An in-house penetration tester is using a packet capture device to listen in on network communications. This is an example of:
A. Passive reconnaissance
B. Persistence
C. Escalation of privileges
D. Exploiting the switch
An in-house penetration tester is using a packet capture device to listen in on network communications. This is an example of:
A. Passive reconnaissance
B. Persistence
C. Escalation of privileges
D. Exploiting the switch
D. When an attacker is exploiting the switch internally via port monitoring (or port mirroring) to acquire network traffic for analysis by a packet capture device. It enables monitoring of Ethernet ports.
Not (A) passive reconnaissance because it involves packet SNIFFING of a NIC not packet CAPTURE on a network.
D. The question itself says nothing about active or passive. Only the answers do. the question merely states “penetration tester is using a packet capture device to listen in on network communications.” That can easily be done by port mirroring – capturing packets. With port mirroring enabled, the switch sends a copy of all network packets seen on one port (or an entire VLAN) to another port, where the packet can be analyzed.
Passive reconnaissance: The process of collecting information about an intended target of a malicious hack without the target knowing what is occurring. Typical passive reconnaissance can include physical observation of an enterprise’s building, sorting through discarded computer equipment in an attempt to find equipment that contains data or discarded paper with usernames and passwords, eavesdropping on employee conversations, researching the target through common Internet tools such as Whois, impersonating an employee in an attempt to collect information, and packet sniffing.
Isn’t this active reconaissance not passive? passive doesn’t use tools…Only thing left is D
Wow you are very misleading. Congratulations.
A lot of the answers in these dumps are highly dubious. I’d go with A
Answer is definitely A. Choice D doesn’t make any sense.
The answer is completely stupid.
It is A passive reconnaissance.
Exploiting the switch just with the word “Exploiting” demonstrate that it isn’t passive but highly active so…
Who chose the answers seriously. This could confuse so much ppl in their learning and training phase.
Regards