New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GSNA Exam - Topic 1 Question 67 Discussion

Actual exam question for GIAC's GSNA exam
Question #: 67
Topic #: 1
[All GSNA Questions]

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He begins to perform a pre-attack test before conducting an attack on the We-are-secure server. Which of the following will John perform in the pre-attack phase?

Each correct answer represents a complete solution. Choose all that apply.

Show Suggested Answer Hide Answer
Suggested Answer: A, B, D, E

In the pre-attack phase, there are seven steps, which have been defined by the EC-Council, as follows:

1.Information gathering

2.Determining network range

3.Identifying active machines

4.Finding open ports and applications

5.OS fingerprinting

6.Fingerprinting services

7.Mapping the network

Answer C is incorrect. In the enumeration phase, the attacker gathers information such as the network

user and group names, routing

tables, and Simple Network Management Protocol (SNMP) data. The techniques used in this phase are as follows:

1.Obtaining Active Directory information and identifying vulnerable user accounts

2.Discovering NetBIOS names

3.Employing Windows DNS queries

4.Establishing NULL sessions and queries


by Tamesha at Mar 05, 2025, 09:18 AM

Limited Time Offer

25%

Off

Get Premium GSNA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Brianne
3 months ago
Wait, is information gathering really that important?
upvoted 0 times
...
Coleen
3 months ago
Finding open ports is a must!
upvoted 0 times
...
Reita
3 months ago
Enumeration is part of the process, right?
upvoted 0 times
...
Pamella
4 months ago
I think identifying active machines is crucial too.
upvoted 0 times
...
Raul
4 months ago
Definitely need to determine network range first!
upvoted 0 times
...
Shaniqua
4 months ago
Information gathering seems like a must-have step in pre-attack testing. I remember it being emphasized in our study materials.
upvoted 0 times
...
Leonor
4 months ago
I practiced a similar question, and I feel like identifying active machines is crucial before launching any attack.
upvoted 0 times
...
Xochitl
4 months ago
I'm not entirely sure about enumeration. I remember it being important, but I can't recall if it fits in the pre-attack phase or not.
upvoted 0 times
...
Zona
5 months ago
I think determining the network range is definitely part of the pre-attack phase. It helps to know what you're working with.
upvoted 0 times
...
Elliott
5 months ago
This question is testing our understanding of the ethical hacking process. I'll need to make sure I don't mix up the different phases and select the right pre-attack activities.
upvoted 0 times
...
Deangelo
5 months ago
I remember learning about these phases in my security course. Enumeration and information gathering are key parts of the reconnaissance stage before any actual hacking takes place. I've got this!
upvoted 0 times
...
Corinne
5 months ago
Okay, let's see here. Determining network range, identifying active machines, finding open ports and apps - those all seem like logical steps in the pre-attack phase. I'll select those.
upvoted 0 times
...
Luisa
5 months ago
Hmm, I'm a bit unsure about the differences between some of these options like enumeration and information gathering. I'll need to think this through carefully.
upvoted 0 times
...
Ezekiel
5 months ago
This looks like a pretty straightforward question on the pre-attack phase of ethical hacking. I'm confident I can handle this one.
upvoted 0 times
...
Javier
11 months ago
Finding open ports and applications? Might as well roll out the welcome mat for John!
upvoted 0 times
Pete
10 months ago
User 1
upvoted 0 times
...
Leonard
10 months ago
User 2
upvoted 0 times
...
Lynna
10 months ago
User 1
upvoted 0 times
...
...
Martin
11 months ago
Enumeration, huh? Sounds like John's gonna be a regular Sherlock Holmes on this one.
upvoted 0 times
...
Theola
11 months ago
Information gathering is key - can't just go in blind, gotta know what you're up against.
upvoted 0 times
Joaquin
10 months ago
Agreed, finding open ports and applications is also important.
upvoted 0 times
...
Asha
10 months ago
Yes, knowing the network range and active machines is essential.
upvoted 0 times
...
Mirta
10 months ago
Absolutely, information gathering is crucial before any attack.
upvoted 0 times
...
Rozella
10 months ago
E) Information gathering
upvoted 0 times
...
Erick
10 months ago
D) Finding open ports and applications
upvoted 0 times
...
Kina
10 months ago
C) Enumeration
upvoted 0 times
...
Melina
10 months ago
B) Identifying active machines
upvoted 0 times
...
Iraida
10 months ago
A) Determining network range
upvoted 0 times
...
...
Maybelle
11 months ago
Definitely need to do some recon before the actual attack. Gotta identify those active machines and open ports first!
upvoted 0 times
Dona
11 months ago
User3: Don't forget about finding open ports and applications during the pre-attack phase.
upvoted 0 times
...
Gracia
11 months ago
User2: Yes, and he also needs to identify the active machines on the server.
upvoted 0 times
...
Iluminada
11 months ago
User1: John should definitely start by determining the network range.
upvoted 0 times
...
...
Nobuko
11 months ago
Identifying active machines and finding open ports and applications are also important in the pre-attack phase.
upvoted 0 times
...
Aliza
12 months ago
I think John will also determine the network range.
upvoted 0 times
...
Haydee
12 months ago
John will perform information gathering in the pre-attack phase.
upvoted 0 times
...

Save Cancel