ITN 261 Midterm

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

IDS

Ad administrator has just been notified of irregular network activity; what appliance functions in this manner?

TCP

An SYN attack uses which protocol?

netBIOS

An attacker can use ____ to enumerate users on a system?

Application

At which layer of the OSI Model does a proxy operate?

RST

During a Xmas tree scan what indicates a port is closed?

Active and passive

Footprinting has two phases. What are they ?

With no knowledge

How is a black-box testing performed?

Layer 1

Hubs operate at what layer of the OSI model?

Competitive analysis

If you cant gain enough information directly from a target. what is another option?

Query a database

LDAP is used to perform which function

all user password hashes

On Linux machines, the '/etc/shadow' file contains:

Internet Control Message Protocol (ICMP)

Ping utilizes this underlying protocol

53 TCP

Port number _____ is used by DNS for zone transfers.

255

Routers, such as Cisco, often have TTL values of:

Send email messages

SMTP is used to perform which function?

Monitor network devices

SNMP is used to do which of the following?

Trap messages

SNMP is used to perform which function in relation to hardware?

Layer 2

Switches operate at what layer of the OSI model?

\windows\system32\config\

The Security Accounts Manager (SAM) is located at:

Administrator

The Security Identifier ending in 500(also known as its RID) belongs to which account?

View archived versions of websites

The Wayback Machine is used to do which of the following?

Hacktivists

The group Anonymous is an example of what?

Gray hat

These hackers cross into both offensive and defensive actions at different times.

SID

This is a number assigned by the OS to uniquely identify a specific object such as a user, group, or even a computer

Netcraft

This is an online tool designed to gather information about servers and web servers

Insider Attack

This type of attack is intended to imitate the behaviours that are an internal party who already has authorized access to a system may perform

Passive fingerprinting

This type of fingerprinting works by analyzing responses and looking for details of the OS?

nslookup

This utility is used to query DNS servers and gain information about various parts of the DNS namespace or individual hosts

Validate an email address

VRFY is used to do which of the following?

Passively uncovering vulnerabilities

Vulnerability research deals with which of the following?

Alerts

What can be configured in most search engines to monitor and alert you of changes to content?

Proxy

What device acts as an intermediary between an internal client and a web resource?

Target of Evaluation (TOE)

What does TOE stand for?

Identify if telnet is enabled on the destination IP address

What does the following command do ? # telnet <ip address>:<port> HEAD /HTTP/1.1

Request all DNS records using a zone transfer

What does the following command do ? 'dig <domain.com> axfr

Check financial filings

What is EDGAR used to do ?

to hide the process of scanning

What is Tor used for?

A description of expected behaviour

What is a code of ethics

a ping sweep

What is an ICMP echo scan?

Identify a user

What is an SID used to do ?

ACK

What is missing from a half-open scan?

1010 1111

What is the binary value for the following hexadecimal AF?

tracert

What is the command to run a traceroute using the Windows command line?

SYN, SYN-ACK, ACK

What is the proper sequence of the TCP three-way-handshake?

To keep a scan hidden

What is the purpose of a proxy?

Gain information from a human being through face-to-face or electronic means

What is the purpose of social engineering?

Passive os fingerprinting

What is the purpose of the following command: #sudo p0f -i eth0

To gain information from human beings

What is the role of social engineering?

Support

What is the subdomain of http://support.oriyano.com

the opening sequence of a TCP connection

What is the three-way handshake?

Collision domain

What kind of domain resides on a single switchport?

Low

What level of knowledge about hacking does a script kiddie have?

IPS

What network appliance senses irregularities and plays an active role in stopping that irregular activity from continuing?

49152 through 65535

What port range is an obsecure third party application most likely to use?

a lack of fear of being caught

What separates a suicide hacker from other attackers?

Get permission

What should a pentester do prior to initiation a new penetration test?

ipconfig/all

What windows command will provide the computer's MAC address?

To monitor network performance

What would not be a reason for a company to require a penetration test?

All nodes attached to the same port

When scanning a network via a hardline connection to a wired-switch NIC in promiscuous mode, what would be the extent of network traffic you would expect to see?

a way to automate the discovery of vulnerabilities

Which best describes a vulnerability scan?

Packet

Which category of firewall filters is based on packet header data only?

nbstat

Which command can be used to view NetBIOS information?

Ring

Which network topology uses a token-based access metholody?

a weakness

Which of the following best describes a vulnerability?

Investigation of a target

Which of the following best describes footprinting?

Hacks without stealth

Which of the following best describes what a suicide hacker does?

Job boards

Which of the following can an attacker use to determine the technology and structure within an organization?

Street views

Which of the following can be used to assess physical security?

Operators

Which of the following can be used to tweak or fine-tune search results?

Social engineering

Which of the following can help you deermine business processes of your target through human interaction?

Suicide hacker

Which of the following describes a hacker who attacks without regard of being caught or punished?

Hacktivist

Which of the following describes an attacker who goes after a target to draw attention to a cause

Permission

Which of the following does an ethical hacker require to start evaluating a system?

END

Which of the following is not a flag on a packet?

Port Scanning

Which of the following is not typically used during footprinting?

Telnet

Which of the following is used for banner grabbing?

Netcraft

Which of the following is used for identifying web server OS?

nmap

Which of the following is used to perform customized network scans?

NULL

Which of the following types of attack has no flags set?

social networking

Which of the following would be a very effective source of information as it relates to social engineering?

vrfy chell

Which of the following would confirm a user named chell in SMTP?

White hat

Which of the following would most likely engage in the pursuit of vulnerability research?

TCP

Which of these protocols is a connection-oriented protocol?

80

Which port is used to send unsecured web traffic?

161 and 162

Which ports does SNMP use to function?

MX

Which record will reveal information about a mail server for a domain ?

NAT

Which technology allows the use of a single public address to support many internal clients while also preventing exposure of internal IP addresses to the outside world?

Netcraft

Which tool can be used to view web server information ?

Mesh

Which topology has built-in redundancy because of its many client connections?

Gray Hat

Which type of hacker may use their skills for both benign and malicious goals at different times?

winrtgen

You can generate rainbow tables with this tool:

SMTP

You have selected the option in your IDS to notify you via email if it senses any network irregularities. Check the logs, you notice a few incidents but you didn't receive any alerts, what protocol needs to be configured on the IDS?

EXPN

______is a method for expanding an email list.

NTP

______is used to synchronize clocks on a network

zone transfer

involves grabbing a copy of a zone file?

port scan

nmap is required to perform what type of scan ?

NULL session

A ______ is used to connect to a remote system using NetBIOS

Gives Proof

A contract is important because it does what?

a half-open does not include the final ACK

A full-open scan means that the three-way handshake has been completed. What is the difference between this and a half-open scan?

DNS

A scan of a network client shows that port 53 is open; what protocol is this aligned with?


Ensembles d'études connexes

Biology 1013 Launchpad 13.3-13.5, 13.6, & 13.7

View Set

Reproductive & Endocrine - 3rd Hr.

View Set

NCLEX questions-Cardiopulmanary Resuscitation

View Set

IPA tests for french 3 (+english translate)

View Set

Chapter 13 Review Med Term (75 questions)

View Set

Environmental Science Chapter 1 Vocab and Objectives

View Set

Banking and Financial Services Chapter 17

View Set