nerdexam
GIAC

GCIH · Question #16

You see the career section of a company's Web site and analyze the job profile requirements. You conclude that the company wants professionals who have a sharp knowledge of Windows server 2003 and Win

The correct answer is C. Reconnaissance. Analyzing a company's job postings to identify technologies and infrastructure in use is a passive information-gathering technique classified as reconnaissance (footprinting).

Reconnaissance, Scanning, and Enumeration

Question

You see the career section of a company's Web site and analyze the job profile requirements. You conclude that the company wants professionals who have a sharp knowledge of Windows server 2003 and Windows active directory installation and placement. Which of the following steps are you using to perform hacking?

Options

  • AScanning
  • BCovering tracks
  • CReconnaissance
  • DGaining access

How the community answered

(21 responses)
  • A
    10% (2)
  • C
    86% (18)
  • D
    5% (1)

Why each option

Analyzing a company's job postings to identify technologies and infrastructure in use is a passive information-gathering technique classified as reconnaissance (footprinting).

AScanning

Scanning involves actively probing target systems with tools such as port scanners or vulnerability scanners, not passively reading public web content.

BCovering tracks

Covering tracks is the final phase of an attack, focused on removing logs and evidence of intrusion after access has been gained.

CReconnaissanceCorrect

Reconnaissance is the first phase of ethical hacking where an attacker passively collects information about a target without directly interacting with its systems. Reading public job postings to infer internal technology stacks - such as Windows Server 2003 and Active Directory - is a classic open-source intelligence (OSINT) footprinting technique that reveals the target environment without triggering any alerts.

DGaining access

Gaining access refers to exploiting discovered vulnerabilities to compromise a system, which has not yet occurred at this stage.

Concept tested: Reconnaissance and OSINT footprinting techniques

Source: https://www.eccouncil.org/cybersecurity-exchange/ethical-hacking/what-is-footprinting-in-ethical-hacking/

Topics

#passive reconnaissance#OSINT#footprinting#information gathering

Community Discussion

No community discussion yet for this question.

Full GCIH Practice