Ethical Hacking exam 2 chapter 5-6

Ace your homework & exams now with Quizwiz!

Why does the fping -f 193.145.85.201 193.145.85.220 command cause an error?

An incorrect parameter is used.

Port scanning provides the state for all but which of the following ports?

Buffered

Which is the following testing processes is the most intrusive?

Enumeration

Which flags are set on a packet sent with the nmap -sX 193.145.85.202 command? (Choose all that apply.)

FIN PSH URG

A NULL scan requires setting the FIN, ACK, and URG flags. True or False?

False

Fping doesn't allow pinging multiple IP addresses simultaneously. True or False?

False

The Nbtstat command is used to enumarate *Nix systems. True or False?

False

The Windows Net use command is a quick way to discover any shared resources on a computer or server. True or False?

False

What is the best method of preventing NetBIOS attacks?

Filtering certain ports at the firewall

Security testers and hackers use which of the following to determine the services running on a host and the vulnerabilities associated with these services?

Port scanning

A FIN packet sent to a closed port responds with which of the following packets?

RST

A closed port responds to a SYN packet with which of the following packets?

RST

Which of the following is a commonly used UNIX enumeration tool?

SNMPWalk

To bypass some ICMP-filtering devices on a network, an attacker might send which type of packets to scan the network for vulnerable services? (Choose all that apply.)

SYN packets ACK packets

Security testers can use Hping to bypass filtering devices. True or False?

True

The Net view command can be used to see whether there are any shared resources on aserver. True or False?

True

To see a brief summary of Nmap commands in a Linux shell, which of the following should you do?

Type nmap -h.

A null session is enabled by default in all the following Windows versions except:

Windows Server 2008

Which port numbers indicate NetBIOS is in use on a remote target?

135 to 139

Enumeration of Windows systems can be more difficult if port _______ is filtered.

139/TCP

A NetBIOS name can contain a maximum of ______ characters

15

Which type of scan is usually used to bypass a firewall or packet-filtering device?

ACK scan

Which of the following is a tool for creating a custom TCP/IP packet and sending it to a host computer?

Hping

In basic network scanning, ICMP Echo Requests (type 8) are sent to host computers from the attacker, who waits for which type of packet to confirm that the host computer is live?

ICMP Echo Reply (type 0)

What is a potential mistake when performing a ping sweep on a network?

Including a broadcast address in the ping sweep range

A(n) ________ scan sends a packet with all flags set to NULL.

NULL

_____ is the vulnerability scanner from which OpenVAS was developed

Nessus

_____ connects to a computer containing shared files and folders? (command)

Net use

_____ is a Windows command-line utility for seeing NetBIOS shares on a network

Net view

What is the most widely used port-scanning tool?

Nmap

Most NetBIOS enumeration tools connect to the target system by using ______ _______

Null sessions

___ , _____ can be used to enumerate Windows systems

OpenVAS, DumpSec, and Hyena

Security testers conduct enumeration for which of the following reasons? (Choose all that apply.)a. Gaining access to shares and network resources. Obtaining user logon names and group memberships. Discovering services running on computers and servers. Discovering open ports on computers and servers

gaining access to shares and network resources and obtaining user logon names and group memberships

To find extensive Nmap information and examples of the correct syntax to use in Linux, which of the following commands should you type?

man nmap

To identify the NetBIOS names of systems on the 193.145.85.0 network, which of thefollowing commands do you use?

nbtscan 193.145.85.0/24

Which of the following commands should you use to determine whether there are any shared resources on a Windows computer with the IP address 193.145.85.202?

nbtstat -a 193.145.85.202

Which of the following Nmap commands sends a SYN packet to a computer with the IP address 193.145.85.210? (Choose all that apply.)

nmap -sS 193.145.85.210 nmap -v 193.145.85.210

Which Nmap command verifies whether the SSH port is open on any computers in the 192.168.1.0 network? (Choose all that apply.)

nmap -v 192.168.1.0-254 -p 22 nmap -v 192.168.1.0/24 -p 22


Related study sets

MED-SURG: Chapter 51 - Breast Disorders

View Set

07. tétel - Vállalkozás indítása

View Set

Sem 2 Lower Respiratory conditions

View Set