Hands-on Ethical Hacking And Network Defense

¡Supera tus tareas y exámenes ahora con Quizwiz!

A(n) _______ scan sends a packet with all flags set to NULL.

NULL

What is the most widely used port-scanning tool? a. netcat b. netstat c. Nmap d. Nslookup

Nmap

To verify if all the IP addresses of a network are being used by computers that are up and running, you can use a port scanner to perform what procedure on a range of IP addresses?

Ping

Security testers and hackers use which of the following to determine the services running on a host and the vulnerabilities associated with these services? a. Zone transfers b. Zone scanning c. Encryption algorithms d. Port scanning

Port Scanning

A FIN packet sent to a closed port responds with which of the following packets?

RST

When a TCP three-way handshake ends, both parties send what type of packet to end the connection?

FIN

Which flags are set on a packet sent with the nmap -sX 193.145.85.202 command? (Choose all that apply.) a. FIN b. PSH c. SYN d. URG

FIN PSH URG

A NULL scan requires setting the FIN, ACK, and URG flags. (True/False)

False

An open port allows access to specific applications and cannot be vulnerable to attack. (T/F)

False

Fping doesn't allow pinging multiple IP addresses simultaneously. True or False?

False

In a NULL scan, all packet flags are turned on. (T/F)

False

Security testers can use Hping to bypass filtering devices. True or False?

True

To bypass some ICMP-filtering devices on a network, an attacker might send which type of packets to scan the network for vulnerable services? (Choose all that apply.) a. PING packets b. SYN packets c. ACK packets d. Echo Request packets

b. SYN packets c. ACK packets

Which of the following describes a flexible program that automates a task that takes too much time to perform manually?

customized script

A closed port responds to a SYN packet with which of the following packets? a. FIN b. SYN-ACK c. SYN d. RST

d. RST

What is a potential mistake when performing a ping sweep on a network?

including a broadcast address in the ping sweep range

Hping

it is used to bypass filtering devices by injecting crafted or other wise modified IP-packets An enhanced Ping utility for crafting TCP and UDP packets to be used in port-scanning activities

You can search for vulnerabilities in a host computer by using a port-scanning tool. (T/F)

True

To see a brief summary of Nmap commands in a Linux shell, which of the following should you do? a. Type nmap -h. b. Type nmap -summary. c. Type help nmap. d. Press the F1 key.

Type nmap -h

Closed ports respond to a NULL scan with what type of packet?

RST

If an attacker decides to implement a less obvious port-scan, or stealth attack, which of the following techniques would be appropriate to make their activities more difficult to detect?

limit their scan speeds

Fping

you can ping multiple IP addresses simultaneously an enhanced PING utility for pinging multiple targets simultaneously

What type of port scan is similar to a SYN scan and is risky to use because it relies on the attacked computer's OS?

Connect

Which vi command deletes the current line?

Dd

What network security tool, usually included with Kali Linux, allows a user to ping multiple IP addresses?

Fping

Nessus

Previously an open-source scanning tool; now licensed by Tenable Network Security. See OpenVAS.

In a normal TCP session, the sender sends a packet to another computer with which of the following flags set?

SYN Flag

What type of port scan has the FIN, PSH, and URG flags set?

X Mas Scan

Nmap has a GUI front end that makes it easier to work with some of the complex options by providing a GUI. Which of the following is the NMap GUI fron end?

Zen map

port scanning

a method of finding out which services a host computer offers.

Which parameter can be added to nmap to run a script scan with the default scripts? a. -sC b. -oA c. -p d. -rT

a. -sC

Which of the following Nmap commands sends a SYN packet to a computer with the IP address 193.145.85.210? (choose all that apply) a. nmap -sS 193.145.85.210 b. nmap -v 193.145.85.210 c. nmap -sA 193.145.85.210 d. nmap -sF 193.145.85.210

nmap -sS 193.145.85.210 nmap -v 193.145.85.210

One of the limitations when using "ping sweeps" is that many network administrators configure nodes not to respond to ICMP Echo Requests. What type of ICMP Echo message is being disabled by these administrators?

reply

Which of the following describes a text file containing multiple commands that would usually be entered manually at the command prompt?

script

When writing a script which statement allows you to avoid creating an endless loop in your script?

while

Which statement is where the script performs its main task?

do

closed port

doesn't allow entry or access to a service ports that aren't listening or responding to a packet

ping sweep

identify which IP addresses belong to active hosts, in other words to find out which hosts are "live" ping sweeps simply ping a range of IP addresses and see what type of response is returned. pinging a range of IP addresses to identify live systems on a network

To find extensive Nmap information and examples of the correct syntax to use in Linux, which of the following commands should you type? a. nmap -h b. nmap -help c. nmap ? d. man nmap

man nmap

filtered port

might indicate that a firewall is being used to allow specific traffic into or out of the network ports protected with a network-filtering device, such as a firewall

Nmap

most popular port scanners and adds new features constantly, such as OS detection and fast multiple-probe ping scanning a security tool used to identify open ports and detect services and OSs running on network systems

When using a port-scanner, what procedure can be conducted to identify which IP addresses belong to active hosts?

ping sweep

Port scanning is a method of finding out which services a host computer offers. (T/F)

True

When security professionals create a packet, they may choose to specifically set which of the following fields to help initiate a response from a target computer?

flag

In a Linux script, which of the lines is important because it identifies the files as a script?

#!/bin/sh

When using the text editor vim what command appends text after the insertion point?

A

What advanced port-scanning tool can allow a security tester to bypass filtering devices by injecting crafted or otherwise modified IP-packets into a network?

Hping

Which of the following is a tool for creating a custom TCP/IP packet and sending it to a host computer?

Hping

What open source port-scanning tool is considered to be the standard port-scanning tool for security professionals?

Nmap

What open-source network utility allows you to use plug-ins to run test programs (scripts) that can be selected from the client interface?

OpenVas

Some attackers want to be hidden from network devices or IDSs that recognize an inordinate amount of pings or packets being sent to their networks. Which of the following attacks are more difficult to detect?

Stealth Attacks

Attackers typically use ACK scans to get past a firewall or other filtering devices. (T/F)

True

In an ACK scan, if the attacked port returns an RST packet the attacked port is considered to be operating in what state?

Unfiltered

Why does the fping -f 193.145.85.201 193.145.85.220 command cause an error? a. An incorrect parameter is used. b. The IP range should be indicated as 193.145.85.201-220. c. There's no such command. d. IP ranges aren't allowed with this command.

a. an incorrect parameter is used

Which Nmap command verifies whether the SSH port is open on any computers in the 192.168.1.0 network? (Choose all that apply.) a. nmap -v 192.168.1.0-254 -p 22 b. nmap -v 192.168.1.0-254 -p 23 c. nmap -v 192.168.1.0-254 -s 22 d. nmap -v 192.168.1.0/24 -p 22

a. nmap -v 192.168.1.0-254 -p 22 d. nmap -v 192.168.1.0/24 -p 22

open port

allows access to applications and can be vulnerable to an attack ports that respond to ping sweeps and other packets

OpenVas

allows for updating of security check plug-ins when they become available, it is a security test program (script) that can be selected from the client interface a security tool for conducting port scanning, OS identification, and network vulnerability assessments. A client computer (*nix or Windows) must connect to the server to perform these tests

In any *NIX system, after saving a script named "script_name," you need to make it executable so that you can run it. Which command will accomplish this task from the command line?

chmod +x script_name

Port scanning provides the state for all but which of the following ports? a. Closed b. Open c. Filtered d. Buffered

d. Buffered

In basic network scanning, ICMP Echo Requests (type 8) are sent to host computers from the attacker, who waits for which type of packet to confirm that the host computer is live? a. ICMP SYN-ACK packet b. ICMP SYN packet c. ICMP Echo Reply (type 8) d. ICMP Echo Reply (type 0)

d. ICMP Echo Reply (type 0)


Conjuntos de estudio relacionados

Vocabulary Workshop Level G Unit 9

View Set

MOD 1: Chapter 16 Employment Communications

View Set

Chapter 12 The Arbitration Process

View Set