Jason, a certi ed ethical hacker, is hired by a major e-commerce company to evaluate their network's security. As part of his reconnaissance, Jason is trying to gain as much information as possible about the company's public-facing servers without arousing suspicion. His goal is to find potential points of entry and map out the network infrastructure for further examination. Which technique should Jason employ to gather this information without alerting the company's intrusion detection systems (IDS)?

A. Jason should directly connect to each server and attempt to exploit known vulnerabilities.

B. Jason should use passive reconnaissance techniques such as WHOIS lookups, NS lookups, and web research.

C. Jason should use a DNS zone transfer to gather information about the company's servers.

D. Jason should perform a ping sweep to identify all the live hosts in the company's IP range.










Correct Answer: B

This question is in 312-50v12 exam
For getting CEH Certificate