Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Ethical Hacking: Reconnaissance/Footprinting > 1. What is Reconnaissance/Footprinting? > Flashcards

1. What is Reconnaissance/Footprinting? Flashcards

1
Q

What is the significance of reconnaissance in terms of the phases that a hacker goes through?

A

Reconnaissance is one of the biggest phases a hacker goes through.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What two major kinds of reconnaissance are there?

A
  1. Active Reconnaissance

2. Passive Reconnaissance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Why reconnaissance?

A

As hackers, we want to know as much information as we can about our target.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is reconnaissance?

A

Reconnaissance is the process of going through and collecting as much information about your target without being discovered.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the typical phases of reconnaissance?

A
  1. Collect Elementary Intel
  2. Discover OS, Web Servers & Platforms
  3. Perform Queries
  4. Discover Vulnerabilities
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are some questions that we can ask when collecting elementary intel?

A
  1. What does the website look like?
  2. What web server do they use?
  3. Where is the target located?
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is elementary intel and why is it important?

A
  1. Some really basic information about the target.

2. It’s the basic stuff that builds our foundation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What does “Performing Queries” mean in reconnaissance and what’s the goal?

A
  1. Use some tools to discover things like all the DNS names that are out there, etc.
  2. The goal is to discover information about the underlying network infrastructure.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What questions are answered in the “Discover OS, Web Servers & Platforms” phase of reconnaissance?

A
  • What’s the operating system? Windows? Linux?
  • What web servers are they using? Apache? AAS?
  • What version of the software are they using? Anything old like a 2003 server?
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Why is the “Discover OS, Web Servers & Platforms” phase of reconnaissance important?

A

Like the other phases of reconnaissance, the information gathered in this phase will help us perform our attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What questions are answered in the “Performing Queries” phase of reconnaissance?

A
  1. Is the target being hosted by a particular company that had some security issues in the past?
  2. Can we use another one of their customers to get into this target?
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the “Discover Vulnerabilities” phase of reconnaissance about?

A

It’s simply about checking what vulnerabilities might be there for us. Since at this point we know the OS, version, and possibly the webserver version, we’ll go and do some reconnaissance again here on what vulnerabilities could possibly be there.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What’s the most important overall concern in conducting reconnaissance?

A

Gathering any type of information that might give us insight into our potential target.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What can be said about the importance of the size of intel found during reconnaissance?

A

We shouldn’t care how small intel is. Sometimes that little piece of information comes back to help us out at the end.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are some secondary benefits of reconnaissance?

A
  1. Understand the Security Posture
  2. Reduce the Attack Area
  3. Build Information Database
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How does reconnaissance help with understanding the security posture of a target?

A

The more we learn about this target, the more we will understand what it is that they’re doing — how often they’re looking into their security.

17
Q

What can be said about the typical structure of reconnaissance?

A

Typically, reconnaissance is extremely systematic and it’s also done in a methodical order — we go through the same steps, look at the same information.

18
Q

How does reconnaissance help with reducing the attack area?

A

Based on “Understanding the Security Posture” and doing our reconnaissance, we’re able to get very specific with (eg.) which domains to attack.

19
Q

Why is Reducing the Attack Area an important outcome of reconnaissance?

A

Focusing the scope down as much as we can mean we have a laser-focused goal or target in mind.

20
Q

What does Building an Information Database involve?

A

Typically an excel sheet with a big list of stuff that we’re trying to resolve or find out about the company.

21
Q

What does the information stored in an information database that is built for reconnaissance contain?

A

Information regarding security weaknesses of the target.

22
Q

What is an information database built in Recon used for?

A

Prioritizing based off the information database

Ethical Hacking: Reconnaissance/Footprinting (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions