4.1.8 - Reconnaissance Overview (Practice Questions)

अब Quizwiz के साथ अपने होमवर्क और परीक्षाओं को एस करें!

Network foot printing tools

Whois, Nslookup, and ARIN are all examples of:

Maltego

What's the name of the open-source forensics tool that can be used to pull information from social media postings and find relationships between companies, people, email addresses, and other information?

Reconnaissance

When a penetration tester starts gathering details about employees, vendors, business processes, and physical security, which phase of testing are they in?

Information gathering techniques

Which of the following elements of penetration testing includes the use of web surfing, social engineering, dumpster diving, and social networking?

An ethical hacker has permission to hack a system, and a criminal hacker doesn't have permission.

Which of the following is the difference between an ethical hacker and a criminal hacker?

nmap -sS xyzcompany.com

You are in the reconnaissance phase at the XYZ company. You want to use nmap to scan for open ports and use a parameter to scan the 1,000 most common ports. Which nmap command would you use?

Shows results in pages that contain all of the listed keywords.

What does the Google Search operator allinurl:keywords do?

Echosec

Xavier is doing reconnaissance. He is gathering information about a company and its employees by going through their social media postings that were made using location services. What is the name of this tool?

Social engineering

MinJu, a penetration tester, is testing a client's security. She notices that every Wednesday, a few employees go to a nearby bar for happy hour. She goes to the bar and starts befriending one of the employees with the intention of learning the employee's personal information. Which information gathering technique is MinJu using?

Contact names, Phone numbers, email addresses, fax numbers, and addresses

A penetration tester is trying to extract employee information during the reconnaissance phase. What kinds of data is the tester collecting about the employees?

nmap -sn 172.125.68. 1-255

You have found the IP address of a host to be 172.125.68.30. You want to see what other hosts are available on the network. Which of the following nmap commands would you enter to do a ping sweep?

Whois

Iggy, a penetration tester, is conducting a black box penetration test. He wants to do reconnaissance by gathering information about ownership, IP addresses, domain name, locations, and server types. Which of the following tools would be most helpful?


संबंधित स्टडी सेट्स

Урок 2-2 корейские числительные и китайс

View Set

vocab building word scramble 3-1

View Set

Religious Pluralism and Theology: Exclusivism, Inclusivism and Pluralism

View Set

Personally Identifiable Information (PII) v4.0

View Set

The Software Requirements Document

View Set

Animals 动物 (Measure words 量词)

View Set