2.0 Flashcards
What exploit can take place if the X-Frame-Options header is not present?
Clickjacking can be used against the web server’s users.
What uses port 23?
Telnet (which is not considered insecure because it sends all of its data in cleartext)
Why would a “Blind SQL injection” be difficult to confirm with an external vulnerability scan?
They cannot confirm that a Blind SQL Injection with (execution of code) has previously occurred.
Which technique(s) can you use to find a older copies of webpage that may have been taking down?
A standard Cache search OR a website Archive.
What does this command do: nc -v IP PORT?
This conducts a banner grab
What uses port 25?
SMTP
What is MOU?
Memorandum Of Understanding -a document that describes the broad outlines of an agreement
What should be reviewed to determine other domains that can use the same digital certificate?
Subject Alternative Name (SAN) -is a field in a digital certificate that allows a host to be identified by multiple host names or domain names.
Which of the following files would contain the Apache server’s logs (default naming convention)?
Logs are stored in access_log
***Full path would be /var/log/httpd/access_log
What kind of tool is Scapy?
A tool used to conduct packet manipulation by crafting and sending malformed packets to a network target.
What command could be used to list the active services from the Windows command prompt?
“sc query” -display information about running service
In what ways can Percent encoding can be used?
Can be misused to obfuscate the nature of a URL and submit malicious input as a script or binary to perform directory traversal and other attacks.
What is Certificate Pinning?
A method of trusting digital certificates that bypass the CA hierarchy and chain of trust
What is Certificate Stapling?
Allows a web server to perform certificate status check and eliminates the need for additional connection at the time of the request
Address (A) Record
Links a hostname to IPv4 address
Service (SRV) Record
Used to provide host and port information on services (VoIP and IM)
Mail Exchange (MX) Record
Directs emails messages to a mail server MX records for a particular domain.
Nameserver (NS) Record
Indicates which DNS name server has the authority for a particular domain.
Text (TXT) Record
Adds text into the DNS -used to provide information about a resource such as a server, network, or service in human-readable form. They often contain domain verification and domain authentications for third-party tools that can send information on behalf of a domain name.
Start of Authority (SOA) Record
Stores important information about a domain or zone
AAAA Record
Links a hostname to an IPv6 address
Canonical Name (CNAME) Record
Points a domain to another domain or subdomain
Pointer (PTR) Record
Correlates an IP address with a domain name
What is the inanchor: modifier?
is used to search for any pages whose anchor text includes the specified term
What is the link: modifier used for?
Used to search for pages that link to the website provided
What is the inurl: modifier used for?
Used to search for any pages whose URLs include the term specified.
What is the site: modifier used for?
Used to search only the specified website for results that contain the search term.
