312-50V13 · Question #350
312-50V13 Question #350: Real Exam Question with Answer & Explanation
The correct answer is D: Port scanning, banner grabbing service identification. To gain the most comprehensive understanding of a system's technical security posture, active reconnaissance techniques like port scanning and service identification are essential.
Question
Which of the following provides a security professional with most information about the system's security posture?
Options
- APhishing, spamming, sending trojans
- BSocial engineering, company site browsing tailgating
- CWardriving, warchalking, social engineering
- DPort scanning, banner grabbing service identification
Explanation
To gain the most comprehensive understanding of a system's technical security posture, active reconnaissance techniques like port scanning and service identification are essential.
Common mistakes.
- A. Phishing, spamming, and sending Trojans are attack vectors used to compromise systems or users, not techniques for assessing a system's security posture.
- B. Social engineering, company site browsing, and tailgating focus on human vulnerabilities, information gathering from publicly available sources, or physical access, rather than the technical security configuration of a system.
- C. Wardriving and warchalking are methods for discovering and mapping wireless networks, while social engineering targets human weaknesses; these provide information about wireless or human security but are not the primary means to assess a system's internal security posture.
Concept tested. Active reconnaissance for system security assessment
Reference. https://nmap.org/book/man-briefoptions.html
Topics
Community Discussion
No community discussion yet for this question.