nerdexam
GIAC

GPEN · Question #85

GPEN Question #85: Real Exam Question with Answer & Explanation

The correct answer is A. PsFile B. PsPasswd C. UserInfo. Enumeration is the phase where an attacker extracts detailed information about users, shares, and services from a target; PsFile, PsPasswd, and UserInfo are all recognized enumeration tools, while WinSSLMiM is a Man-in-the-Middle attack tool.

Question

John works as a professional Ethical Hacker. He has been assigned the project of testing the phases while testing the security of the server: Footprinting Scanning Now he wants to conduct the enumeration phase. Which of the following tools can John use to conduct it? Each correct answer represents a complete solution. Choose all that apply.

Options

  • APsFile
  • BPsPasswd
  • CUserInfo
  • DWinSSLMiM

Explanation

Enumeration is the phase where an attacker extracts detailed information about users, shares, and services from a target; PsFile, PsPasswd, and UserInfo are all recognized enumeration tools, while WinSSLMiM is a Man-in-the-Middle attack tool.

Common mistakes.

  • D. WinSSLMiM is a Man-in-the-Middle tool designed to intercept SSL/TLS sessions, which is a network attack technique and not an enumeration tool.

Concept tested. Network enumeration tools used in ethical hacking

Reference. https://learn.microsoft.com/en-us/sysinternals/downloads/pstools

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GPEN Practice
John works as a professional Ethical Hacker. He has been assigned... | GPEN Q#85 Answer | NerdExam