Threat actors may attempt to get a listing of other systems by IP address, hostname, or other logical identifier on a network that may be used for Lateral Movement from the current system. Functionality could exist within remote access tools to enable this, but utilities available on the operating system could also be used such as Ping, net view using Net, or, on ESXi servers, esxcli network diag ping.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.