Network-Based Scans and Vulnerability Enumeration

Questions and Answers

What is the primary goal of the discovery component of a network-based scan?

• To identify potential vulnerabilities in a network
• To establish a network topology map
• To determine the device types and potential points of attack (correct)
• To enumerate running services on a target device

What is the term used to describe the process of analyzing a target's behavior and responses to determine its characteristics?

• Port scanning
• Fingerprinting (correct)
• Service discovery
• Vulnerability enumeration

What technique might a scanning tool use to determine the type and version of a host or device?

• Conducting a ping sweep
• Examine system banners (correct)
• Scanning for open UDP ports
• Performing a DNS lookup

What is the term used to describe the process of identifying devices on a network and determining their type and potential points of attack?

Host discovery (A)

What is the purpose of probing a target in a network-based scan?

To analyze the target's behavior and responses (D)

What is the main objective of a network-based scan?

To combine host and service discovery with vulnerability enumeration (D)

What does a scanning tool's 'fingerprint' of a system typically include?

Information about the system and its characteristics (B)

What is the primary purpose of examining system banners during a network-based scan?

To determine the device's operating system (A)

What is a key benefit of combining host and service discovery with vulnerability enumeration in a network-based scan?

It provides a comprehensive view of a network's security posture (D)

What is the relationship between the discovery component of a network-based scan and the identification of potential points of attack?

The discovery component identifies devices on a network, and the identification of potential points of attack is a subsequent step (A)