CompTIA PenTest+ Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the CompTIA PenTest+ Exam. Enhance your skills with practice questions and detailed explanations. Ace your test and advance your cybersecurity career!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which technique is used during reconnaissance to gather information about network hosts and services running on open ports?

Banner grabbing
Port scanning
Vulnerability scanning
DNS enumeration

The correct answer is: Banner grabbing

The technique that is specifically used during reconnaissance to gather information about network hosts and the services running on open ports is banner grabbing. This process involves connecting to a service on an open port and collecting the information that the service returns, which can include software versions, operating system details, and configuration settings. By analyzing this information, an attacker can identify potential vulnerabilities associated with those services. While port scanning is used to discover open ports on a target system, it does not provide detailed information about the services themselves. It focuses on the presence of ports and whether they are open, closed, or filtered. Vulnerability scanning, on the other hand, is aimed at identifying known vulnerabilities within the services running on hosts but typically follows the reconnaissance phase. DNS enumeration is focused on collecting information from the Domain Name System, such as discovering subdomains or determining mail servers, and does not directly relate to services running on open ports. Therefore, banner grabbing is the technique that best fits the context of gathering detailed information about hosts and services during the reconnaissance phase.