In reconnaissance, which activity is considered passive, mapping information without actively probing systems?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Prepare for the Security Operations Exam with targeted practice questions. Enhance your understanding with detailed explanations and tips to successfully pass your exam!

Multiple Choice

In reconnaissance, which activity is considered passive, mapping information without actively probing systems?

Explanation:
Passive reconnaissance focuses on gathering information without directly interacting with the target’s systems. Footprinting fits this approach because it relies on public sources to map out the target: domain records, IP ranges, DNS history, public websites, social media, organizational structure, employee directories, and other publicly visible assets. Since nothing is actively probed or sent to the target, this step builds a broad picture of the attack surface without arousing direct attention. In contrast, fingerprinting and scanning are typically about eliciting responses from systems to learn specifics like operating systems, services, and versions, which requires probing. Active recon explicitly involves interacting with the target’s network to discover live hosts and open ports. So footprinting is the best example of a passive, information-gathering activity.

Passive reconnaissance focuses on gathering information without directly interacting with the target’s systems. Footprinting fits this approach because it relies on public sources to map out the target: domain records, IP ranges, DNS history, public websites, social media, organizational structure, employee directories, and other publicly visible assets. Since nothing is actively probed or sent to the target, this step builds a broad picture of the attack surface without arousing direct attention.

In contrast, fingerprinting and scanning are typically about eliciting responses from systems to learn specifics like operating systems, services, and versions, which requires probing. Active recon explicitly involves interacting with the target’s network to discover live hosts and open ports. So footprinting is the best example of a passive, information-gathering activity.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy