reconnaissance over time (usually at least 2-3
                   days in order to assure patterns). The
                   following elements are sought after when
                   performing onsite intelligence gathering:

                       •  Physical security inspections
                       •  Wireless scanning / RF frequency
                          scanning
                       •  Employee behavior training inspection
                       •  Accessible/adjacent facilities (shared
                          spaces)
                       •  Dumpster diving
                       •  Types of equipment in use

                   Section 2 – Port Scanning
                                                 43 44

                   Introduction to Port Scanning

                   Sending network packets or messages
                   throughout a network to learn the following:

                       •  What systems are up?
                       •  What services are running?

                   Scanning is a method for discovering
                   exploitable communications channels.
                   Applications and services on a system are

                   43  Certified Professional Ethical Hacker Workbook v5 Volume 2,
                   Mile2, 13-31.
                   44  Certified Penetration Testing Engineer Workbook v5 Volume 1,
                   Mile2, 167-185.


                                                               410