Limited Time Discount Offer 30% Off - Ends in 02:00:00

×

312-50v9 question 42 discussion

Purchase Individually

  • Premium File

    614 Questions & Answers
    Last Update: Dec 13, 2019

    $21.41
    $14.99
  • Training Course

    182 Lectures

    $14.27
    $9.99
  • Study Guide

    545 Pages

    $14.27
    $9.99

Download Free ECCouncil 312-50 Exam Questions

Which of the following tools can be used for passiveOS fingerprinting?

  • A nmap -sS -PT -PI -O -T1 <ip address>
  • B nmap -sO -PT -O -C5 <ip address>
  • C nmap -sF -PT -PI -O <ip address>
  • D nmap -sF -P0 -O <ip address>
  • Nov 15, 2017, 05:52 AM

the correct answer is A. tcpdump

  • Nov 15, 2017, 05:51 AM

tcpdump is the correct answer

  • Oct 26, 2017, 02:28 AM

is 3D Traceroute, i don´t know if the aswer Tracert means 3D Traceroute

  • Sep 7, 2017, 02:18 AM

D

  • Aug 29, 2017, 01:46 PM

TCPdump would be the only tool that is passive..but you would need a pcap of traffic to do it. They other 3 would be all active.

  • Jun 16, 2017, 06:45 AM

It couldn't be C. Nmap sends data to the remote host then analyze the respnoses. There is no way that sending data to the targeted machine a passive way of fingerprinting. Nmap.org acttually states that passive fingerpriting as one of the footprinting methods avoided by Nmap as it's a fundamentally active tool. Tcpdump or Tshark should work if your are able to sniff the traffic on the network which the targeted hosts reside in. OS Detection directly off Nmap.org : "One of Nmap's best-known features is remote OS detection using TCP/IP stack fingerprinting. Nmap sends a series of TCP and UDP packets to the remote host and examines practically every bit in the responses. After performing dozens of tests such as TCP ISN sampling, TCP options support and ordering, IP ID sampling, and the initial window size check, Nmap compares the results to its nmap-os-db database of more than 2,600 known OS fingerprints and prints out the OS details if there is a match. Each fingerprint includes a freeform textual description of the OS, and a classification which provides the vendor name (e.g. Sun), underlying OS (e.g. Solaris), OS generation (e.g. 10), and device type (general purpose, router, switch, game console, etc). Most fingerprints also have a Common Platform Enumeration (CPE) representation, like cpe:/o:linux:linux_kernel:2.6."

  • May 27, 2017, 05:14 PM

I agree. Se: http://www.netresec.com/?page=Blog&month=2011-11&post=Passive-OS-Fingerprinting

  • May 10, 2017, 01:54 PM

correct is tcpdump

  • May 7, 2017, 09:26 AM

tracert instead?

  • Apr 27, 2017, 10:34 AM

I agree with you

  • Apr 25, 2017, 03:30 PM

pg 146 CEHv9 study guide Sean-Philip Oriyano - states Active OS fingerprinting is done using nmap -O. The only passive option here is tcpdump all others are active.

Purchase Individually

  • Premium File

    614 Questions & Answers
    Last Update: Dec 13, 2019

    $21.41
    $14.99
  • Training Course

    182 Lectures

    $14.27
    $9.99
  • Study Guide

    545 Pages

    $14.27
    $9.99

ECCouncil 312-50 Training Course

Try Our Special 30% Discount Offer for
Premium 312-50 VCE File

  • Verified by experts

312-50 Premium File

  • Real Questions
  • Last Update: Dec 13, 2019
  • 100% Accurate Answers
  • Fast Exam Update

$14.99

$21.41

WINTER SALE: 30% DISCOUNT
This is ONE TIME OFFER

You save
30%

Enter Your Email Address to Receive Your 30% Discount Code

WINTER SALE: 30% DISCOUNT

You save
30%

Use Discount Code:

A confirmation link was sent to your e-mail.

Please check your mailbox for a message from support@exam-labs.com and follow the directions.

Download Free Demo of VCE Exam Simulator

Experience Avanset VCE Exam Simulator for yourself.

Simply submit your e-mail address below to get started with our interactive software demo of your free trial.

  • Realistic exam simulation and exam editor with preview functions
  • Whole exam in a single file with several different question types
  • Customizable exam-taking mode & detailed score reports