Which term describes the phase of gathering information about a network and the organization, such as IP ranges and employees, prior to attack?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which term describes the phase of gathering information about a network and the organization, such as IP ranges and employees, prior to attack?

Explanation:
Footprinting is the initial information-gathering stage where you map out the target’s network and organization. By collecting IP ranges, domain details, DNS records, employee names or contacts, and other publicly visible infrastructure, you build a picture of the attack surface and potential entry points. This preparation helps you understand what’s exposed and where to focus your efforts in later steps, using a mix of passive sources (WHOIS, DNS lookups, search engines, public social profiles) and occasional active probing to reveal live hosts and services. This differs from social engineering, which manipulates people to reveal information, from the actual system and network attacks that follow as exploits, and from corporate espionage, which is illegal information gathering for competitive advantage.

Footprinting is the initial information-gathering stage where you map out the target’s network and organization. By collecting IP ranges, domain details, DNS records, employee names or contacts, and other publicly visible infrastructure, you build a picture of the attack surface and potential entry points. This preparation helps you understand what’s exposed and where to focus your efforts in later steps, using a mix of passive sources (WHOIS, DNS lookups, search engines, public social profiles) and occasional active probing to reveal live hosts and services. This differs from social engineering, which manipulates people to reveal information, from the actual system and network attacks that follow as exploits, and from corporate espionage, which is illegal information gathering for competitive advantage.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy