Certified Ethical Hacker (CEH v12) — Question 312

In order to tailor your tests during a web-application scan. you decide to determine which web-server version is hosting the application. On using the sV flag with Nmap, you obtain the following response: 80/tcp open http-proxy Apache Server 7.1.6.

What information-gathering technique does this best describe?

Answer options

• A. WHOIS lookup
• B. Banner grabbing
• C. Brute forcing
• D. Dictionary attack

Correct answer: B

Explanation

The correct answer is B, as banner grabbing involves collecting information about a service running on a network port, such as the web server version. The other options do not pertain to gathering information about service versions; WHOIS is for domain registration info, brute forcing is for cracking passwords, and dictionary attacks are a method to break passwords using a predefined list.