Quiz 1, 2
This type of attack has been around probably as long as humans themselves. It is the art of manipulating someone into doing something via influence.
Social engineering
This tool is designed to send ICMP echo requests to multiple systems. It will send multiple messages to systems before giving up and determining that it is down.
fping
A MAC address is represented in ________ values.
hexidecimal
Which of the commands below will initiate a hping scan that will use TCP SYN and scan for open http ports on a single IP address?
hping3 -S 72.14.207.99 -p 80 -c 1
This is the process of acquiring network traffic that is addressed to systems other than your own.
packet capturing
In very basic terms, _______ is the intersection of loss and probability. Another way to state its to say it is the exposure to chance of injury or loss.
risk
This is an important skill to have as it will save you time when doing research on a target.
Google hacking
This organization is responsible for maintaining all of the documentation related to protocols used within the TCP/IP suite. It allows add / changes vie Request for Comments (RFC) documentation.
IETF
This type of analysis is done by running the program to see what it does and to observe its behavior.
dynamic analysis
This Social Engineering Vector is based on the idea of baiting someone for information. This is a technique used to acquire information through deception using electronic communications such as email.
Phishing
This is where you gather information about your garget. You want to understand the scope of your endeavor. Group of answer choices
Reconnaissance and footprinting
Open ports should respond to a ______ message.
SYN
MAC addresses are typically used in _________ where as IP addresses are used in ____________ .
Switching, routing
The CIDR notation for a network with a subnet mask of 255.255.248.0 is:
/21
OpenVAS is most commonly used and intended for _______ .
vulnerability scanning
True or False: Social Engineering attacks can be automated.
True
This is sometimes referred to as non-repudiation in the Parkerian Hexad
authenticity
The Regional Internet Registrar for the Asia Pacific region that includes Australia and New Zealand is _________ .
APNIC
This system can be used to lookup information on publicly traded companies. It is a database housed by the Securities and Exchange Commission (SEC).
EDGAR
This is widely regarded as the "de facto" port scanner. It is very powerful and customizable via the use of scripts.
NMAP
This is a GUI based packet capture program that is quite popular, intuitive, and does come with command line enhancements. It also gives the user the ability to easily scroll through the list of all frames captured.
Wireshark
This can be part of a payload of virus or worm. It can also be installed by another type of malware and has C&C functionality.
Botnet
This type of attack has two stages one of which caches the address mapping it. The big problem we have with this is the length of time that these entries are cached. This allows the attacker to "spoof" the hardware address of a NIC and thus capture information.
ARP spoofing
One of the challenging aspects of being a penetration tester / ethical hacker is having to think like a(an) _________________ . Group of answer choices
attacker
The security ________ is at the top of the proverbial food chain. However, the security _________ is a direction about how they should be implemented. The latter is typically set aside to provide guidance for organizations through standards bodies such as (NIST).
policy, standard
This site can be used to garner information about people with little effort unless the user takes steps to ensure their information stays private
All of the above (facebook, linkedin, and twitter)
This is the most effective way to see what a program is going to do, short of running it. Essentially it allows you to look at the source code.
Disassembly
This type of attack can be used to evade network security mechanisms like an IDS by simply "chopping" up the datagrams so that they are reassembled before the adversarial device / activity could detect it.
Fragmentation
This is what many people consider to be the most important part of penetration testing. For many, it's the most challenging and interesting.
Gaining access
This malware type has the ability to identify a program to infect and also copy itself into that program. It is said to have the same phases as its biological counterpart.
Virus