Which of the following is a common method used in cyber-attack reconnaissance?

Network scanning is a prevalent technique employed during the reconnaissance phase of cyber-attacks. This method involves systematically identifying active devices on a network, gathering information about their operating systems, open ports, and running services. Attackers use various tools to probe a network and obtain details that can help them understand the layout of the environment and find vulnerabilities to exploit.

Reconnaissance is a crucial initial step in the cyber-attack lifecycle, where attackers aim to gather as much information as possible about their target. Through network scanning, they can map out the network's architecture, identify potential entry points, and assess the security measures in place. This detailed understanding allows attackers to plan their strategies more effectively.

The other options, while related to network security and management, do not directly pertain to the reconnaissance phase of cyber-attacks. Network monitoring focuses on observing network activity to ensure performance and security, data encryption protects data in transit and at rest, and backup management involves strategies for recovering data after a loss. None of these methods serve the same purpose as network scanning in identifying potential vulnerabilities in a target system.