A penetration tester is attempting to scan an internal corporate network from the internet without alerting the border sensor. Which is the most efficient technique should the tester consider using?
A. Spoofing an IP address
B. Tunneling scan over SSH
C. Tunneling over high port numbers
D. Scanning using fragmented IP packets
EC-Council Certified Ethical Hacker v11Free dumps for 312-50v11 in Printable PDF format.High quality PDF and software. VALID exam to help you pass. |
 |
|
Download Printable PDF. VALID exam to help you PASS. |
|
D is correct. We can’t conduct a tunneling scan from Internet without an internal compromised machine. SSH tunnel must be established from our attacking machine to this internal compromised machine fistly.
https://isc.sans.edu/forums/diary/Tunneling+scanners+or+really+anything+over+SSH/24286/
Hmmm. i don’t think D is the answer. Since the question states “without alerting the border sensor” then it should be either B or C – using tunneling.
Correct Answer is D.