Application in Information Security Chapter 6
Of the two protocols discussed, TCP and UDP, which is more difficult to scan for?
UDP
Which of the following switches is used for an ACK scan? a. -sI b. -sS c. -sA d. -St
c. -sA
True or False? Nmap is valuable in OS fingerprinting as well as port scanning. True False
True
Which of the following reveals telling information such as version and service data that will help an attacker? a. Banner b. Flag c. Port d. Layer
a. Banner
The process of determining the underlying version of the system program being used is best described as ____ a. OS fingerprinting b. port scanning c. wardialing d. wardriving
a. OS fingerprinting
an XMAS tree scan sets all the following flags except: a. SYN b. URG c. PSH d. FIN
a. SYN
The Nmap command -T Paranoid performs which of the following scans? a. Serial scan; .4 seconds between scans b. Serial scan; 15 seconds between scans c. Serial scan; 300 seconds between scans d. Parallel scan
c. Serial scan; 300 seconds between scans
You have been asked to perform a port scan for POP3. Which port will you scan for? a. 22 b. 25 c. 69 d. 110
d. 110
Which of the following is NOT one of the ways to identify active machines on the network? a. Wardialing b. Wardriving and related activities c. Pinging d. Firewall testing
d. Firewall testing
True or False? Because wardialing involves the use of modems, it is out of date and should no longer be used. True False
False
Which of the following statements is most correct? a. active fingerprinting tools inject packets into network b. passive fingerprinting tools inject traffic into network c. nmap can be used for passive fingerprinting d. passive fingerprinting tools do not require network traffic to fingerprint an OS
a. active fingerprinting tools inject packets into network
_______ is a popular though easily detectable scanning technique. a. full connect b. half-open scanning c. NULL scan d. XMAS tree scan
a. full connect
Which of the following Nmap commands does not perform a parallel scan? a. -T Normal b. -T Sneaky c. -T Aggressive d. -T Insane
b. -T Sneaky
Ping scanning does not identify open ports a. True b. False
b. False
Which of the following is not a network mapping tool? a. SolarWinds b. SuperScan c. IPTables d. Xprobe2
b. SuperScan
Which of the following is the process of locating wireless access points and gaining information about the configuration of each? a. Wardialing b. Wardriving c. Pinging d. Port scanning
b. Wardriving
TCP and UDP both use flags a. true b. false
b. false
Which of the following is the Nmap command-line switch for a full-connect port scan? a. -sS b. -sU c. -sT d. -o
c. -sT
Which of the following is unique among network scanners because it scans ports in parallel using what is known as stateless scanning? a. Nmap b.THC-Amap c. Superscan d. Scanrand
d. Scanrand
Which type of scan is the most reliable but also the easiest to detect? a. TCP SYN scan b. TCP FIN scan c. TCP NULL scan d. TCP connect scan
d. TCP connect scan
Which of the following techniques is not used to locate network access points, but to reveal the presence of access points to others? a. Warflying b. Warwalking c. Warballooning d. Warchalking
d. Warchalking
______ is the point at which an attacker starts to plan their attack a. active OS fingerprinting b. passive OS fingerprinting c. port scanning d. analyzing results
d. analyzing results
Which of the following is an example of a passive fingerprinting tool? a. SuperScan b. Xprobe2 c. Nmap d. p0f
d. p0f
