nerdexam
ExamsCSSLPQuestions#312
(ISC)2(ISC)2

CSSLP · Question #312

CSSLP Question #312: Real Exam Question with Answer & Explanation

The correct answer is D: P0f. P0f is a widely used tool for passive OS fingerprinting, enabling the identification of operating systems and other device characteristics without actively sending probes.

Secure Software Testing

Question

John works as a professional Ethical Hacker. He is assigned a project to test the security of you want to perform the next information-gathering step, i.e., passive OS fingerprinting. Which of the following tools can you use to accomplish the task?

Options

  • ASuperscan
  • BNBTscan
  • CNmap
  • DP0f

Explanation

P0f is a widely used tool for passive OS fingerprinting, enabling the identification of operating systems and other device characteristics without actively sending probes.

Common mistakes.

  • A. Superscan is a port scanner and network utility for Windows, used for active scanning rather than passive OS fingerprinting.
  • B. NBTscan is a tool for scanning NetBIOS name servers and retrieving NetBIOS information, which is an active scan and not passive OS fingerprinting.
  • C. Nmap (Network Mapper) can perform OS fingerprinting, but it primarily does so actively by sending specially crafted packets, rather than passively observing traffic.

Concept tested. Passive OS fingerprinting tools

Reference. https://lcamtuf.coredump.cx/p0f3/

Topics

#Passive OS fingerprinting#Information gathering#Security testing tools#P0f

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CSSLP PracticeBrowse All CSSLP Questions