- Home
- EC-COUNCIL
- EC-Council Certified Network Defender CND
- EC-COUNCIL.312-38.v2023-07-28.q129
- Question 107
Valid 312-38 Dumps shared by ExamDiscuss.com for Helping Passing 312-38 Exam! ExamDiscuss.com now offer the newest 312-38 exam dumps, the ExamDiscuss.com 312-38 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com 312-38 dumps with Test Engine here:
Access 312-38 Dumps Premium Version
(359 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 107/129
CORRECT TEXT
Fill in the blank with the appropriate term.
______________ is an enumeration technique used to glean information about computer systems on a network and the services running its open ports.
Fill in the blank with the appropriate term.
______________ is an enumeration technique used to glean information about computer systems on a network and the services running its open ports.
Correct Answer:
Banner grabbing
Explanation:
Banner grabbing is an enumeration technique used to glean information about computer systems on a network and the services running its open ports. Administrators can use this to take inventory of the systems and services on their network. An intruder however can use banner grabbing in order to find network hosts that are running versions of applications and operating systems with known exploits. Some examples of service ports used for banner grabbing are those used by Hyper Text Transfer Protocol (HTTP), File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP); ports 80, 21, and 25 respectively. Tools commonly used to perform banner grabbing are Telnet, which is included with most operating systems, and Netcat. For example, one could establish a connection to a target host running a Web service with netcat, then send a bad html request in order to get information about the service on the host: [root@prober] nc www.targethost.com 80 HEAD / HTTP/1.1 HTTP/1.1 200 OK Date: Mon, 11 May 2009 22:10:40 EST Server: Apache/2.0.46 (Unix) (Red Hat/Linux) Last-Modified: Thu, 16 Apr 2009 11:20:14 PST ETag: "1986-69b-123a4bc6" Accept-Ranges: bytes Content-Length: 1110 Connection: close Content-Type: text/html The administrator can now catalog this system or an intruder now knows what version of Apache to look for exploits.
Explanation:
Banner grabbing is an enumeration technique used to glean information about computer systems on a network and the services running its open ports. Administrators can use this to take inventory of the systems and services on their network. An intruder however can use banner grabbing in order to find network hosts that are running versions of applications and operating systems with known exploits. Some examples of service ports used for banner grabbing are those used by Hyper Text Transfer Protocol (HTTP), File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP); ports 80, 21, and 25 respectively. Tools commonly used to perform banner grabbing are Telnet, which is included with most operating systems, and Netcat. For example, one could establish a connection to a target host running a Web service with netcat, then send a bad html request in order to get information about the service on the host: [root@prober] nc www.targethost.com 80 HEAD / HTTP/1.1 HTTP/1.1 200 OK Date: Mon, 11 May 2009 22:10:40 EST Server: Apache/2.0.46 (Unix) (Red Hat/Linux) Last-Modified: Thu, 16 Apr 2009 11:20:14 PST ETag: "1986-69b-123a4bc6" Accept-Ranges: bytes Content-Length: 1110 Connection: close Content-Type: text/html The administrator can now catalog this system or an intruder now knows what version of Apache to look for exploits.
- Question List (129q)
- Question 1: Which of the following represents a network that connects tw...
- Question 2: Which of the following procedures is designed to enable secu...
- Question 3: Which of the following are the common security problems invo...
- Question 4: Which of the following is used in conjunction with smoke det...
- Question 5: Fill in the blank with the appropriate term. A _____________...
- Question 6: Which of the following are the six different phases of the I...
- Question 7: Which of the following systems includes an independent NAS H...
- Question 8: Which of the following is a worldwide organization whose mis...
- Question 9: Which of the following types of VPN uses the Internet as its...
- Question 10: Which of the following are provided by digital signatures?...
- Question 11: Which of the following classes of IP addresses provides a ma...
- Question 12: Paul is a network security technician working on a contract ...
- Question 13: Which of the following tools is used to ping a given range o...
- Question 14: Which of the following is a device that receives a digital s...
- Question 15: Which of the following is a management process that provides...
- Question 16: Which of the following help in estimating and totaling up th...
- Question 17: In which of the following attacks does an attacker successfu...
- Question 18: Which of the following is a process that detects a problem, ...
- Question 19: Which of the following plans is documented and organized for...
- Question 20: In ______ method, event logs are arranged in the form of a c...
- Question 21: Which of the following is a management process that provides...
- Question 22: Which OSI layer does a Network Interface Card (NIC) work on?...
- Question 23: Which of the following networks interconnects devices center...
- Question 24: Which of the following features is used to generate spam on ...
- Question 25: Which of the following honeypots is a useful little burglar ...
- Question 26: You work as the network administrator for uCertify Inc. The ...
- Question 27: Phishing-like attempts that present users a fake usage bill ...
- Question 28: Which of the following attacks, the attacker cannot use the ...
- Question 29: Which has the following fields IPv6 header is reduced by 1 f...
- Question 30: Which of the following types of coaxial cable is used for ca...
- Question 31: Which of the following protocols is a method of implementing...
- Question 32: Which of the following layers of TCP/IP model is used to mov...
- Question 33: Which of the following types of coaxial cable is used for ca...
- Question 34: Identify the network topology where each computer acts as a ...
- Question 35: Elden is working as a network administrator at an IT company...
- Question 36: Which of the following tool is used for passive attacks to c...
- Question 37: How is application whitelisting different from application b...
- Question 38: Which of the following topologies is a type of physical netw...
- Question 39: Which of the following policies is a set of rules designed t...
- Question 40: Which of the following types of VPN uses the Internet as its...
- Question 41: If a network is at risk resulting from misconfiguration perf...
- Question 42: Which of the following protocols is used for inter-domain mu...
- Question 43: Sophie has been working as a Windows network administrator a...
- Question 44: FILL BLANK Fill in the blank with the appropriate term. The ...
- Question 45: Frank is a network technician working for a medium-sized law...
- Question 46: Which of the following plans is documented and organized for...
- Question 47: What is the bit size of the Next Header field in the IPv6 he...
- Question 48: Which of the following is a distributed multi-access network...
- Question 49: You are taking over the security of an existing network. You...
- Question 50: Which of the following types of information can be obtained ...
- Question 51: You are monitoring your network traffic with the Wireshark u...
- Question 52: Which of the following statements are true about volatile me...
- Question 53: Which of the following is one of the most commonly used impl...
- Question 54: Which of the following is a service discovery protocol that ...
- Question 55: Which of the following is a distributed application architec...
- Question 56: John works as a C programmer. He develops the following C pr...
- Question 57: Which of the following honeypots provides an attacker access...
- Question 58: Jason works as a System Administrator for www.company.com In...
- Question 59: Harry has successfully completed the vulnerability scanning ...
- Question 60: Which of the following layers of the TCP/IP model maintains ...
- Question 61: Which of the following is a non-profit organization that ove...
- Question 62: John works as a C programmer. He develops the following C pr...
- Question 63: Which of the following layers refers to the higher-level pro...
- Question 64: Daniel is monitoring network traffic with the help of a netw...
- Question 65: Management wants to bring their organization into compliance...
- Question 66: Which of the following processes helps the business units to...
- Question 67: Network security is the specialist area, which consists of t...
- Question 68: Jason works as a System Administrator for www.company.com In...
- Question 69: Which of the following network scanning tools is a TCP/UDP p...
- Question 70: Which of the following steps will NOT make a server fault to...
- Question 71: Nancy is working as a network administrator for a small comp...
- Question 72: Which of the following are the distance-vector routing proto...
- Question 73: Which of the following tools is a free laptop tracker that h...
- Question 74: Each of the following is a network layer protocol used for a...
- Question 75: Which of the following IEEE standards defines a physical bus...
- Question 76: Which type of firewall consists of three interfaces and allo...
- Question 77: Which of the following techniques uses a modem in order to a...
- Question 78: You run the following command on the remote Windows server 2...
- Question 79: Which of the following tools examines a system for a number ...
- Question 80: Fred is a network technician working for Johnson Services, a...
- Question 81: Chris is a senior network administrator. Chris wants to meas...
- Question 82: Henry needs to design a backup strategy for the organization...
- Question 83: Harry has sued the company claiming they made his personal i...
- Question 84: Which of the following steps will NOT make a server fault to...
- Question 85: Which of the following is the full form of SAINT?...
- Question 86: Fill in the blank with the appropriate term. The ___________...
- Question 87: Damian is the chief security officer of Enigma Electronics. ...
- Question 88: CORRECT TEXT Fill in the blank with the appropriate term. A ...
- Question 89: You are a professional Computer Hacking forensic investigato...
- Question 90: Fill in the blank with the appropriate term. The____________...
- Question 91: David is working in a mid-sized IT company. Management asks ...
- Question 92: Which of the following protocols is used in wireless network...
- Question 93: Fill in the blank with the appropriate term. A _____________...
- Question 94: Which of the following is an exterior gateway protocol that ...
- Question 95: Physical access controls help organizations monitor, record,...
- Question 96: Network security is the specialist area, which consists of t...
- Question 97: Which of the following is a maintenance protocol that permit...
- Question 98: John works as a C programmer. He develops the following C pr...
- Question 99: Harry has sued the company claiming they made his personal i...
- Question 100: Identify the Password Attack Technique in which the adversar...
- Question 101: During the recovery process, RTO and RPO should be the main ...
- Question 102: Which of the following is an intrusion detection system that...
- Question 103: Which of the following are the valid steps for securing rout...
- Question 104: Which of the following is an attack on a website that change...
- Question 105: Which of the following tools is an open source protocol anal...
- Question 106: Which of the following is a type of computer security that d...
- Question 107: CORRECT TEXT Fill in the blank with the appropriate term. __...
- Question 108: Which of the following tools is a free portable tracker that...
- Question 109: Which of the following steps are required in an idle scan of...
- Question 110: Which of the following helps in blocking all unauthorized in...
- Question 111: Which of the following UTP cables is NOT suitable for data t...
- Question 112: FILL BLANK Fill in the blank with the appropriate term. ____...
- Question 113: DRAG DROP Drag and drop the Response management plans to mat...
- Question 114: A network designer needs to submit a proposal for a company,...
- Question 115: Which of the following is the main international standards o...
- Question 116: Which of the following protocols is used for exchanging rout...
- Question 117: Which of the following is a network analysis tool that sends...
- Question 118: John works as an Ethical Hacker for www.company.com Inc. He ...
- Question 119: Which of the following is a 16-bit field that identifies the...
- Question 120: Which of the following tools is described below? It is a set...
- Question 121: Which of the following protocols is a more secure version of...
- Question 122: Which of the following is the best way of protecting importa...
- Question 123: Which of the following is a software tool used in passive at...
- Question 124: Which of the following tools examines a system for a number ...
- Question 125: Which of the following attack surface increase when you keep...
- Question 126: Which of the following policies is used to add additional in...
- Question 127: Which of the following is a type of computer security that d...
- Question 128: Which of the following standards is an amendment to the orig...
- Question 129: Which among the following tools can help in identifying IoEs...
