You wish to determine the operating system and type of web server being used. At the same time you wish to arouse no suspicion within the target organization. While some of the methods listed below work, which holds the least risk of detection?
A.
Make some phone calls and attempt to retrieve the information using social engineering.
B.
Use nmap in paranoid mode and scan the web server.
C.
Telnet to the web server and issue commands to illicit a response.
D.
Use the netcraft web site look for the target organization’s web site.
I agree with the answer.