Network Defense Essentials (NDE) Practice Exam 2025 – Your All-in-One Resource to Exam Success!

The term that best describes traffic indicating unauthorized discovery of vulnerabilities in a network is reconnaissance. This process involves gathering information about a target system or network to identify potential weaknesses that could be exploited. During reconnaissance, an attacker may use a variety of methods, such as port scanning or network mapping, to gain insights into the structure and vulnerabilities of the network.

Reconnaissance is typically one of the preliminary stages of an attack, where the intent is not necessarily to compromise the network directly but to collect enough data to devise a strategy for a future attack. This information-gathering phase is crucial because it informs the attacker about how to proceed with their tactics.

In contrast, intrusion refers to the actual act of breaching a network or system's defenses to gain unauthorized access. Exfiltration deals with the unauthorized transfer of data out of the network, usually after a successful breach has occurred. Flooding, on the other hand, usually involves an overload of traffic to a network, aimed at causing disruption rather than investigation. Thus, reconnaissance specifically identifies the initial, exploratory activities that hint at potential vulnerabilities in the network.