Chapter 6 - Enumeration Flashcards

1
Q

What are RPCs primarily used for?

A. Interprocess communications
B. Interprocess semaphores
C. Remote method invocation
D. Process demand paging

A

A.

Remote procedure calls are a way for processes on one system to communicate with processes on another system. This does not preclude two processes on the same system com- municating, of course. Semaphores are another concept in computer science that can enable interprocess communication. Remote method invocation is a way for Java programs to implement interprocess communications. Process demand paging isn’t a thing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What would you be trying to enumerate if you were to use enum4linux?

A. Procedures
B. Linux-based services
C. Shares and/or users
D. Memory utilization

A

C.

enum4linux is a tool that makes use of other, underlying tools to scan systems that have implemented SMB. This means enum4linux can be used to enumerate shares or users, as well as other information. None of the other options is valid.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How do you authenticate with SNMPv1?

A. Username/password
B. Hash
C. Public string
D. Community string

A

D.

SNMPv3 implemented username and password authentication. With version 1, you used a cleartext community string. SNMP doesn’t use hashes, and while the word public is often used to describe a community string, a public string is not a way to authenticate with SNMPv1.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What SMTP command would you use to get the list of users in a mailing list?
A. EXPD
B. VRFY
C. EXPN
D. VRML

A

C.

The SMTP command used to expand a mailing list alias to get the underlying email addresses that belong to that mailing list or group is EXPN. The command VRFY is verify, and the other two are not valid SMTP commands.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What type of enumeration would you use the utility dirb for?
A. Directory listings
B. Directory enumeration
C. Brute-force dialing
D. User directory analysis

A

B.

The utility dirb uses a word list to attempt to enumerate directories available through a web server that may not be available by looking at all the pages and links in the site.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are data descriptions in SNMP called?
A. Management-based information
B. Data structure definition
C. Extensible markup language
D. Management information base

A

D.

SNMP can be used to retrieve information from remote systems. This information has to be described, including the different data types. All of the information available is described in a management information base (MIB). The Extensible Markup Language (XML) is a way of packaging data in a structured way, but it is not used in SNMP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the process Java programs identify themselves to if they are sharing procedures over
the network?
A. RMI registry
B. RMI mapper
C. RMI database
D. RMI process

A

A.

Interprocess communications across systems using a network is called remote method invocation. The process with which programs have to communicate to get a dynamic port allocation is the RMI registry. This is the program you query to identify services that are available on a system that has implemented RMI.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

You are working with a colleague, and you see them interacting with an email server using the VRFY command. What is it your colleague is doing?
A. Verifying SMTP commands
B. Verifying mailing lists
C. Verifying email addresses
D. Verifying the server config

A

C.

The extended SMTP (ESMTP) protocol has a command that is abbreviated VRFY that is used to verify email addresses. A mail server may or may not have exposed this command, even if the server software supports ESMTP. Expanding mailing lists is EXPN. You wouldn’t use VRFY for a mailing list in that same sense. The other two don’t have specific commands that are specified in the SMTP protocol definition.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the SMB protocol used for?
A. Data transfers using NFS
B. Data transfers on Windows systems
C. Data transfers for email attachments
D. Data transfers for Windows Registry updates

A

B.

The Server Message Block (SMB) protocol is used for multiple functions on Windows networks. One of them is to transfer files (data) from one system to another. Email attach- ments would be transmitted using SMTP. NFS manages its own data transfer when files are being copied from one system to another. There are no data transfers specifically for Win- dows Registry updates.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of these is a built-in program on Windows for gathering information using SMB?
A. nmblookup
B. smbclient
C. Metasploit
D. nbtstat

A

D.

The program nmblookup can be used on Linux systems. smbclient is a program that comes with a Samba installation that can be used to interact with a system using SMB. Metasploit has a lot of functions, but it’s not built into Windows. The program nbtstat, though, can be used to gather information using SMB, and it is a program that is installed with Windows.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What status code will you get if your attempt to use the VRFY command fails?
A. 550
B. 501
C. 250
D. 200

A

A.

The status code you would get if your VRFY command failed against an SMTP server is 550. 200 is the status code for success with a web server. The other codes are not valid in this context.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What program would you use to enumerate services? A. smbclient
B. Nmap
C. enum4linux
D. snmpwalk

A

B.

The programs smbclient and enum4linux may be used to enumerate information using SMB. The program snmpwalk can be used to enumerate information over SNMP. nmap, though, can be used to enumerate services running on all the systems on a network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What version of SNMP introduced encryption and user-based authentication?
A. 1
B. 2
C. 2c
D. 3

A

D.

Version 1 of SNMP used community strings. Version 2c also used community strings. Version 2 improved version 1, but it was version 3 that implemented user-based authentica- tion as well as encryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of these could you enumerate on a WordPress site using wpscan?
A. Plugins
B. Posts
C. Administrators
D. Versions

A

A.

The program wpscan can be used to enumerate themes, users, and plugins. It can’t be used to enumerate administrators, specifically. It also can’t be used to enumerate posts, and since there would be only a single version, you wouldn’t enumerate versions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of these tools allows you to create your own enumeration function based on ports being identified as open?
A. Metasploit
B. nmap
C. Netcat
D. nbtstat

A

B.

Metasploit can be extended with user-created programs. However, you wouldn’t call a Metasploit module based on ports being open. Netcat doesn’t do any enumeration, and nbt- stat is a Windows program that can’t be extended. nmap can be extended with user-written scripts. An nmap script includes a port registration so nmap knows to call that script when specific ports are found to be open.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What underlying functionality is necessary to enable Windows file sharing?
A. Network File System
B. Common Internet File System
C. Remote procedure call
D. Remote method invocation

A

C.

SMB relies on remote procedure calls (RPCs) to function. The common Internet File System (CIFS) is an implementation of file sharing and system management using SMB. The Network File System (NFS) is a protocol that makes use of remote procedure calls. Remote method invocation (RMI) is a way to call procedures remotely over Java.

17
Q

What tool does a Java program need to use to implement remote process communication? A. JRE
B. rmic C. rmir D. JDK

A

B.

The JRE is the Java runtime environment and is necessary to run Java programs. The JDK is the Java development kit and is necessary to develop Java programs. The program rmic
is used to create RMI programs. It creates the stubs necessary for RMI to function. rmir isn’t anything.

18
Q

What is the IPC$ share used for?
A. Process piping
B. Interprocess construction
C. Remote process management
D. Interprocess communication

A

D.

The IPC$ share is a named pipe that enables interprocess communications over a net- work. While you may be able to do some remote management using the IPC$ share, it is not used for remote process management.

19
Q

Which of these passes objects between systems?
A. SunRPC
B. SMB
C. RMI
D. nmap

A

C. RMI is a way to implement interprocess communications using Java. Since Java is an object-oriented programming language, it would transmit objects. SMB is the Server Message Block protocol. SunRPC does remote procedure calls, but the data transmitted isn’t object oriented. nmap is a program used to scan ports.

20
Q

If you needed to enumerate data across multiple services and also store the data for retrieval later, what tool would you use?
A. Metasploit
B. nmap
C. RMI
D. Postgres

A

A. While nmap is an excellent program in its own right and can be used to enumerate data across multiple services, it doesn’t store data for retrieval later without some additional help. Metasploit can also be used to enumerate data across multiple services and also uses a
database on the back end to store data to be retrieved later. RMI is remote method invoca- tion, a way to implement interprocess communications across a network. Postgresql is the database server commonly used underneath Metasploit. Postgres is a much older version of what is now PostgreSQL.