CompTIA CySA+ (CS0-003) — Question 141

An attacker has just gained access to the syslog server on a LAN. Reviewing the syslog entries has allowed the attacker to prioritize possible next targets. Which of the following is this an example of?

Answer options

• A. Passive network footprinting
• B. OS fingerprinting
• C. Service port identification
• D. Application versioning

Correct answer: A

Explanation

The correct answer is A, Passive network footprinting, as the attacker collects information without actively probing the network, using syslog entries to identify potential targets. The other options involve more direct methods of gathering information or identifying specific characteristics of systems or services, which do not apply in this scenario.