Ethical Hacking Practice Midterm

¡Supera tus tareas y exámenes ahora con Quizwiz!

Which Nmap switch utilizes the slowest scan?

-T0

Which switch in Nmap allows for a full TCP connect scan?

-sT

Tiffany is analyzing a capture from a client's network. She is particularly interested in NetBIOS traffic. What port does Tiffany filter for?

. 139

Which Wireshark filter displays only traffic from 10.10.10.10?

. ip.addr == 10.10.10.10

Where is the event log located in Linux OS?

/var/log

In the following screen shot, what sequence number completes the three-way handshake with 23.253.184.229? Seq=1 Ack=1

1

As shown in the following screen shot, at what hop did the user potentially encounter a firewall? 15 * * *

15

What is the size of each of the fields in a UDP header?

16 bits

Which port uses SSL to secure web traffic?

443

In the TCP three-way handshake, which is next after the initial SYN packet is sent?

A SYN/ACK is sent.

What type of protocol is primarily being used in this diagram? ARP, ARP, ARP, DNS, DNS, TCP, TCP

ARP request

At which layer of the OSI model does a proxy operate?

Application

What DNS system is being queried by the client in the following screenshot? www.google.com

Google

What network appliance senses irregularities and plays an active role in stopping that irregular activity from continuing?

IPS

Which file or application has the permission set with 644? usr: drwxr-xr-x net: dr-xr-xr-x Volumes: drwxrwxrwt Installer.failurerequests: -rw-r--r---

Installer.failurerequests

What does a SYN scan accomplish?

It establishes only a "half open" connection.

An attacker was able to install a device at an unattended workstation and was able to recover passwords, account information, and other information the next day. What did the attacker install?

Keylogger

At which layer of the OSI model does a packet-filtering firewall work?

Layer 3

Which record will reveal information about a mail server for a domain?

MX

Which technology allows the use of a single public address to support many internal clients while also preventing exposure of internal IP addresses to the outside world?

NAT

Which of the following types of attack has no flags set?

NULL

Which of the following has no flags set and does not respond if a port is open?

NULL scan

What port number or numbers is/are associated with the IP protocol?

No ports

When trying to identify all the workstations on a subnet, what method might you choose?

Ping sweep

Which of the following is part of the overall portion of the SID?

RID

During an FIN scan, what indicates that a port is closed?

RST

Which flag forces both sender and receiver on the network to terminate their connection with one another?

RST

What is the sequence of the three-way handshake?

SYN, SYN-ACK, ACK

Based on the packet capture shown in the graphic, what is contained in this section of the packet? Source: 192.168.1.2 (192.168.1.2)

Source IP addresses

What prevents IP packets from circulating throughout the Internet forever?

TTL

Which of the following best describes DNS poisoning?

The adversary replaces the legitimate IP address that is mapped to the domain name with the malicious IP address.

What command is used to listen to open ports with netstat?

$ netstat -an

What program can be used to discover firewalls?

Traceroute

Enumeration is useful to system hacking because it provides which of the following?

Usernames

The Wayback Machine is used to do which of the following?

View archived versions of websites

Which of the following provides free information about a website that includes phone numbers, administrator's email, and even the domain registration authority?

Whois.net

Jason invokes the following Nmap command at a Linux command line. What Nmap scan is performed? # nmap -n 10.10.10.10-60

a syn stealth scan

Jason is using Scapy to conduct a port scan on a target host. Below is the screenshot for his Scapy output. Based on this information, what is the status for port 23? (dport=ftp flags=RA)

closed

What command displays the network configuration in Linux OS?

ifconfig

Which command would retrieve banner information from a website at port 80?

nc 192.168.10.27 80

Jason is responsible to scan the target environment. Below is a screenshot of tcpdump showing some captured packets from his scanning activity. Which scanning activity most likely Jason is conducting? # tcpdump -nnv udp and host 192.168.1.65 not arp

network tracing

What item should not be included in the Rules of Engagement?

permission to test

What is the generic syntax of a Wireshark filter?

protocol.field operator value

In Linux, which of the following accounts denotes the administrator?

root

To make Tcpdump to sniff on network interface eth0, do not resolve host and service names, for tcp packets to and from host 10.10.10.10. Which of the following command should be invoked?

tcpdump -nn -i eth0 tcp and host 10.10.10.10

Jennifer is using tcpdump to capture traffic on her network. She would like to review a capture log gathered previously. What command can Jennifer use?

tcpdump -r capture.log

Which tool can trace the path of a packet?

tracert

Which of the following is a major security problem with FTP?

user IDs and passwords are unencrypted

Jason is running his virtual test machine using NAT network setting in his first penetration test. He selected the exploit and payload in Metasploit and fire the exploit against the Windows target where a vulnerable service was running. Metasploit reported that the payload failed. Assuming the exploit is correct, which of the following payload most likely did Jason choose?

windows/meterpreter/reverse_tcp

A crystal-box test means the tester has which of the following?

Complete knowledge


Conjuntos de estudio relacionados

Unit 9 Respiratory Prep U Questions

View Set

Chapter 22: Descent with Modification: A Darwinian View of Life

View Set

STS - Chapter 1 (Historical Antecedents in the Course of Science and Technology)

View Set

MKT/421T: Marketing Wk 4 - Practice: Ch. 13, Building the Price Foundation [due Day 5]

View Set

Income Measurement & Asset Valuation Exam 1

View Set

Unit 1a Homework Transistor Amplifier Theory

View Set

WSU Life Span Development: Final

View Set