SY0-501 · Question #484
SY0-501 Question #484: Real Exam Question with Answer & Explanation
The correct answer is A: Banner grabbing. Banner grabbing is a reconnaissance technique used by attackers to collect software version and service information from network hosts by reading the banners returned by services upon connection.
Question
A remote intruder wants to take inventory of a network so exploits can be researched. The intruder is looking for information about software versions on the network. Which of the following techniques is the intruder using?
Options
- ABanner grabbing
- BPort scanning
- CPacket sniffing
- DVirus scanning
Explanation
Banner grabbing is a reconnaissance technique used by attackers to collect software version and service information from network hosts by reading the banners returned by services upon connection.
Common mistakes.
- B. Port scanning identifies which ports are open on a host to determine what services are running, but does not inherently reveal software version information from service banners.
- C. Packet sniffing captures network traffic in transit to analyze data, credentials, or communications, and is not specifically targeted at collecting software version information from services.
- D. Virus scanning is a defensive technique used to detect malware on a system and is not a reconnaissance method used by attackers to gather network inventory information.
Concept tested. Banner grabbing for software version reconnaissance
Reference. https://attack.mitre.org/techniques/T1592/
Community Discussion
No community discussion yet for this question.