PenTestch4-6

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

piggybacking

A method attackers use to gain access to restricted areas in a company. The attacker follows an employee closely and enters the area with that employee.

port scanning

A method of finding out which services a host computer offers.

zone transfer

A method of transferring records from a DNS server to use in analysis of a network.

Simple Network Management Protocol (SNMP)

A remote administration tool that can be run on most operating systems. It also allows an administrator (and an attacker) to gain details about a remote system.

OpenVAS

A security tool for conducting port scanning, OS identification, and network vulnerability assessments. A client computer (*nix or Windows) must connect to the server to perform the tests.

Nmap

A security tool used to identify open ports and detect services and OSs running on network systems.

Web bug

A small graphics file referenced in an <IMG> tag, used to collect information about the user. This file is created by a third-party company specializing in data collection.

phishing

A social engineering attack carried out by email--for example, a message containing a link to fake Web sites intended to entice victims into disclosing private information or installing malware.

shoulder surfing

A technique attackers use; involves looking over an unaware user's shoulders to observe the keys the user types when entering a password.

cookie

A text file containing a message sent from a Web server to a user's Web browser to be used later when the user revisits the Web site.

spear phishing

A type of phishing attack that targets specific people in an organization, using information gathered from previous reconnaissance and footprinting; the goal is to trick recipients into clicking a link or opening an attachment that installs malware.

Which of the following is a fast and easy way to gather information about a company? (Choose all that apply) A. Conduct port scanning B. Perform a zone transfer of the company's DNS server C. View the company's Web site D. Look for company ads in phone directories

A, B, C, D

Which of the following tools can assist you in finding general information about an organization and its employees? (Choose all that apply) A. www.google.com B. http://groups.google.com C. netcat D. nmap

A,B

Shoulder surfers can use their skills to find which of the following pieces of information? (Choose all that apply) A. Passwords B. ATM PINs C. Long-distance access codes D. Open port numbers

A,B,C

Hping

An enhanced Ping utility for crafting TCP and UDP packets to be used in port-scanning activities.

Fping

An enhanced Ping utility for pinging multiple targets simultaneously.

null session

An unauthenticated connection to a Windows system.

Entering a company's restricted area by following closely behind an authorized person is referred to as which of the following? A. Shoulder surfing B. Piggybacking C. False entering D. Social engineering

B

Many social engineers begin gathering the information they need by using which of the following? A. The Internet B. The telephone C. A company Intranet D. E-mail

B

What one way to gather information about a domain? A. View the header of an e-mail you send to an e-mail account that doesn't exist. B. Use the ipconfig command. C. Use the ifconfig command D. Connect via Telnet to TCP port 53.

B

Which of the following enables you to view all host computers on a network? A. SOA B. ipconfig C. Zone transfers D. HTTP HEAD method

B

Before conducting a security test by using social-engineering tactics, what should you do? A. Set up an appointment B. Document all findings C. Get written permission from the person who hired you to conduct the security test D. Get written permission from the department head

C

To find information about the key IT personnel responsible for a company's domain, you might use which of the following tools? (Choose all that apply) A. Whois B. Whatis C. Domain Dossier D. Nbtstat

C

What social-engineering technique involves telling an employee that you're calling from the CEO's office and need certain information ASAP? (Choose all that apply) A. Urgency B. Status quo C. Position of authority D. Quid pro quo

C

What's the first method a security tester should attempt to find a password for a computer on the network? A. Use a scanning tool. B. Install a sniffer on the network C. Ask the user D. Install a password-cracking program

C

When conducting competitive intelligence, which of the following is a good way to determine the size of a company's IT support staff? A. Review job postings on Web sites such as www.monster.com or www.dice.com B. Use the nslookup command C. Perform a zone transfer of the company's DNS server D. Use the host -t command

C

Discovering a user's password by observing the keys he or she presses is called which of the following? A. Password hashing B. Password crunchhing C. Piggybacking D. Shoulder surfing

D

To determine a company's primary DNS server, you can look for a DNS server containing which of the following? A. Cname record B. Host record C. PTR record D. SOA record

D

__________ is one of the components most vulnerable to network attacks. A. TCP/IP B. WINS C. DHCP D. DNS

D

Which of the following is a good Web site for gathering information on a domain? A. www.google.com B. www.namedroppers.com C. http://centraldrops.net/co/ D. www.arin.net E. All of the above

E

footprinting

Gathering information about a company before performing a security test or launching an attack; sometimes referred to as "reconnaissance."

dumpster diving

Gathering information by examining the trash that people discard.

ping sweep

Pinging a range of IP addresses to identify live systems on a network.

filtered ports

Ports protected with a network-filtering device, such as a firewall.

closed ports

Ports that aren't listening or responding to a packet.

open ports

Ports that respond to ping sweeps and other packets.

Nessus

Previously an open-source scanning tool; now licensed by Tenable Network Security. See OpenVAS.

spidering (or crawling)

Programmatically following every link on a Web page.

enum4linux

A Linux tool that allows for enumeration of remote Windows systems.

Network Basic Input/Output System (NetBIOS)

A Windows programming interface that allows computers to communicate across a LAN.

If you're trying to find newsgroup postings by employees of a certain company which of the following Web sites should you visit? A. http://groups.google.com B. www.google.com C. www.samspade.com D. www.arin.org

A

Which of the following contains host records for a domain? A. DNS B. WINS C. Linux server D. UNIX Web clients

A

Which of the following is one method of gathering information about the operating systems a company is using? A. Search the Web for e-mail addresses of IT employees. B. Connect via Telnet to the company's Web server. C. Ping the URL and analyze ICMP messages. D. Use the ipconfig /os command

A

competitive intelligence

A means of gathering information about a business or an industry by using observation, accessing public information, speaking with employees, and so on.

enumeration

The process of connecting to a system and obtaining information such as logon names, passwords, group memberships, and shared resources.

A cookie can store information about a Web site's visitors. True or False?

True

social engineering

Using an understanding of human nature to get information from people.


Ensembles d'études connexes

CS 3060 Class Notes 02/03/16 - Ch 04 Threads

View Set

Chapter 13 Fess, credit and collection

View Set

GEOGRAPHY Chapter 4 Folk and Popular Culture

View Set

Pharma Ch. 21 - Antianginal Drugs

View Set

Chapter 12 Spinal nerves & spinal cord

View Set