When conducting a penetration test of an organizations internal network, which of the following approaches wou

adminJanuary 30, 2019

When conducting a penetration test of an organizations internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected on the network?

A. Use the IP address of an existing file server or domain controller.

B. Pause the scanning every few minutes to allow thresholds to reset.

C. Conduct the scans during evening hours when no one is logged-in.

D. Use multiple scanning tools since each tool has different characteristics.

Explanation:

Pausing the scanning every few minutes avoids overtaxing the network as well as exceeding thresholds that may trigger alert messages to the network administrator. Using the IP address of a server would result in an address contention that would attract attention. Conducting scans after hours would increase the chance of detection, since there would be less traffic to conceal ones activities. Using different tools could increase the likelihood that one of them would be detected by an intrusion detection system.

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISACA Exam Questions

Free ISACA Study Guide

When conducting a penetration test of an organizations internal network, which of the following approaches wou

Leave a Reply Cancel reply