Which of the following methods is best suited for identifying network devices and services without generating traffic that could be detected by an attacker?
Deploying an agent on all network devices to report activities
Conducting a port scan with a tool like Nmap
Using a vulnerability scanner such as Nessus or OpenVAS
Examining network traffic using a network tap or span port
Passive discovery involves observing network traffic without actively probing the devices on the network. It is less likely to be detected by an attacker because it does not generate additional traffic. This method is particularly useful for identifying services and devices in a stealthy manner.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a network tap or span port?
Open an interactive chat with Bash
Why is passive discovery less detectable than active methods?
Open an interactive chat with Bash
How does passive discovery differ from vulnerability scanning?