nerdexam
ExamsGCIHQuestions#538
GIAC

GCIH · Question #538

GCIH Question #538: Real Exam Question with Answer & Explanation

The correct answer is B: The host fingerprint is not in the nmap signature file. OS detection fails when a signature is not found in the nmap files. If there is no recognizable fingerprint, nmap returns the string with instructions to send it to insecure.org for inclusion in the fingerprint list. This is critical because there will be times when Nmap does not

Reconnaissance, Scanning, and Enumeration

Question

Analyze the command output below. Why did OS detection fail?

Exhibit

GCIH question #538 exhibit

Options

  • AThe host returned a malformed response to nmap
  • BThe host fingerprint is not in the nmap signature file
  • CThe return packet is URL-encoded and not readable
  • DThe return packet is not using the correct protocol

Explanation

OS detection fails when a signature is not found in the nmap files. If there is no recognizable fingerprint, nmap returns the string with instructions to send it to insecure.org for inclusion in the fingerprint list. This is critical because there will be times when Nmap does not have a proper fingerprint for a service. In these situations, it provides you with banner information for the service. With this information, an incident handler can then do a Google search of the banner information Nmap provides and, in some situations, discover a new backdoor on your

Topics

#OS fingerprinting#nmap#signature database#network scanning

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GCIH Practice