Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Comptia Pentest+ PT0-002 > 2.2 Information Gathering and Vulnerability Scanning > Flashcards

2.2 Information Gathering and Vulnerability Scanning Flashcards

Given a scenario, perform active reconnaissance.

1
Q

How can you identify a web application firewall (WAF)?

A

-A WAF can give away their existence by adding a personal cookie in HTTP packets
-Some WAF products use a technique called Header alternation, which changes the original response header to confuse the attacker
-Other WAF will identify themselves by their response.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Name a few methods to avoid Antivirus detection.

A

-Creating a metamorphic virus, which transforms as it propagates and makes pattern detection near impossible
-Obfuscate a known signature
-Use specialized tools or payloads such as file-less malware that use OS embedded functions that are difficult if not impossible to detect

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is Packet Sniffing?

A

Packet Sniffing is used to examine network traffic to better understand the characteristics and structure of the traffic flow. It is a way to obtain information about the network and can identify network hosts, services, device types, protocols, subnets, IP and MAC addresses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is wardriving?

A

Wardriving is a technique that involves driving (or walking) around to search for open access points using a laptop or smartphone.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How can you avoid detection while scanning a network?

A

-Using a decoy (option -D) you can make it appear as if the packets are either coming from a trusted or random device
-Using a fake IP address (option -S) can make it appear as if the packets are coming from another source
-Using a fake MAC address (option –spoof-mac) can be effective to make the probe appear to be coming from a specific device
-Using a specific source port number (option -g) can be used to fool packet filters configured to trust that port
-Lastly, slowing the scans (option -T) might be useful in order to avoid detection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How can you bypass a Network Access Control (NAC) appliance?

A

You can do this by accessing an authenticated device and using the device to slip by the NAC appliance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Name some tools can be used in the living off the land (LoTL) technique?

A

-Microsoft PowerShell (PS) is used to automate tasks and perform system management and configuration
-Windows Management Instrumentation (WMI) can provide information about host status, configure security settings and manipulate environment variables
-Visual Basic Scripts (VBScripts) allows the administrator to manage computers
-Mimikatz has the ability to create a Microsoft Kerberos API, list active processes and view credential information stored on a Windows computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Comptia Pentest+ PT0-002 (21 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions