Which of the following methods is best suited for identifying network devices and services without generating traffic that could be detected by an attacker?
Examining network traffic using a network tap or span port
Using a vulnerability scanner such as Nessus or OpenVAS
Deploying an agent on all network devices to report activities
Passive discovery involves observing network traffic without actively probing the devices on the network. It is less likely to be detected by an attacker because it does not generate additional traffic. This method is particularly useful for identifying services and devices in a stealthy manner.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a network tap or span port?
Open an interactive chat with Bash
Why is passive discovery less detectable than active methods?
Open an interactive chat with Bash
How does passive discovery differ from vulnerability scanning?