312-50V13 Question #138: Real Exam Question with Answer & Explanation

Question

Fingerprinting an Operating System helps a cracker because:

Options

• AIt defines exactly what software you have installed
• BIt opens a security-delayed window based on the port being scanned
• CIt doesn't depend on the patches that have been applied to fix existing security holes
• DIt informs the cracker of which vulnerabilities he may be able to exploit on your system

Explanation

Operating system fingerprinting allows an attacker to identify the specific OS and version of a target system, which in turn helps them pinpoint known vulnerabilities to exploit.

Common mistakes.

• A. OS fingerprinting provides information primarily about the operating system itself and its version, not a detailed inventory of all installed software applications.
• B. OS fingerprinting is an information gathering technique to determine the OS type and does not inherently open a security-delayed window or any other type of system access.
• C. The value of OS fingerprinting heavily depends on whether patches have been applied; an attacker uses the identified OS to determine which known vulnerabilities for that version might remain unpatched and exploitable.

Concept tested. OS Fingerprinting purpose (vulnerability identification)

Reference. learn.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-vulnerability-management/discover-vulnerabilities

No community discussion yet for this question.