Computer Hacking Forensic Investigator (CHFI v10) — Question 476
You work as an IT security auditor hired by a law firm in Boston to test whether you can gain access to sensitive information about the company clients. You have rummaged through their trash and found very little information. You do not want to set off any alarms on their network, so you plan on performing passive foot printing against their Web servers. What tool should you use?
Answer options
- A. Ping sweep
- B. Nmap
- C. Netcraft
- D. Dig
Correct answer: C
Explanation
The correct answer is C, Netcraft, as it specializes in providing information about web servers and their technologies without actively probing the network. Options A (Ping sweep) and B (Nmap) are active scanning tools that could alert the network, while D (Dig) is primarily used for DNS queries and not for passive foot printing.