GIAC
GCIH · Question #512
What is a penetration tester likely to be looking to accomplish with the following screen?
The correct answer is A. Find versions of software with known vulnerabilities. The FOCA metadata analysis finds the versions of software documents were created with and if there are versions with known vulnerabilities, it represents a potential avenue of access, unless it's been updated since the document was posted.
Reconnaissance, Scanning, and Enumeration
Question
What is a penetration tester likely to be looking to accomplish with the following screen?
Exhibit
Options
- AFind versions of software with known vulnerabilities
- BFind clients on the network for exploitation
- CFind software with expired licenses
- DLook for operating systems with known vulnerabilities
How the community answered
(39 responses)- A90% (35)
- B3% (1)
- C5% (2)
- D3% (1)
Explanation
The FOCA metadata analysis finds the versions of software documents were created with and if there are versions with known vulnerabilities, it represents a potential avenue of access, unless it's been updated since the document was posted.
Topics
#version scanning#service enumeration#vulnerability identification#penetration testing
Community Discussion
No community discussion yet for this question.
