Sara, the Chief Information Officer (CIO), has requested an audit take place to determine what
services and operating systems are running on the corporate network. Which of the following
should be used to complete this task?
A.
Fingerprinting and password crackers
B.
Fuzzing and a port scan
C.
Vulnerability scan and fuzzing
D.
Port scan and fingerprinting
Explanation:
I don’t understand how Fingerprinting fits into this?
0
0
OK, I understand it now.
0
0
How fingerprint?
0
0
So an audit must take place which meets to criteria:
• What “services” are running on devices in the corporate network
• What “Operating Systems” are running on devices in the corporate network
So the answer must meet both criteria:
WRONG ANSWERS:
A-Fingerprinting and password crackers – Password crackers do not meet any of the two criteria.
B-Fuzzing and a port scan. Fuzzing is used to fuzz, and it doe not meet any of the two criteria.
C-Vulnerability scan and fuzzing. Ditto. Fuzzing is used to fuzz, and it doe not meet any of the two criteria.
So it really only leaves us with “D.Port scan and fingerprinting”
We know that Port Scanning deals with one of the criteria, namely: What “services” are running on devices in the corporate network.
Then by necessity “Fingerprinting” must meet the second criteria, namely: What “Operating Systems” are running on devices in the corporate network
So what is Fingerprinting?
Fingerprinting is more generally used to detect specific versions of applications or protocols that are run on network servers.
Simply put: Fingerprinting is a means of ascertaining the operating system of a remote computer on a network.
Fingerprinting is more generally used to detect specific versions of applications or protocols that are run on network servers. Fingerprinting can be accomplished “passively” by sniffing network packets passing between hosts, or it can be accomplished “actively” by transmitting specially created packets to the target machine and analyzing the response
0
0