• Post author:
  • Post category:Blog
  • Reading time:1 mins read
  • Post last modified:June 12, 2024

Why would a penetration tester perform a passive reconnaissance scan instead of an active one?

  • to collect information about a network without being detected 
  • because the time to perform the scan is limited 
  • because the root-level SSH credentials to a target have been compromised 
  • to test whether specific services or protocols are available on the network

Explanation & Hint:

Typically a passive reconnaissance scan of a target instead of an active reconnaissance scan would be performed when information is required to be collected in a way that does not alert any security measures that may be deployed on the network. Any scan that injects traffic onto the network or elicits service responses is an active scan that existing security measures could detect.

For more Questions and Answers:

3.5.3 Quiz – Information Gathering and Vulnerability Scanning Answers Full 100%

Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments