07

Question 1

_____ is a print sharing protocol used by legacy systems. What three services does it provide?

Answer 1

NetBios

Name Service
Datagram Service
Session Service

Question 2

________ allows a program running on one computer to seamlessly execute code on a remote system .

This is a ________ layer protocol

port _________

What are its 4 main vulnerabilities?

Answer 2

RPC

session

TCP 135

endpoint mapper promiscuity
DoS
Service specific attacks
Escalation of privileges

Question 3

NetBIOS ___________ is used for name resolution and registration, identify resources on a network and are used by applications to start and stop sessions.

port ________

Answer 3

Name Service

UDP 137

Question 4

Within NetBIOS Namer service, what do the first 15 bits represent?

the 16th byte? What are the three things of this?

underneath Type what does UNIQUE/GROUP mean?

Answer 4

Computername

Server Service
<00> workstation service (windows machine can act as a workstation)
<20> Server service (Windows machine can act as a server)
<30>message service, (if theirs two of these the one with the username is the currently logged on user)

Unique tells me this is the registered to one host
Group tells me this is registered to multiple hosts

Question 5

NetBios __________ is used for browser and messenger services

port _________

What server service is this identified under?

Answer 5

Datagram service

UDP 138

<03>

Question 6

NetBios ___________ is primarily used for local network file and print sharing, this makes a session between two machines

port _______

I want this open

Answer 6

Session Service

TCP 139

Question 7

If I see one of them active on a machine that means that ______ are active

Answer 7

all of them

Question 8

________ command is a diagnostic tool for NETBIOS over TCP/IP

-options/syntax

________ -__ <__________> Used to show NETBIOS using remote machines computer name

________ -__ <__________> Used to show NETBIOS using ip address on a remote machine

________ -__ <__________> lists local NetBios names

Answer 8

nbstat

nbstat -a

nbstat -A

nbstat -n

Question 9

________ is an ________ layer protocol used for file and print sharing

port?

what ius the public version of this called?

What is the Linuix version of this called?

Answer 9

SMB Application

TCP 445

Samba

Question 10

_______ provides file and print sharing services to SMB/CIFS clients and allows for seamless interoperability between *NIX servers and windows clients.

Answer 10

Samba

Question 11

_________ listens on port ______ and enables connections to a remote system on port ________

unlike telnet this provides a ______ instead of a cli to work from

This is typically only enabled on servers T/F?

Answer 11

RDP 3389 TCP/UDP TCP 3389

GUI

T

Question 12

___________ is a service that implements the WS-management protocol for remote management using ports ______________

A public standard for remotely exchanging management data with any device that implements the protocol

____ and ____ are dependent on this

Provides a pipe between two machines so that other things can use that road

Answer 12

WinRM

TCP 5985/5986

PS WEF

Question 13

What are the benefits of PS remoting?

Answer 13

low overhead compared to rdp
scalable

Question 14

_______________ as a network setting beginning with Windows version 6.0, __________________ enables a computer to locate any device with an ip address

Answer 14

Network Discovery

Question 15

The _____ command provides information and statistics about protocols in use and current TCP/IP network connections

What are the options you use with it to get the best information?

Answer 15

netstat -an

Question 16

How do you get help about all the Net commands?

How do you get help with a specific command? Syntax

Answer 16

net help

net help share

Question 17

The ___________ command shows shared resources on the local machine and also enables a user to create shared resources

_____________ displays local shares, including administrative and hidden

_____________ shares C:\tools directory, naming the share utils

_____________ deletes the share named utils

Answer 17

net share

net share

net share Tools=C:\tools

net share Tools /delete

Question 18

What are the special shared resources set up for administrative and system use?

________ volumes on a windows system are shared via hidden administrative shares. Requires a privileged account for access

_________ The system Root on Windows systems is shared via administrative shares. Requires a privileged account for access

_________ shares named pipes required for communication between computers and programs

_________ used on active directory domain controllers for sharing domain policies and domain public profiles

Answer 18

DriveLetter$

ADMIN$

IPC$

SYSVOL$

Question 19

_________ command displays a list of resources being shared on a computer. Lists computers on the domain/network

__________ lists computers in current domain/network

_________/________: <__________> lists computers in another domain/network

________\ <________________> lists public shares on a remote system

how we can see a remote computer’s shares and see computers in the network

Answer 19

net view

net view

net view/domain: <domain></domain>

net view \ <computer></computer>

Question 20

The _________ command lists sessions, in the form of mapped drives, made from the workstation

___________ displays workstation connections and mapped drives

______________ maps a logical T: drive to UNC which is \ <computer name or IP\share name Including /persistent makes it so we connect at next login

______________ deletes the logical T: drive

Answer 20

net use

net use

net use T: \ Win7\Tools

net use T: /delete

Question 21

The __________ command lists recorded sessions made to the machine via the local server service

___________ displays connections to the local server service

__________ displays the details of a specific session

Answer 21

net session

net session

net session \Ip address or computer name

Question 22

The _______ command displays configuration information of the workstation or service

Answer 22

net config

Question 23

What command lets you see/edit account policies such as pwnlength?

Answer 23

net accounts