312-50V13 · Question #449
When considering how an attacker may exploit a web server, what is web server footprinting?
The correct answer is C. When an attacker gathers system-level data, including account details and server names. Web server footprinting is the initial information-gathering phase where an attacker collects detailed system-level data about a target web server.
Question
Options
- AWhen an attacker implements a vulnerability scanner to identify weaknesses
- BWhen an attacker creates a complete profile of the site's external links and file structures
- CWhen an attacker gathers system-level data, including account details and server names
- DWhen an attacker uses a brute-force attack to crack a web-server password
How the community answered
(26 responses)- A4% (1)
- B8% (2)
- C88% (23)
Why each option
Web server footprinting is the initial information-gathering phase where an attacker collects detailed system-level data about a target web server.
Implementing a vulnerability scanner is a specific method used to identify weaknesses after footprinting, not the definition of footprinting itself.
Creating a complete profile of a site's external links and file structures is part of web application mapping, which is related but distinct from the comprehensive system-level focus of 'web server' footprinting.
Web server footprinting is the reconnaissance phase where an attacker systematically gathers system-level information about the target web server. This includes details such as server names, operating system types and versions, web server software and versions, installed applications, and sometimes even account details, all aimed at identifying potential vulnerabilities and attack vectors.
Using a brute-force attack to crack a web-server password is an exploitation technique, not an information-gathering (footprinting) activity.
Concept tested: Web server footprinting
Source: https://www.eccouncil.org/cybersecurity-exchange/ethical-hacking/what-is-footprinting/
Topics
Community Discussion
No community discussion yet for this question.