Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

TestOut Ethical Hacker Pro > 6.2.5 Practice Questions > Flashcards

6.2.5 Practice Questions Flashcards

1
Q

Listen to exam instructions
Hugh, a security consultant, recommended the use of an internal and external DNS to provide an extra layer of security. Which of the following DNS countermeasures is being used?

answer

Digital signatures

DNS zone restriction

DNS zone transfer

Split DNS

A

Split DNS

Explanation
DNS splitting, splitting the DNS into internal and external groups, provides an added layer of security.

DNS zone restrictions ensure that a server only provides copies of zone files to specific servers.

Digital signatures help with DNS zone restriction.

DNS zone transfers are designed to provide updated network and access information to the DNS servers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Diana, a penetration tester, executed the following command. Which answer describes what you learn from the information displayed?

answer

This is a DNS zone transfer.

There are DNS restrictions in place.

DNS translation is being used.

Split DNS is being used.

A

This is a DNS zone transfer.

Explanation
A DNS zone transfer is a mechanism available for administrators to replicate DNS databases across a set of DNS servers. Organizations should take measures not to allow zone transfers to just anyone.

DNS zone restrictions ensure that a server only provides copies of zone files to specific servers.

Split DNS is used to split DNS into internal and external groups.

DNS translates domain names to IP addresses so browsers can load web pages.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Listen to exam instructions
Which of the following is the most basic way to counteract SMTP exploitations?

answer

Review and implement the security settings and services available with your server software.

Monitor ports, remove agents, update systems, and change default passwords.

Restrict zones to ensure where zones are copied, use digital signatures, and split zones.

Ignore messages to unknown recipients instead of sending back error messages.

A

Ignore messages to unknown recipients instead of sending back error messages.

Explanation
The most basic way to counteract SMTP exploitation is to simply ignore messages to unknown recipients instead of sending back error messages.

Hardening against LDAP enumeration can be tricky. Although blocking LDAP port 389 is an option, you can’t always block ports, or you’ll risk impacting your network. Blocking LDAP ports could prevent your clients from querying necessary services. The best way to secure LDAP is to review and implement the security settings and services available with your server software.

SNMP is used to manage devices such as routers, hubs, and switches. The easiest way to prevent SNMP exploitation is to block, or at least monitor, activity on ports 161 and 162 and any other port you’ve configured for SNMP traffic.

DNS zone restrictions ensure that a server provides copies of zone files to only specific servers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

After the enumeration stage, you are considering blocking port 389. Your colleague has advised you to use caution when blocking ports that could potentially impact your network.

Which of the following necessary services could be blocked?

answer

DNS

SNMP

SMTP

LDAP

A

LDAP

Explanation
Hardening against LDAP enumeration can be tricky. Although blocking LDAP port 389 is an option, you can’t always block ports, or you’ll risk impacting your network. Blocking LDAP ports could prevent your clients from querying necessary services. The best way to secure LDAP is to review and implement the security settings and services available with your server software.

The most basic way to counteract SMTP exploitation is to simply ignore messages to unknown recipients instead of sending back error messages.

The SNMP is used to manage devices such as routers, hubs, and switches. The easiest way to prevent SNMP exploitation is to block, or at least monitor, activity on ports 161 and 162 and any other port you’ve configured for SNMP traffic.

DNS zone restrictions ensure that a server provides copies of zone files to only specific servers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Robby, a security specialist, is taking countermeasures for SNMP. Which of the following utilities would he most likely use to detect SNMP devices on the network that are vulnerable to attacks?

answer

Scany

Currport

SNscan

Colasoft

A

SNscan

Explanation
SNscan is a utility that is used to detect SNMP devices that are vulnerable to attacks.

Scany is a scanner application for iOS devices. It scans networks, websites, and ports to find open network devices. It can obtain domain and network names and include basic networking utilities such as ping, traceroute, and whois.

Colasoft is a packet crafting software that can be used to modify flags and adjust other packet content.

Currports lists all open TCP and UDP ports on your computer. It also provides information about which process opened the port, which user created the process, and what time it was created.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

TestOut Ethical Hacker Pro (28 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions