Which combination describes passive OS fingerprinting and its main drawback in a stealthy assessment?

Passive OS fingerprinting analyzes existing network traffic to infer the target’s operating system without sending probes. In a stealthy assessment, this approach stays quiet and reduces the chance of detection, since there’s no active probing. The trade-off is lower accuracy, because the signals available from observed traffic (such as timing, TTL values, window sizes, and other metadata) can be sparse or ambiguous, making it harder to confidently identify the exact OS. Active fingerprinting, by contrast, can produce fast, highly diagnostic results but is more detectable due to the crafted probes it sends. The other methods described involve techniques or claims that don’t fit the stealthy, low-noise nature or the accuracy limitation of passive fingerprinting.