IST-294 Ethical Hacking-Chapter 4 Footprinting and Social Engineering

Which of the following is a good Web site for gathering information on a domain? www.google.com www.namedroppers.com http://centralops.net/co/ www.arin.net All of the above

All of the above

What's the first method a security tester should attempt to find a password for a computer on the network? Use a scanning tool. Install a sniffer on the network. Ask the user. Install a password-cracking program.

Ask the user.

Which of the following contains host records for a domain? DNS WINS Linux server UNIX Web clients

DNS

_______is one of the components most vulnerable to network attacks. TCP/IP WINS DHCP DNS

DNS

To find information about the key IT personnel responsible for a company's domain, you might use which of the following tools? (Choose all that apply.) Whois Whatis Domain Dossier Nbtstat

Domain Dossier Whois

Entering a company's restricted area by following closely behind an authorized person is referred to as which of the following? Shoulder surfing Piggybacking False entering Social engineering

Piggybacking

What social-engineering technique involves telling an employee that you're calling from the CEO's office and need certain information ASAP? (Choose all that apply.) Urgency Status quo Position of authority Quid pro quo

Position of authority Urgency

If you're trying to find newsgroup postings by IT employees of a certain company, which of the following Web sites should you visit? http://groups.google.com www.google.com www.samspade.com www.arin.org

http://groups.google.com

Which of the following tools can assist you in finding general information about an organization and its employees? (Choose all that apply.) www.google.com http://groups.google.com netcat nmap

www.google.com http://groups.google.com

Before conducting a security test by using social-engineering tactics, what should you do? Set up an appointment. Document all findings. Get written permission from the person who hired you to conduct the security test. Get written permission from the department head.

Get written permission from the person who hired you to conduct the security test.

Shoulder surfers can use their skills to find which of the following pieces of information? (Choose all that apply.) Passwords ATM PINs Long-distance access codes Open port numbers

Passwords ATM PINs Long-distance access codes

When conducting competitive intelligence, which of the following is a good way to determine the size of a company's IT support staff? Review job postings on Web sites such as www.monster.com or www.dice.com. Use the nslookup command. Perform a zone transfer of the company's DNS server. Use the host -t command.

Review job postings on Web sites such as www.monster.com or www.dice.com.

To determine a company's primary DNS server, you can look for a DNS server containing which of the following? Cname record Host record PTR record SOA record

SOA record SOA means Start of Authority

Which of the following is one method of gathering information about the operating systems a company is using? Search the Web for e-mail addresses of IT employees. Connect via Telnet to the company's Web server. Ping the URL and analyze ICMP messages. Use the ipconfig /os command.

Search the Web for e-mail addresses of IT employees.

Discovering a user's password by observing the keys he or she presses is called which of the following? Password hashing Password crunching Piggybacking Shoulder surfing

Shoulder surfing

A cookie can store information about a Web site's visitors. True or False?

TRUE

Many social engineers begin gathering the information they need by using which of the following? The Internet The telephone A company Intranet E-mail

The telephone

Which of the following is a fast and easy way to gather information about a company? (Choose all that apply.) Conduct port scanning. Perform a zone transfer of the company's DNS server. View the company's Web site. Look for company ads in phone directories.

View the company's Web site. Look for company ads in phone directories.

What's one way to gather information about a domain? View the header of an e-mail you send to an e-mail account that doesn't exist. Use the ipconfig command. Use the ifconfig command. Connect via Telnet to TCP port 53.

View the header of an e-mail you send to an e-mail account that doesn't exist.

Which of the following enables you to view all host computers on a network? SOA ipconfig Zone transfers HTTP HEAD method

Zone transfers