Ethical Hacking 7.1.4

Which of the following assessment types focus on all types of user risks, including threats from malicious users, ignorant users, vendors, and administrators? answer Passive assessment Host-based assessment Wireless network assessment External assessment

Host-based assessment

In a world where so much private information is stored and transferred digitally, it is essential to proactively discover weaknesses. An ethical hacker's assessment sheds light on the flaws that can open doors for malicious attackers. Which of the following types of assessments does an ethical hacker complete to expose these weaknesses? answer Host-based assessment Vulnerability assessment External assessment Passive assessment

Vulnerability assessment

Jaxon, a pentester, is discovering vulnerabilities and design flaws on the Internet that will open an operating system and applications to attack or misuse. Which of the following tasks is he accomplishing? answer Vulnerability research Vulnerability assessment Vulnerability management Vulnerability scanning

Vulnerability research

On your network, you have a Windows 10 system with the IP address 10.10.10.195. You have installed XAMPP along with some web pages, php, and forms. You want to put it on the public-facing internet, but you are not sure if it has any vulnerabilities. On your Kali Linux system, you have downloaded the nmap-vulners script from GitHub. Which of the following is the correct nmap command to run? answer nmap -sC nmap-vulners -sV 10.10.10.195 nmap -sC vulners -sV 10.10.10195 nmap --script vulners -sV 10.10.10.195 nmap --script nmap-vulners -sV 10.10.10.195

nmap --script nmap-vulners -sV 10.10.10.195 The command you will enter is nmap --script nmap-vulners -sV 10.10.10.195. The --script switch performs a script scan using the comma-separated list of filenames, script categories, and directories. The -sC switch performs a script scan using the default set of scripts.

Which of the following best describes active scanning? answer A scanner is limited to the moment in time that it is running and may not catch vulnerabilities that only occur at other times. A scanner tries to find vulnerabilities without directly interacting with the target network. A scanner allows the ethical hacker to scrutinize completed applications when the source code is unknown. A scanner transmits to a network node to determine exposed ports and can also independently repair security flaws.

A scanner transmits to a network node to determine exposed ports and can also independently repair security flaws.

An ethical hacker is running an assessment test on your networks and systems. The assessment test includes the following items: Inspecting physical security Checking open ports on network devices and router configurations Scanning for Trojans, spyware, viruses, and malware Evaluating remote management processes Determining flaws and patches on the internal network systems, devices, and servers Which of the following assessment tests is being performed? answer Passive assessment Active assessment External assessment Internal assessment

Internal assessment

This type of assessment evaluates deployment and communication between the server and client. It is imperative to develop tight security through user authorization and validation. Open-source and commercial tools are both recommended for this assessment. Which of the following types of vulnerability research is being done? answer Default settings Buffer overflows Open services Application flaws

Application flaws Flaws, while validating and authorizing the user, present the greatest threat to security in transactional applications. This type of assessment evaluates deployment and communication between the server and client. It is imperative to develop tight security through user authorization and validation. Open-source and commercial tools are both recommended for this assessment. A buffer is a temporary data storage area with limited space. Overflows occur when users attempt to store more data than the program was written for. Ports and services must be checked regularly to prevent unsecure, open, or unnecessary ports, which can lead to attacks on connected nodes or devices, loss of private information, or even denial of service. It is important to check default settings, especially for default SSIDs and admin passwords.