Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

ISC2 Exam CSSLP Topic 4 Question 21 Discussion

Actual exam question for ISC2's CSSLP exam
Question #: 21
Topic #: 4
[All CSSLP Questions]

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are-secure.com. You have searched all open ports of the we-are-secure server. Now, you want to perform the next information-gathering step, i.e., passive OS fingerprinting. Which of the following tools can you use to accomplish the task?

Show Suggested Answer Hide Answer
Suggested Answer: D

According to the scenario, you have searched all open ports of the we-are-secure server. Now you want to perform the next information-

gathering step, i.e., passive OS fingerprinting. For this, you will use the P0f tool to accomplish the task. P0f is a passive OS fingerprinting tool

that is used to identify the operating system of a target host simply by examining captured packets even when the device is behind a packet

firewall. It does not generate any additional direct or indirect network traffic. P0f can also be used to gather various information, such as

firewall presence, NAT use (for policy enforcement), existence of a load balancer setup, the distance to the remote system and its uptime, etc.

Answer C is incorrect. Nmap is used for active OS fingerprinting. Nmap is a free open-source utility for network exploration and security

auditing. It is used to discover computers and services on a computer network, thus creating a 'map' of the network. Just like many simple

port scanners, Nmap is capable of discovering passive services. In addition, Nmap may be able to determine various details about the remote

computers. These include operating system, device type, uptime, software product used to run a service, exact version number of that

product, presence of some firewall techniques and, on a local area network, even vendor of the remote network card. Nmap runs on Linux,

Microsoft Windows etc.

Answer A is incorrect. SuperScan is a TCP/UDP port scanner. It also works as a ping sweeper and hostname resolver. It can ping a

given range of IP addresses and resolve the host name of the remote system.

The features of SuperScan are as follows:

It scans any port range from a built-in list or any given range.

It performs ping scans and port scans using any IP range.

It modifies the port list and port descriptions using the built in editor.

It connects to any discovered open port using user-specified 'helper' applications.

It has the transmission speed control utility.

Answer B is incorrect. NBTscan is a scanner that scans IP networks for NetBIOS name information. It sends a NetBIOS status query to

each address in a supplied range and lists received information in human readable form. It displays IP address, NetBIOS computer name,

logged-in user name and MAC address of each responded host. NBTscan works in the same manner as nbtstat, but it operates on a range of

addresses instead of just one.


Contribute your Thoughts:

Currently there are no comments in this discussion, be the first to comment!


Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77