Ethical Hacking and Network Defense - Chapter: 5

Null Scan

This scan sends a packet with all flags set to Null.

b. SYN Packets c. ACK Packets

To bypass some ICMP-filtering devices on a network, an attacker might send which type of packets to scan the network for vulnerable services?

man nmap

To find extensive NMAP information and examples of the correct syntax to use in Linux, which of the following commands should you type?

a. nmap -v 192.168.1.0-254 -p 22 d. nmap -v 192.168.1.0/24 -p 22

Which nmap command verifies whether the SSH port is open on any computers in the 192.168.1.0 network?

a. nmap -sS 193.145.85.210 b. nmap -v 193.145.85.210

Which of the following NMAP commands sends a SYN packet to a computer with the IP address 193.145.85.210?

Hping

Which of the following is a tool for creating a custom TCP/IP packet and sending it to a host computer?

-sC

Which parameter can be added to nmap to run a script scan with the default scripts?

Buffered

Port scanning provides the state for all but which of the following ports?

Including a broadcast address in the ping sweep range

What is a potential mistake when performing a ping sweep on a network?

Network Mapper (NMAP)

What is the most widely used port-scanning tool?

a. FIN b. PSH d. URG

Which flags are set on a packet sent with the nmap -sX 192.145.85.202 command?

There's no such command.

Why does the fping -f 193.145.85.201 193.145.85.220 command cause an error?

RST

A closed port responds to a SYN packet with which of the following packets?

ICMP Echo Reply (type 0)

In basic network scanning, ICMP Echo Requests (type 8) are sent to host computers from the attacker, who waits for which type of packet to confirm that the host computer is live?

Port Scanning

Security testers and hackers use which of the following to determine the services running on a host and the vulnerabilities associated with these services?

Type nmap -h

To see a brief summary of NMAP commands in a Linux shell, which of the following should you do?