Exam PCCET topic 1 question 79 discussion

B. Port scanning Port scanning is a method used to exploit vulnerabilities, services, and applications. It involves scanning a target system or network to identify open ports, services, and potential vulnerabilities. Attackers use port scanning as a reconnaissance technique to discover entry points into a system that can be exploited. Once open ports and services are identified, attackers can attempt to exploit known vulnerabilities or weaknesses in the services or applications running on those ports. This makes port scanning an essential step in the process of identifying and potentially exploiting security weaknesses in a target system.

Attack communication traffic is usually hidden with various techniques and tools, including: ● Encryption with SSL, SSH (Secure Shell), or some other custom or proprietary encryption ● Circumvention via proxies, remote access tools, or tunneling. In some instances, use of cellular networks enables complete circumvention of the target network for attack C2 traffic. ● Port evasion using network anonymizers or port hopping to traverse over any available open ports ● Fast Flux (or Dynamic DNS) to proxy through multiple infected endpoints or multiple, ever-changing C2 servers to reroute traffic and make determination of the true destination or attack source difficult ● DNS tunneling is used for C2 communications and data infiltration (for examp