CertNexus Certified Cyber Secure Coder (CSC) — Question 58

During which of the following attack phases might a request sent to port 1433 over a whole company network be seen within a log?

Answer options

• A. Reconnaissance
• B. Scanning
• C. Gaining access
• D. Persistence

Correct answer: B

Explanation

The correct answer is B, Scanning, as this phase involves actively probing the network for open ports and services, which would lead to noticeable log entries. Options A (Reconnaissance) and C (Gaining access) are more about information gathering and exploiting vulnerabilities, while D (Persistence) focuses on maintaining access rather than scanning for open ports.