICMP probes to the target host to elicit responses. Variations in TCP/IP stack implementation details - such as initial TTL values, TCP window sizes, and handling of unusual flag combinations - are compared against a signature database to identify the OS. Because this approach generates new traffic toward the target, it is detectable by intrusion detection systems, which is the key distinguishing trade-off from passive techniques.

CReflective

Reflective is not a recognized or standard category of OS fingerprinting technique in security literature or certification curricula.

DDistributive

Distributive is not a recognized or standard category of OS fingerprinting technique in security literature or certification curricula.

Concept tested: Active vs. passive OS fingerprinting techniques

Source: https://nmap.org/book/osdetect.html

Topics

#OS fingerprinting#active scanning#TCP/IP stack analysis#network reconnaissance

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice