Which of the following are the scanning methods used in penetration testing? Each correct answer
represents a complete solution. Choose all that apply.
A.
Vulnerability
B.
Port
C.
Services
D.
Network
Explanation:
The vulnerability, port, and network scanning tools are used in penetration testing.
Vulnerability scanning is a process in which a Penetration Tester uses various tools to assess
computers, computer systems, networks or applications for weaknesses. There are a number of
types of vulnerability scanners available today, distinguished from one another by a focus on
particular targets. While functionality varies between different types of vulnerability scanners, they
share a common, core purpose of enumerating the vulnerabilities present in one or more targets.
Vulnerability scanners are a core technology component of Vulnerability management. Port
scanning is the first basic step to get the details of open ports on the target system. Port scanning
is used to find a hackable server with a hole or vulnerability. A port is a medium of communication
between two computers. Every service on a host is identified by a unique 16-bit number called a
port. A port scanner is a piece of software designed to search a network host for open ports. This
is often used by administrators to check the security of their networks and by hackers to identify
running services on a host with the view to compromising it. Port scanning is used to find the open
ports, so that it is possible to search exploits related to that service and application. Network
scanning is a penetration testing activity in which a penetration tester or an attacker identifies
active hosts on a network, either to attack them or to perform security assessment. A penetration
tester uses various tools to identify all the live or responding hosts on the network and their
scanning.