During which phase does an ethical hacker make active connections to query a target system?

The phase in which an ethical hacker makes active connections to query a target system is enumeration. During this stage of the hacking process, the hacker actively engages with the target system to gather detailed information. This can include identifying valid user accounts, extracting group memberships, and determining the services running on the system, among other tasks.

Enumeration is distinct from reconnaissance, which focuses primarily on gathering information without direct interaction with the target. It often involves passive techniques such as searching for publicly available data. In contrast, enumeration is about actively probing the system to retrieve sensitive data, making it a crucial step in the ethical hacking process.

In the gaining access phase, an ethical hacker would attempt to exploit vulnerabilities to gain unauthorized access to systems, while clearing tracks involves erasing any evidence of the hacking activities to avoid detection. These phases follow enumeration, which lays the groundwork by collecting crucial system data necessary for effectively targeting the vulnerabilities during the next phases.