A black hat hacker is enumerating a network and wants to remain covert during the process.
The hacker initiates a vulnerability scan.
Given the task at hand the requirement of being covert, which of the following statements BEST indicates that the vulnerability scan meets these requirements?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
Of the options provided, the vulnerability scanner performing a local file integrity check (option B) would be the most covert as it does not generate any network traffic that could be detected.
Authenticated scans (option A) require the use of valid credentials to obtain information about the systems and can generate logs that can be detected. Network sniffer mode (option C) captures and analyzes network traffic, which could be detected by network monitoring tools. Banner grabbing (option D) involves gathering information about a service running on a particular port, which can generate logs and alerts.
Local file integrity checks, on the other hand, involve scanning a specific system for changes in the file system or registry that could indicate the presence of malware or other security issues. This process is typically performed locally and does not generate any network traffic, making it less likely to be detected.
Overall, the best option for a black hat hacker who wants to remain covert during the enumeration process would be to perform a local file integrity check.