Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Comptia Pentest+ PT0-002 > 2.3 Information Gathering and Vulnerability Scanning > Flashcards

2.3 Information Gathering and Vulnerability Scanning Flashcards

Given a scenario, analyze the results of a reconnaissance exercise.

1
Q

Why can Address Resolution Protocol (ARP) traffic be useful?

A

One reason to gather ARP traffic is to discover hosts on a network. Then it is possible to launch an ARP poisoning attack, which deliberately maps an incorrect MAC address to a correct IP address, which poisons the ARP cache in order to redirect traffic for malicious purposes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the difference between passive and active OS fingerprinting?

A

Passive OS fingerprinting gathers network traffic using a packet sniffer such as Wireshark. This is useful for avoiding detection by a firewall or IDS.
Active OS fingerprinting uses the nmap -sV command and thus actively sends out probes and analyzes the returned packets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Comptia Pentest+ PT0-002 (21 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions