Q: 8
[Introduction to Incident Handling and Response]
Darwin is an attacker residing within the organization and is performing network
sniffing by running his system in promiscuous mode. He is capturing and viewing all
the network packets transmitted within the organization. Edwin is an incident handler
in the same organization.
In the above situation, which of the following Nmap commands Edwin must use to
detect Darwin’s system that is running in promiscuous mode?
Options
Discussion
For me, C since the sniffer-detect script is specifically designed to find NICs in promiscuous mode. But do we know if Edwin has credentials or special network access? If the tool needs elevated privileges on target machines, the answer could shift.
Be respectful. No spam.
