Certified Ethical Hacker (CEH) Practice Exam 2025 – Your All-in-One Guide to Exam Success!

Active footprinting and passive footprinting are both techniques used in the reconnaissance phase of ethical hacking, but they differ significantly in their methodologies and the interactions involved.

Active footprinting involves direct interaction with the target system or network. This could include techniques such as pinging the system, port scanning, or using specialized tools to gather information from the target directly. By doing so, the ethical hacker actively engages with the systems, which can potentially raise alarms on intrusion detection systems or be logged by the target's security mechanisms.

On the other hand, passive footprinting is more about gathering information without direct interaction or engagement with the target. This can encompass methods such as searching public records, analyzing social media, or leveraging search engines to accumulate details about the target organization without triggering any security alerts.

The other options do not accurately characterize the differences between active and passive footprinting. Sending emails is not a defining characteristic of passive footprinting, and the legal status of the activities is not a reliable basis for distinction, as both methods can be performed ethically or otherwise. Additionally, passive footprinting can occur through a variety of means beyond just the internet, including physical observations or information from public documents. Thus, the distinction made in the correct choice centers on the level of interaction involved