GCIH · Question #263
GCIH Question #263: Real Exam Question with Answer & Explanation
The correct answer is B: You want to perform banner grabbing to the hosts given in the IP address list.. The script uses netcat (nc) to connect to port 80 on each host in the list and sends an HTTP request, retrieving the server's response headers - a classic banner grabbing technique. Banner grabbing extracts service version and software information from server responses.
Question
Options
- AYou want to put nmap in the listen mode to the hosts given in the IP address list.
- BYou want to perform banner grabbing to the hosts given in the IP address list.
- CYou want to perform port scanning to the hosts given in the IP address list.
- DYou want to transfer file hostlist.txt to the hosts given in the IP address list.
Explanation
The script uses netcat (nc) to connect to port 80 on each host in the list and sends an HTTP request, retrieving the server's response headers - a classic banner grabbing technique. Banner grabbing extracts service version and software information from server responses.
Common mistakes.
- A. Nmap listen mode (-l) is not invoked here; the script uses netcat to initiate outbound connections, not to place any tool in listening mode.
- C. Port scanning enumerates open ports across a range, whereas this script specifically connects to a fixed port (80) and sends an HTTP request to retrieve service information.
- D. The script reads from request.txt and sends it to remote hosts rather than transferring hostlist.txt itself; file transfer would require a different netcat syntax.
Concept tested. HTTP banner grabbing using netcat
Reference. https://csrc.nist.gov/publications/detail/sp/800-115/final
Community Discussion
No community discussion yet for this question.