Chapter 2: Reconnaissance

Question 1

Define footprinting

Answer 1

All measures and techniques taken to gather information about an intended target, can be passive or active.

Question 2

Define anonymous footprinting

Answer 2

Hacker tries to obscure the source of all their information gathering

Question 3

Define pseudonymous footprinting

Answer 3

The hacker makes someone else take the blame for their actions

Question 4

What are the 4 main focuses of footprinting?

Answer 4

1. Know the security posture
2. Reduce the focus area
3. Identify vulnerabilities
4. Draw a network map

Question 5

Define active footprinting

Answer 5

Requires the attacker to touch the device, network, or resource

Question 6

Define Google hacking

Answer 6

Manipulating a search string with additional specific operators to search for vulnerabilities

Question 7

What does the Google operator filetype do?

Answer 7

Searches only for files of a specific type (ex. DOC, XLS, etc.)

Ex. filetype:doc returns Word documents

Question 8

What does the Google operator index of do?

Answer 8

Displays pages with directory browsing enabled

Ex. “intitle:index of” passwd shows pages with directory listings containing passwd

Question 9

What does the Google operator info do?

Answer 9

Displays information Google stores about the page itself

Ex. info:www.anycomp.com

Question 10

What does the Google operator intitle do?

Answer 10

Search for pages that contain the string in the title

Ex. intitle: login returns pages with login in the title

Question 11

What does the Google operator inurl do?

Answer 11

Displays pages with the string in the URL

Ex. inurl:passwd returns all pages with the word passwd in the URL

Question 12

What does the Google operator link do?

Answer 12

Displays linked pages based on a search term

Question 13

What does the Google operator related do?

Answer 13

Shows web pages similar to webpagename (ex. related:webpagename)

Question 14

What is the DNS record type SRV?

Answer 14

SRV: Service
Defines the hostname and port number of servers providing specific services, such as a Directory Services server.

Question 15

What is teh DNS record type SOA?

Answer 15

SOA: Start of Authority
Identifies the primary name server for the zone, contains the hostname of the server responsible for all DNS records within the namespace as well as properties of the domain

Question 16

What is the DNS record type PTR?

Answer 16

PTR: Pointer
Maps an IP address to a hostname

Question 17

What is the DNS record type NS?

Answer 17

NS: Name Server
Defines the name servers within the namespace, tese servers are the ones that respond to requests for name resolution

Question 18

What is the DNS record type MX?

Answer 18

MX: Mail Exchange
Identifies e-mail servers within the domain

Question 19

What is the DNS record type CNAME?

Answer 19

CNAME: Canonical Name
Provides for domain name aliases with the zone

Question 20

What is the DNS type A?

Answer 20

A: Address
Maps an IP address to a hostname and is used most often for DNS lookups

Question 21

Define zone transfer

Answer 21

A type of DNS transfer where all records from an SOA are transmitted to the requester. There are two options: full (opcode AXFR) and incremental (IXFR)