CompTIA CySA+ (CS0-002) — Question 100

A penetration tester physically enters a datacenter and attaches a small device to a switch. As part of the tester's effort to evaluate which nodes are present on the network; the tester places the network agape in promiscuous mode and logs traffic for later analysis. Which of the following is the tester performing?

Answer options

• A. Credential scanning
• B. Passive scanning
• C. Protocol analysis
• D. SCAP scanning
• E. Network segmentation

Correct answer: B

Explanation

The tester is performing passive scanning, which involves monitoring network traffic without actively sending packets. Credential scanning, protocol analysis, SCAP scanning, and network segmentation are not applicable here since they involve different methods of network assessment or security management.