Which of the following actions can an attacker perform when network services are enabled on a
target system?
A.
An attacker can run a port scan against the target system.
B.
An attacker can enable logging on the target system.
C.
An attacker can install arootkit on the target system.
D.
An attacker can check the services file.
Explanation:
A TCP/IP network makes many of the ports available to outside users through the router. These
ports will respond in a predictable manner when queried. An attacker can systematically query a
network to determine which services and ports are open. This process is called port scanning, and
it can reveal a great deal about your network. Port scans can be performed both internally and
externally. Many routers, unless configured appropriately, will let all of the protocols pass through
them.
Reference:
Mike Pastore and Emmett Dulaney , Security+ Study Guide , 2nd Edition, Alameda , Sybex , 2004,
p 69