New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GPEN Exam - Topic 8 Question 34 Discussion

Actual exam question for GIAC's GPEN exam
Question #: 34
Topic #: 8
[All GPEN Questions]

Which of the following tasks is NOT performed into the enumeration phase?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Norah at Aug 29, 2023, 07:03 PM

Limited Time Offer

25%

Off

Get Premium GPEN Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Cary
3 months ago
I thought NULL sessions were outdated, but I guess not!
upvoted 0 times
...
Kirk
3 months ago
A and D are legit enumeration tasks.
upvoted 0 times
...
Elenor
4 months ago
Wait, injecting a backdoor? That sounds sketchy!
upvoted 0 times
...
Barney
4 months ago
Totally agree, C is more of an attack phase.
upvoted 0 times
...
Margurite
4 months ago
C is definitely not part of enumeration.
upvoted 0 times
...
Teddy
4 months ago
I think I read that enumeration is about gathering data, so C seems like the odd one out. But I’m not completely confident in that.
upvoted 0 times
...
Noah
4 months ago
I feel like I might be mixing up the phases. I know discovering NetBIOS names and querying are definitely enumeration, but I can't recall if NULL sessions are also part of that.
upvoted 0 times
...
Doug
5 months ago
I practiced a similar question where we had to identify tasks in different phases of penetration testing. I think injecting a backdoor is more of an exploitation phase task, not enumeration.
upvoted 0 times
...
Rose
5 months ago
I remember that enumeration is all about gathering information, so I think options A, B, and D fit that phase. But I'm not sure about C.
upvoted 0 times
...
Elfrieda
5 months ago
Wait, I'm a little confused. Isn't establishing NULL sessions and queries part of the enumeration process? I'm not sure if that's the right answer or not. I'll have to double-check my notes on the different phases of the attack lifecycle.
upvoted 0 times
...
Pamella
5 months ago
Okay, I've got this. The enumeration phase is all about information gathering, so anything involving actually compromising the system, like injecting a backdoor, would be outside of that. I'm confident C is the correct answer.
upvoted 0 times
...
Aleisha
5 months ago
Hmm, I'm a bit unsure about this one. I know the enumeration phase is about reconnaissance, but I'm not totally clear on where the line is drawn between that and gaining access. Let me think this through carefully.
upvoted 0 times
...
Matthew
5 months ago
This one seems pretty straightforward. The enumeration phase is all about gathering information, so injecting a backdoor wouldn't be part of that.
upvoted 0 times
...
Justine
5 months ago
Okay, I've got a strategy here. Since the requirement is to return data in different formats and enforce security protocols, I think the best approach is to handle that at the second tier where the business logic is implemented. That way, the first tier can focus on the systems of engagement, and the third tier can focus on the systems of record.
upvoted 0 times
...
Marleen
5 months ago
Okay, I think I've got this. The key is to reduce the resource's access privileges to the minimum required for the developer role, which means going from Read Only to No Access. Option A looks like the right answer.
upvoted 0 times
...

Save Cancel