EC-Council
312-50V9 · Question #586
312-50V9 Question #586: Real Exam Question with Answer & Explanation
The correct answer is D: It informs the cracker of which vulnerabilities he may be able to exploit on your system. OS fingerprinting identifies the operating system and version of a target, allowing an attacker to look up known vulnerabilities specific to that OS build.
Question
Fingerprinting an Operating System helps a cracker because:
Options
- AIt defines exactly what software you have installed
- BIt opens a security-delayed window based on the port being scanned
- CIt doesn't depend on the patches that have been applied to fix existing security holes
- DIt informs the cracker of which vulnerabilities he may be able to exploit on your system
Explanation
OS fingerprinting identifies the operating system and version of a target, allowing an attacker to look up known vulnerabilities specific to that OS build.
Common mistakes.
- A. OS fingerprinting reveals the operating system type and version, not the full inventory of installed application software, which would require a separate vulnerability scan.
- B. There is no legitimate security concept called a 'security-delayed window' tied to port scanning; this is a fabricated distractor.
- C. Patch status directly affects OS fingerprinting results and vulnerability exposure - unpatched systems are identifiable and carry more exploitable vulnerabilities, making patches highly relevant.
Concept tested. OS fingerprinting and attacker reconnaissance value
Community Discussion
No community discussion yet for this question.