312-50V13 · Question #380
312-50V13 Question #380: Real Exam Question with Answer & Explanation
The correct answer is A: Banner grabbing. The engineer's action of using netcat to connect to port 80 and capture server response headers, including identifying the server software, is known as banner grabbing.
Question
A Security Engineer at a medium-sized accounting firm has been tasked with discovering how much information can be obtained from the firm's public facing web servers. The engineer decides to start by using netcat to port 80. The engineer receives this output: HTTP/1.1 200 OK Server: MicrosoftIIS/6 Expires: Tue, 17 Jan 2011 01:41:33 GMT Date: Mon, 16 Jan 2011 01:41:33 GMT ContentType: text/html AcceptRanges: bytes Last Modified: Wed, 28 Dec 2010 15:32:21 GMT ETag:"b0aac0542e25c31:89d" ContentLength: 7369 Which of the following is an example of what the engineer performed?
Options
- ABanner grabbing
- BSQL injection
- CWhois database query
- DCross-site scripting
Explanation
The engineer's action of using netcat to connect to port 80 and capture server response headers, including identifying the server software, is known as banner grabbing.
Common mistakes.
- B. SQL injection involves inserting malicious SQL code into input fields to manipulate database queries, which is not what the
netcatcommand and output demonstrate. - C. A Whois database query is used to look up domain registration information, not to interact directly with a web server's HTTP service to get its banner.
- D. Cross-site scripting (XSS) involves injecting malicious scripts into web pages to be executed in other users' browsers, which is unrelated to directly querying a server banner via
netcat.
Concept tested. Banner grabbing technique
Topics
Community Discussion
No community discussion yet for this question.