Examice

Exam 312-50v12 All QuestionsBrowse all questions from this exam

Question 206

An ethical hacker is performing a network scan to evaluate the security of a company's IT infrastructure. During the scan, he discovers an active host with multiple open ports running various services. The hacker uses TCP communication flags to establish a connection with the host and starts communicating with it. He sends a SYN packet to a port on the host and receives a SYN/ACK packet back. He then sends an ACK packet for the received SYN/ACK packet, which triggers an open connection. Which of the following actions should the ethical hacker perform next?

Send a PSH packet to inform the receiving application about the buffered data.

Conduct a vulnerability scan on the open port to identify any potential weaknesses.

Scan another port on the same host using the SYN, ACK, and RST flags.

Send a FIN or RST packet to close the connection.

Correct Answer: B

After establishing a connection with the host by completing the TCP three-way handshake, the next logical step for an ethical hacker is to conduct a vulnerability scan on the open port to identify any potential weaknesses. This action is essential for evaluating the security of the system and identifying areas that could be exploited by malicious actors. Closing the connection prematurely would not provide the information needed to assess the vulnerabilities of the open ports.

Discussion

qwerty100Option: B

B. Conduct a vulnerability scan on the open port to identify any potential weaknesses.

qtygbapjpesdayazko

This is the way. He start the con on the port, way do a reset? so scan the port for vulns.

qwerty100Option: B

B. Conduct a vulnerability scan on the open port to identify any potential weaknesses.

MustafaDDDOption: B

I am just thinking, the question says, "An ethical hacker is performing a network scan to evaluate the security of a company's IT infrastructure", why would the hacker close the session?

insaniuntOption: D

D, I think The ethical hacker must send a FIN or RST packet to terminate the connection

GK2205Option: D

Another one that is tricky because of nuance: The Ethical Hacker is performing a network scan and not necessarily a vulnerability scan. Network scans do not travers into vulnerability scans although if required we would do so. The context of the question is key here IMHO. One thing is very clear throughout the program, as a CEH your job is to do no harm and not to compromise. i.e. When you gain access to a sensitive database you are to report on it, not enter and potentially exploit it. Similarly here, your scope is a network scan, not a vulnerability scan. So RST and move on.

Truth_SeekerOption: D

I think the correct answer is D it is a common practice across various network scanning tools to ensure that connections are properly managed and closed. Therefore, the conclusion about closing connections with a FIN or RST packet after a scan is applicable to most network scanners, not just Nmap

xbsumz

Could someone help me confirm the validity of this ethical hacking technique