nerdexam
EC-Council

312-50V9 · Question #586

Fingerprinting an Operating System helps a cracker because:

The correct answer is D. It informs the cracker of which vulnerabilities he may be able to exploit on your system. OS fingerprinting identifies the operating system and version of a target, allowing an attacker to look up known vulnerabilities specific to that OS build.

Scanning Networks

Question

Fingerprinting an Operating System helps a cracker because:

Options

  • AIt defines exactly what software you have installed
  • BIt opens a security-delayed window based on the port being scanned
  • CIt doesn't depend on the patches that have been applied to fix existing security holes
  • DIt informs the cracker of which vulnerabilities he may be able to exploit on your system

How the community answered

(52 responses)
  • A
    2% (1)
  • B
    4% (2)
  • C
    8% (4)
  • D
    87% (45)

Why each option

OS fingerprinting identifies the operating system and version of a target, allowing an attacker to look up known vulnerabilities specific to that OS build.

AIt defines exactly what software you have installed

OS fingerprinting reveals the operating system type and version, not the full inventory of installed application software, which would require a separate vulnerability scan.

BIt opens a security-delayed window based on the port being scanned

There is no legitimate security concept called a 'security-delayed window' tied to port scanning; this is a fabricated distractor.

CIt doesn't depend on the patches that have been applied to fix existing security holes

Patch status directly affects OS fingerprinting results and vulnerability exposure - unpatched systems are identifiable and carry more exploitable vulnerabilities, making patches highly relevant.

DIt informs the cracker of which vulnerabilities he may be able to exploit on your systemCorrect

When an attacker determines the exact OS and version through fingerprinting techniques like TCP/IP stack analysis or banner grabbing, they can cross-reference that OS against CVE databases and known exploits. This targeted knowledge dramatically narrows the attack surface the cracker needs to research, making exploitation attempts far more efficient and likely to succeed.

Concept tested: OS fingerprinting and attacker reconnaissance value

Topics

#OS fingerprinting#vulnerability exploitation#reconnaissance#target profiling

Community Discussion

No community discussion yet for this question.

Full 312-50V9 Practice