Assessment and Testing

Question 1

Network Discovery Scan Types (5)

Answer 1

TCP Syn / Half Open
TCP Connect
TCP ACK
UDP
Xmas

Question 2

TCP Syn

Answer 2

Checks to see if system is open to connections, but does not complete the connection. Need to have privileges to send custom packet.

Question 3

TCP Connect

Answer 3

Attempts to make a full connection to the system. Used when tester is unable to use TCP Syn because the source system is unable to send a custom (Syn flag) packet

Question 4

TDP Ack

Answer 4

Used to determine rules used by firewall and firewall methodology.

Question 5

UDP

Answer 5

check for UDP services open. Doesn’t use handshake because UDP is connectionless.

Question 6

Xmas

Answer 6

Sends packets with many flags (FIN, PSH, URG).

Question 7

SSAE meaning

Answer 7

Statement on Standards for Attestation Engagements

Question 8

SCAP

Answer 8

Security Content Automation Protocol

Created by NIST and provides a common language for describing and evaluating vulnerabilities. Includes the following:

CVE: common vulnerabilities and exposures
CVSS: common vulnerability and scoring system
CCE: common configuration enumeration
CPE: common platform enumeration
XCCDF: Extensible config checklist description format: language for security checklists.
OVAL: Open vulnerability and assessment language (language for describing testing procedures)