6.1 Enumeration Overview

Which of the following ports are used by null sessions on your network? -135 and 445 -139 and 444 -137 and 443 -139 and 445

139 and 445

In which phase of the ethical hacking process do you gather information from a system to learn more about its configurations, software, and services? -Scanning -Enumeration -Reconnaissance -Sniffing

Enumeration

A hacker has managed to gain access to the /etc/passwd file on a Linux host. What can the hacker obtain from this file? -Usernames, but no passwords -The root username and password -No usernames or passwords -Usernames and passwords

Usernames, but no passwords

Shawn, a malicious insider, has obtained physical access to his manager's computer and wants to listen for incoming connections. He has discovered the computer's IP address, 192.168.34.91, and he has downloaded netcat. Which of the following netcat commands would he enter on the two computers? -nc -l -p 2222 (manager's computer) and nc -nv 192.168.34.91 2222 (Shawn's machine) -nc -n -s 2222 (manager's computer) and nc -lp 192.168.34.91 2222 (Shawn's machine) -nc -l -p 2222 (manager's computer) and nc -sv 192.168.34.91 2222 (Shawn's machine) -nc -l -s 2222 (manager's computer) and nc -pv 192.168.34.91 2222 (Shawn's machine)

nc -l -p 2222 (manager's computer) and nc -nv 192.168.34.91 2222 (Shawn's machine)

Which of the following enumeration tools provides information about users on a Linux machine? -Null session -PsTools -SuperScan -finger

finger

Which enumeration process tries different combinations of usernames and passwords until it finds something that works? -Zone transfers -Default passwords -Brute force -Exploiting SMTP

Brute force

The Simple Network Management Protocol (SNMP) is used to manage devices such as routers, hubs, and switches. SNMP works with an SNMP agent and an SNMP management station in which layer of the OSI model? -Session Layer -Application Layer -Transport Layer -Network Layer

Application Layer

LDAP is an internet protocol for accessing distributed directory services. If this port is open, it indicates that Active Directory or Exchange may be in use. What port does LDAP use? -TCP/UDP 445 -TCP/UDP 3268 -TCP/UDP 389 -TCP/UDP 53

TCP/UDP 389

Jorge, a hacker, has gained access to a Linux system. He has located the usernames and IDs. He wants the hashed passwords for the users that he found. Which file should he look in? -/etc/group -/etc/passwd -/etc/services -/etc/shadow

/etc/shadow

What port does a DNS zone transfer use? -TCP 23 -TCP 53 -TCP 445 -TCP 139

TCP 53

Typically, you think of the username as being the unique identifier behind the scenes, but Windows actually relies on the security identifier (SID). Unlike the username, a SID cannot be used again. When viewing data in the Windows Security Account Manager (SAM), you have located an account ending in -501. Which of the following account types did you find? -The built-in administrator -The domain guests -The domain admins -The built-in guest

The built-in guest

Which of the following best describes IPsec enumeration? -Uses SIP to enable voice and video calls over an IP network. -Is used to manage devices such as routers, hubs, and switches. -Uses ESP, AH, and IKE to secure communication between VPN endpoints. -Is used by most email servers and clients to send email messages.

Uses ESP, AH, and IKE to secure communication between VPN endpoints.