Question

A security administrator is conducting a penetration test on a network. She connects a notebook system to a mirror port on a network switch. She then uses a packet sniffer to monitor network traffic to try and determine which operating systems are running on network hosts.

Which process did the administrator use in the penetration test in this scenario?
a- Active fingerprinting
b- Firewalking
c- Passive fingerprinting
d- Network enumeration

Answer 1

The administrator used passive fingerprinting in this penetration test scenario by connecting a notebook system to a mirror port on a network switch and using a packet sniffer to monitor network traffic.

Step-by-step explanation:

The process the administrator used in this penetration test scenario is passive fingerprinting.

Passive fingerprinting involves monitoring network traffic without actively engaging with the network hosts. By connecting a notebook system to a mirror port on a network switch and using a packet sniffer, the administrator can passively observe the network traffic and analyze the packets to determine which operating systems are running on the network hosts.