SEC+ 601 Practice 1-5

A hacker is able to install a keylogger on a user's computer. What is the hacker attempting to do in this situation? A. Key management B. Encryption C. Obfuscation D. Steal confidential information

D. Steal confidential information

Which statement best illustrates the importance of a strong true random number generator (TRNG) or pseudo-random number generator (PRNG) in a cryptographic implementation? A. A weak number generator leads to many published keys sharing a common factor. B. A weak number generator creates numbers that are never reused. C. A strong number generator creates numbers that are never reused. D. A strong number generator adds salt to encryption values.

A. A weak number generator leads to many published keys sharing a common factor.

Which of the following utilizes both symmetric and asymmetric encryption? A. Digital envelope B. Digital certificate C. Digital evidence D. Digital signature

A. Digital envelope

A network administrator uses two different automated vulnerability scanners. They regularly update with the latest vulnerability feeds. If the system regularly performs active scans, what type of error is the system most likely to make? A. False positive B. False negative C. Validation error D. Configuration error

A. False positive

Which of the following could represent an insider threat? (Select all the apply.) A. Former employee B. Contractor C. Customer D. White box hacker

A. Former employee B. Contractor

During a penetration test, an adversary operator sends an encrypted message embedded in an attached image. Analyze the scenario to determine what security principles the operator is relying on to hide the message. (Select all that apply.) A. Security by obscurity B. Integrity C. Prepending D. Confidentiality

A. Security by obscurity D. Confidentiality

A Department of Defense (DoD) security team identifies a data breach in progress, based on some anomalous log entries, and take steps to remedy the breach and harden their systems. When they resolve the breach, they want to publish the cyber threat intelligence (CTI) securely, using standardized language for other government agencies to use. The team will transmit threat data feed via which protocol? A. Structured Threat Information eXpression (STIX) B. Automated Indicator Sharing (AIS) C. Trusted Automated eXchange of Indicator Information (TAXII) D. A code repository protocol

C. Trusted Automated eXchange of Indicator Information (TAXII)

Which of the following statements best describes the trade-off when considering which type of encryption cipher to use? A. Asymmetric encryption is the strongest hashing algorithm, which produces longer and more secure digests than symmetric encryption. B. Asymmetric encryption requires substantially more overhead computing power than symmetric encryption. Asymmetric encryption is inefficient when transferring or encrypting large amounts of data. C. Symmetric encryption requires substantially more overhead computing power than asymmetric encryption. Symmetric encryption is inefficient when transferring or encrypting large amounts of data. D. Symmetric encryption is not considered as safe as asymmetric encryption, but it might be required for compatibility between security products.

B. Asymmetric encryption requires substantially more overhead computing power than symmetric encryption. Asymmetric encryption is inefficient when transferring or encrypting large amounts of data.

Which statement most accurately describes the mechanisms by which blockchain ensures information integrity and availability? A. Blockchain ensures availability by cryptographically linking blocks of information, and integrity through decentralization. B. Blockchain ensures availability through decentralization, and integrity through cryptographic hashing and timestamping. C. Blockchain ensures availability through cryptographic hashing and timestamping, and integrity through decentralization. D. Blockchain ensures both availability and integrity through decentralization and peer-to-peer (P2P) networking.

B. Blockchain ensures availability through decentralization, and integrity through cryptographic hashing and timestamping.

Compare and contrast the modes of operation for block ciphers. Which of the following statements is true? A. ECB and CBC modes allow block ciphers to behave like stream ciphers. B. CTR and GCM modes allow block ciphers to behave like stream ciphers. C. ECB and GCM modes allow block ciphers to behave like stream ciphers. D. CBC and CTR modes allow block ciphers to behave like stream ciphers.

B. CTR and GCM modes allow block ciphers to behave like stream ciphers.

The _____ requires federal agencies to develop security policies for computer systems that process confidential information. A. Sarbanes-Oxley Act (SOX) B. Computer Security Act C. Federal information Security Management Act (FISMA) D. Gramm-Leach-Bliley Act (GLBA)

B. Computer Security Act

A system administrator has just entered their credentials to enter a secure server room. As the administrator is entering the door, someone is walking up to the door with their hands full of equipment and appears to be struggling to move items around while searching for their credentials. The system administrator quickly begins to assist by getting items out of the person's hands, and they walk into the room together. This person is not an employee, but someone attempting to gain unauthorized access to the server room. What type of social engineering has occurred? A. Familiarity/liking B. Consensus/social proof C. Authority and intimidation D. Identity fraud

B. Consensus/social proof

In which of these situations might a non-credentialed vulnerability scan be more advantageous than a credentialed scan? (Select all that apply.) A. When active scanning poses no risk to system stability B. External assessments of a network perimeter C. Detection of security setting misconfiguration D. Web application scanning

B. External assessments of a network perimeter D. Web application scanning

A system administrator must scan the company's network to identify which ports are open and which software and software versions are running on each. Determine the syntax that should be used to yield the desired information if the administrator will be executing this task from a Linux command line. A. Netstat -a B. Nmap -A 10.1.0.0/24 C. Nmap -O 10.1.0.0/24 D. Netstat -r

B. Nmap -A 10.1.0.0/24

Following a data breach at a large retail company, their public relations team issues a statement emphasizing the company's commitment to consumer privacy. Identify the true statements concerning this event. (Select all that apply.) A. The data breach must be an intentional act of corporate sabotage. B. The privacy breach may allow the threat actor to sell the data to other malicious actors. C. Data exfiltration by a malicious actor may have caused the data breach. D. The data breach event may compromise data integrity, but not information availability.

B. The privacy breach may allow the threat actor to sell the data to other malicious actors. C. Data exfiltration by a malicious actor may have caused the data breach.

A security technician needs to transfer a large file to another user in a data center. Which statement best illustrates what type of encryption the technician should use to perform the task? A. The technician should use symmetric encryption for authentication and data transfer. B. The technician should use asymmetric encryption to verify the data center user's identity and agree on a symmetric encryption algorithm for the data transfer. C. The technician should use asymmetric encryption for authentication and data transfer. D. The technician should use symmetric encryption to verify the data center user's identity and agree on an asymmetric encryption algorithm for the data transfer.

B. The technician should use asymmetric encryption to verify the data center user's identity and agree on a symmetric encryption algorithm for the data transfer.

Compare and contrast vulnerability scanning and penetration testing. Select the true statement from the following options. A. Vulnerability scanning is conducted by a "white hat" and penetration testing is carried out by a "black hat." B. Vulnerability scanning by eavesdropping is passive, while penetration testing with credentials is active. C. Penetration testing and vulnerability scanning are considered "ethical hacking" practices. D. Vulnerability scanning is part of network reconnaissance, but penetration testing is not.

B. Vulnerability scanning by eavesdropping is passive, while penetration testing with credentials is active.

A tech concludes that a user's PC is infected with a virus that appears to be a memory resident and loads anytime the operating system is restarted. Examine the options and determine which describes the infection type. A. Uses a local scripting engine. B. Written to the partition table of a fixed disk. C. Replicates over network resources. D. Monitors local application activity.

B. Written to the partition table of a fixed disk.

A security team is in the process of selecting a cryptographic suite for their company. Analyze cryptographic implementations and determine which of the following performance factors is most critical to this selection process if users primarily access systems on mobile devices. A. Speed B. Latency C. Computational overhead D. Cost

C. Computational overhead

After a poorly handled security breach, a company updates its security policy to include an improved incident response plan. Which of the following security controls does this update address? A. Compensating B. Deterrent C. Corrective D. Detective

C. Corrective

Which statement describes the mechanism by which encryption algorithms help protect against birthday attacks? A. Encryption algorithms utilize key stretching. B. Encryption algorithms use secure authentication of public keys. C. Encryption algorithms demonstrate collision avoidance. D. Encryption algorithms add salt when computing password hashes.

C. Encryption algorithms demonstrate collision avoidance.

Which statement best explains the differences between black box, white box, and gray box attack profiles used in penetration testing? A. A black box pen tester acts as a privileged insider and must perform no reconnaissance. A white box pen tester has no access, and reconnaissance is necessary. A gray box actor is a third-party actor who mediates between a black box and white box pen tester. B. A black box pen tester acts as the adversary in the test, while the white box pen tester acts in a defensive role. A gray box pen tester is a third-party actor who mediates between a black box pen tester and a white box pen tester. C. In a black box pen test, the contractor receives no privileged information, so they must perform reconnaissance. In contrast, a white box pen tester has complete access and skips reconnaissance. A gray box tester has some, but not all information, and requires partial reconnaissance. D. In a white box pen test, the contractor receives no privileged information, so they must perform reconnaissance. In contrast, a black box pen tester has complete access and skips reconnaissance. A gray box tester has some, but not all information, and requires partial reconnaissance.

C. In a black box pen test, the contractor receives no privileged information, so they must perform reconnaissance. In contrast, a white box pen tester has complete access and skips reconnaissance. A gray box tester has some, but not all information, and requires partial reconnaissance.

An engineer looks to implement security measures by following the five functions in the National Institute of Standards and Technology (NIST) framework. When documenting the "detect" function, what does the engineer focus on? A. Evaluate risks and threats B. Install, operate, and decommission assets C. Ongoing proactive monitoring D. Restoration of systems and data

C. Ongoing proactive monitoring

A gaming company decides to add software on each title it releases. The company's objective is to require the CD to be inserted during use. This software will gain administrative rights, change system files, and hide from detection without the knowledge or consent of the user. Consider the malware characteristics and determine which is being used. A. Spyware B. Keylogger C. Rootkit D. Trojan

C. Rootkit

Before leaving for lunch, an employee receives a phone call, but there is no one on the line. Distracted by the odd interruption, the employee forgets to log out of the computer. Earlier that day, a person from the building across the street watched the employee entering login credentials using high-powered binoculars. Which form of social engineering is being used in this situation? A. Vishing B. Lunchtime attack C. Shoulder surfing D. Man-in-the-middle attack

C. Shoulder surfing

An attacker uses a cryptographic technology to create a covert message channel in transmission control protocol (TCP) packet data fields. What cryptographic technique does this attack strategy employ? A. Homomorphic encryption B. Blockchain C. Steganography D. Key stretching

C. Steganography

What is Open Source Intelligence (OSINT)? A. Obtaining information, physical access to premises, or even access to a user account through the art of persuasion B. The means the organization will take to protect the confidentiality, availability, and integrity of sensitive data and resources C. Using web search tools and social media to obtain information about the target D. Using software tools to obtain information about a host or network topology

C. Using web search tools and social media to obtain information about the target

Analyze the following attacks to determine which best illustrates a pharming attack. A. A customer gets an email that appears to be from their insurance company. The email contains a link that takes the user to a fake site that looks just like the real insurance company site. B. An employee gets a call from someone claiming to be in the IT department. The caller says there was a problem with the network, so they need the employee's password in order to restore network privileges. C. A company's sales department often has after-hour training sessions, so they order dinner delivery online from the restaurant across the street. An attacker is able to access the company's network by compromising the restaurant's unsecure website. D. A customer enters the correct URL address of their bank, which should point to the IP address 172.1.24.4. However, the browser goes to 168.254.1.1, which is a fake site designed to look exactly like the real bank site.

D. A customer enters the correct URL address of their bank, which should point to the IP address 172.1.24.4. However, the browser goes to 168.254.1.1, which is a fake site designed to look exactly like the real bank site.

A client contacts a server for a data transfer. Instead of requesting TLS1.3 authentication, the client claims legacy systems require the use of SSL. What type of attack might a data transfer using this protocol facilitate? A. Credential harvesting B. Key stretching C. Phishing D. Man-in-the-middle

D. Man-in-the-middle

How might the goals of a basic network management not be well-aligned with the goals of security? A. Management focuses on confidentiality and availability. B. Management focuses on confidentiality over availability. C. Management focuses on integrity and confidentiality. D. Management focuses on availability over confidentiality.

D. Management focuses on availability over confidentiality.

Which two cryptographic functions can be combined to authenticate a sender and prove the integrity of a message? A. Hashing and symmetric encryption B. Public key cryptography and digital enveloping C. Hashing and digital enveloping D. Public key cryptography and hashing

D. Public key cryptography and hashing

What distinguishes DevSecOps from a traditional SOC? A. Software code is the responsibility of a programming or development team. B. Identification as a single point-of-contact for the notification of security incidents. C. A cultural shift within an organization to encourage much more collaboration. D. Security is a primary consideration at every stage of software development.

D. Security is a primary consideration at every stage of software development.

An IT director reads about a new form of malware that targets a system widely utilized in the company's network. The director wants to discover whether the network has been targeted, but also wants to conduct the scan without disrupting company operations or tipping off potential attackers to the investigation. Evaluate vulnerability scanning techniques and determine the best tool for the investigation. A. Credentialed scan B. Configuration review C. Penetration testing D. Threat hunting

D. Threat hunting

Which situation would require keyboard encryption software be installed on a computer? A. To set up single sign-on privileges B. To comply with input validation practices C. For the purpose of key management D. To protect against spyware

D. To protect against spyware

A company has one technician that is solely responsible for applying and testing software and firmware patches. The technician goes on a two-week vacation, and no one is tasked to perform the patching duties during this time. A critical patch is released and not installed due to the absence. According to the National Institute of Standards and Technology (NIST), what has the delay in applying the patch caused? A. Control B. Risk C. Threat D. Vulnerability

D. Vulnerability

Which security related phrase relates to the integrity of data? A. Accessibility is authorized B. Modification is authorized C. Knowledge is authorized D. Non-repudiation is authorized

Modification is authorized

A company has an annual contract with an outside firm to perform a security audit on their network. The purpose of the annual audit is to determine if the company is in compliance with their internal directives and policies for security control. Select the broad class of security control that accurately demonstrates the purpose of the audit. A. Managerial B. Technical C. Physical D. Compensating

A. Managerial

Examine each statement and determine which most accurately describes a major limitation of quantum computing technology. A. Presently, quantum computers do not have the capacity to run useful applications. B. Quantum computing is not yet sufficiently secure to run current cryptographic ciphers. C. Quantum computing is not sufficiently agile to update the range of security products it most frequently uses. D. Attackers may exploit a crucial vulnerability in quantum computing to covertly exfiltrate data.

A. Presently, quantum computers do not have the capacity to run useful applications.

An individual receives a text message that appears to be a warning from a well-known order fulfillment company, informing them that the carrier has tried to deliver his package twice, and that if the individual does not contact them to claim it, the package will not be delivered. Analyze the scenario and select the social engineering technique being used. A. SMiShing B. Phishing C. Vishing D. Prepending

A. SMiShing

Any external responsibility for an organization's security lies mainly with which individuals? A. The owner B. Tech staff C. Management D. Public relations

A. The owner

A user with authorized access to systems in a software development firm installs a seemingly harmless, yet unauthorized program on a workstation without the IT department's sanction. Identify the type of threat that is a result of this user's action. A. Unintentional insider threat B. Malicious insider threat C. Intentional attack vector D. Shadow IT

A. Unintentional insider threat

An employee works on a small team that shares critical information about the company's network. When sending emails that have this information, what would be used to provide the identity of the sender and prove that the information has not been tampered with? A. Private key B. Digital signature C. Public key D. RSA algorithm

B. Digital signature

Evaluate the differences between stream and block ciphers and select the true statement. A. A block cipher is suitable for communication applications. B. A stream cipher is subjected to complex transposition and substitution operations, based on the value of the key used. C. A block cipher is padded to the correct size if there is not enough data in the plaintext. D. A stream cipher's plaintext is divided into equal-sized blocks.

C. A block cipher is padded to the correct size if there is not enough data in the plaintext.

Encryption vulnerabilities allow unauthorized access to protected data. Which component is subject to brute-force enumeration? A. An unsecured protocol B. A software vulnerability C. A weak cipher D. A lost decryption key

C. A weak cipher

Any part of the World Wide Web that is accessed through non-standard methods and is intentionally not indexed and hidden from a search engine is called a _____. A. Dark net B. Cyber threat actor C. Deep web D. Dark web

C. Deep web

One aspect of threat modeling is to identify potential threat actors and the risks associated with each one. When assessing the risk that any one type of threat actor poses to an organization, what are the critical factors to profile? (Select all that apply.) A. Education B. Socioeconomic status C. Intent D. Motivation

C. Intent D. Motivation

Which of the following is NOT a use of cryptography? A. Non-repudiation B. Obfuscation C. Security through obscurity D. Resiliency

C. Security through obscurity

A hospital must balance the need to keep patient privacy information secure and the desire to analyze the contents of patient records for a scientific study. What cryptographic technology can best support the hospital's needs? A. Blockchain B. Quantum computing is not yet sufficiently secure to run current cryptographic ciphers. C. Perfect forward security (PFS) D. Homomorphic encryption

D. Homomorphic encryption

Identify the command that can be used to detect the presence of a host on a particular IP address. A. ipconfig B. ifconfig C. ip D. ping

D. ping

Analyze and eliminate the item that is NOT an example of a reconnaissance technique. A. Initial exploitation B. Open Source Intelligence (OSINT) C. Social engineering D. Scanning

A. Initial exploitation

Which of the following focuses exclusively on IT security, rather than IT service delivery? A. National Institute of Standards and Technology (NIST) B. International Organization for Standardization (ISO) C. Control Objectives for Information and Related Technologies (COBIT) D. Sherwood Applied Business Security Architecture (SABSA)

A. National Institute of Standards and Technology (NIST)

A contractor has been hired to conduct penetration testing on a company's network. They have used the company's website to identify employees. They have found several of the employees' Facebook pages and have found a popular restaurant the employees like to go to after work for a drink. A member of the team goes to the restaurant and starts small talk with the employees. The member discovers that several key positions are vacant in the IT department and that there are shortfalls in terms of information security. What reconnaissance phase techniques has the contractor used? (Select all that apply.) A. Open Source Intelligence (OSINT) B. Scanning C. Social engineering D. Persistence

A. Open Source Intelligence (OSINT) C. Social engineering

When using a digital envelope to exchange key information, the use of what key agreement mitigates the risk inherent in the Rivest-Shamir-Adleman (RSA) algorithm, and by what means? A. Perfect forward secrecy (PFS) uses Diffie-Hellman (DH) key agreement to create ephemeral session keys without using the server's private key. B. The Cipher Block Chaining (CBC) key agreement mode uses an initialization vector (IV) to create ephemeral session keys without using the server's private key. C. Counter mode in key agreement makes the advanced encryption standard (AES) algorithm work as a stream cipher, by applying an initialization vector to issue a security certificate. D. A certificate authority (CA) validates the public key's owner and creates an initialization vector to protect the exchange from snooping.

A. Perfect forward secrecy (PFS) uses Diffie-Hellman (DH) key agreement to create ephemeral session keys without using the server's private key.

The IT department head returns from an industry conference feeling inspired by a presentation on the topic of defense in depth. A meeting is scheduled with IT staff to brainstorm ideas for implementing defense in depth throughout the organization. Which of the following ideas are consistent with this industry best practice? (Select all that apply.) A. Provide user training on identifying cyber threats. B. Adopt a vendor-specific stance. C. Align administrative and technical controls with control functions. D. Move endpoint security to the firewall.

A. Provide user training on identifying cyber threats. C. Align administrative and technical controls with control functions.

By searching through a company's postings on a job board, a hacker is able to determine from the job requirement descriptions that it uses Windows Server 2008 R2, Windows 7, PostgreSQL 9, and XenApp 6. What stage of the kill chain does this represent? A. Reconnaissance B. Data exfiltration C. Active scanning D. Scoping

A. Reconnaissance

Which statement best describes key differences between symmetric and asymmetric cryptographic ciphers? A. Symmetric encryption is used for confidentiality, and uses the same key for encryption and decryption. B. Asymmetric encryption is primarily used for confidentiality, and uses different keys for encryption and decryption. C. Symmetric encryption is used for authentication, and is the most efficient method of encryption for large data transfers. D. Asymmetric encryption is used for non-repudiation and is the most efficient method of encryption for large data transfers.

A. Symmetric encryption is used for confidentiality, and uses the same key for encryption and decryption.

A contractor has been hired to conduct penetration testing on a company's network. They have decided to try to crack the passwords on a percentage of systems within the company. They plan to annotate the type of data that is on the systems that they can successfully crack to prove the ease of access to data. Evaluate the penetration steps and determine which are being utilized for this task. (Select all that apply.) A. Test security controls B. Bypass security controls C. Verify a threat exists D. Exploit vulnerabilities

A. Test security controls D. Exploit vulnerabilities

An outside security consultant updates a company's network, including data cloud storage solutions. The consultant leaves the manufacturer's default settings when installing network switches, assuming the vendor shipped the switches in a default-secure configuration. Examine the company's network security posture and select the statements that describe key vulnerabilities in this network. (Select all that apply.) A. The network is open to third-party risks from using an outside contractor to configure cloud storage settings. B. The default settings in the network switches represent a weak configuration. C. The use of network switches leaves numerous unused ports open. D. The default settings in the network switches represent unsecured protocols.

A. The network is open to third-party risks from using an outside contractor to configure cloud storage settings. B. The default settings in the network switches represent a weak configuration.

During a penetration test, systems administrators for a large company are tasked to play on the white team for an affiliated company. Examine each of the following roles and determine which role the systems admins will fill. A. The systems admins will arbitrate the exercise, setting rules of engagement and guidance. B. The systems admins will try to infiltrate the target system. C. The systems admins will operate monitoring and alerting controls to detect and prevent the infiltration. D. The systems admins will collaborate with attackers and defenders to promote constructive developments.

A. The systems admins will arbitrate the exercise, setting rules of engagement and guidance.

A systems administrator downloads and installs open source software from the software developer's website. However, the website was hacked and the software was modified to include a backdoor. As a result, the hackers now have access to the administrator's network. Assess the behavior of the administrator and select which of the following measures would prevent a possible hack attempt. A. Validate the software using a checksum B. Validate the software using a private certificate C. Validate the software using a key signing key D. Validate the software using Kerberos

A. Validate the software using a checksum

Compare the following and select the appropriate methods for packet capture. (Select all that apply.) A. Wireshark B. Packet analyzer C. Packet injection D. Tcpdump

A. Wireshark D. Tcpdump

A manufacturing company hires a pentesting firm to uncover any vulnerabilities in their network with the understanding that the pen tester receives no information about the company's system. Which of the following penetration testing strategies is the manufacturing company requesting? A. Black box B. Sandbox C. Gray box D. White box

A. Black box

Examine each attack vector and determine which is most vulnerable to escalation of privileges. A. Software B. Operating System (OS) C. Applications D. Ports

B. Operating System (OS)

A hacker set up a Command and Control network to control a compromised host. What is the ability of the hacker to use this remote connection method as needed known as? A. Weaponization B. Persistence C. Reconnaissance D. Pivoting

B. Persistence

Which of the following depict ways a malicious attacker can gain access to a target's network? (Select all that apply.) A. Ethical hacking B. Phishing C. Shoulder surfing D. Mantrap

B. Phishing C. Shoulder surfing

An employee calls IT personnel and states that they received an email with a PDF document to review. After the PDF was opened, the system has not been performing correctly. An IT admin conducted a scan and found a virus. Determine the two classes of viruses the computer most likely has. (Select all that apply.) A. Boot sector B. Program C. Script D. Macro

B. Program C. Script

Select the statement which best describes the difference between a zero-day vulnerability and a legacy platform vulnerability. A. A legacy platform vulnerability is unpatchable, while a zero-day vulnerability may be exploited before a developer can create a patch for it. B. A zero-day vulnerability is unpatchable, while a legacy platform vulnerability can be patched, once detected. C. A zero-day vulnerability can be mitigated by responsible patch management, while a legacy platform vulnerability cannot be patched. D. A legacy platform vulnerability can be mitigated by responsible patch management, while a zero-day vulnerability does not yet have a patch solution.

A. A legacy platform vulnerability is unpatchable, while a zero-day vulnerability may be exploited before a developer can create a patch for it.

Which of the following statements summarizes a disadvantage to performing an active vulnerability scan? (Select all that apply.) A. Active scanning consumes more network bandwidth. B. Active scanning runs the risk of causing an outage. C. Active scanning may fail to identify all of a system's vulnerabilities. D. Active scanning techniques do not use system login.

A. Active scanning consumes more network bandwidth. B. Active scanning runs the risk of causing an outage.

An IT manager in the aviation sector checks the industry's threat intelligence feed to keep up on the latest threats and ensure the work center implements the best practices in the field. What type of threat intelligence source is the IT manager most likely accessing? A. Open Source Intelligence (OSINT) B. An Information Sharing and Analysis Center (ISAC) C. A vendor website, such as Microsoft's Security Intelligence blog D. A closed or proprietary threat intelligence platform

B. An Information Sharing and Analysis Center (ISAC)

A network manager needs a map of the network's topology. The network manager is using Network Mapper (Nmap) and will obtain the visual map with the Zenmap tool. If the target IP address is 192.168.1.1, determine the command within Nmap that will return the necessary data to build the visual map of the network topology. A. nmap -sn --ipconfig 192.168.1.1 B. nmap -sn --ifconfig 192.168.1.1 C. nmap -sn --traceroute 192.168.1.1 D. nmap -sn --nslookup 192.168.1.1

C. nmap -sn --traceroute 192.168.1.1