An ethical hacker is in the reconnaissance stage and must collect as much detail as possible while guaranteeing zero packets reach the client's network to avoid IDS detection. Which of the following methods satisfies this requirement?
Review the target's domain registration details using a public WHOIS lookup service.
Establish anonymous SMB sessions from a cloud VPS to enumerate open network shares.
Run an Nmap UDP scan (-sU) against the organization's external IP range from an off-site host.
Send crafted AXFR requests to the company's authoritative DNS server to obtain its zone file.
Querying the public WHOIS database is considered passive footprinting because the request is sent only to the registrar's servers, not to any host owned by the target organization. No traffic ever touches the client's infrastructure, so intrusion-detection systems or firewalls at the target cannot see or log the activity. All the other actions-an Nmap UDP scan, SMB null-session enumeration, and requesting a DNS zone-transfer from the authoritative name server-generate direct traffic to the victim network and therefore constitute active reconnaissance, increasing the risk of detection.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is passive reconnaissance in ethical hacking?
Open an interactive chat with Bash
What is the WHOIS database and how can ethical hackers use it?
Open an interactive chat with Bash
Why are actions like Nmap UDP scans considered active reconnaissance?
Open an interactive chat with Bash
What is WHOIS and how does it help in reconnaissance?
Open an interactive chat with Bash
What is the difference between passive and active reconnaissance?
Open an interactive chat with Bash
Why is an Nmap UDP scan considered active reconnaissance?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Reconnaissance Techniques
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .