CPE-PC 321 Lec 5 Flashcards
What is port scanning?
a. A method for encrypting network traffic
b. A technique used to identify open ports and services running on a target system
c. A way to secure network communications
d. A process for detecting malware infections
b. A technique used to identify open ports and services running on a target system
Port scanning is used to map network services and detect vulnerabilities.
What are the three possible states of a scanned port?
a. Open, Blocked, Secure
b. Open, Closed, Filtered
c. Active, Inactive, Hidden
d. Enabled, Disabled, Suspended
b. Open, Closed, Filtered
Open ports allow connections.
Closed ports reject connections.
Filtered ports may be restricted by a firewall.
hich of the following best describes a SYN scan?
a. A complete three-way handshake is established
b. A stealthy scan that sends SYN packets but does not complete the handshake
c. A scan that sends all possible flags in a packet
d. A scan that only targets UDP ports
b. A stealthy scan that sends SYN packets but does not complete the handshake
SYN scans are used to detect open ports without establishing full connections, making them harder to detect.
What is a connect scan?
a. A scan that sends malformed packets
b. A scan that completes the full three-way handshake
c. A scan that ignores closed ports
d. A scan that only checks UDP ports
b. A scan that completes the full three-way handshake
Connect scans are reliable but more detectable because they fully establish a TCP connection.
What is a NULL scan?
a. A scan that has no effect on a network
b. A scan that sets all packet flags to “off”
c. A scan that sends SYN-ACK packets
d. A scan that only checks port 80
b. A scan that sets all packet flags to “off”
NULL scans can bypass some firewall rules but will not work on Windows-based targets.
What is an XMAS scan?
a. A scan that sets SYN, ACK, and FIN flags
b. A scan that has no effect on network traffic
c. A scan that sets the FIN, PSH, and URG flags
d. A scan that only targets UDP ports
c. A scan that sets the FIN, PSH, and URG flags
XMAS scans are named for their “decorated” packet flags. They can evade detection but do not work on Windows systems.
What is an ACK scan used for?
a. Identifying active hosts on a network
b. Determining firewall rules and filtering settings
c. Scanning for SQL injection vulnerabilities
d. Encrypting TCP connections
b. Determining firewall rules and filtering settings
ACK scans check whether a firewall is filtering traffic by analyzing packet responses.
How does a FIN scan work?
a. It sends FIN packets to a target and expects a response
b. It completes a TCP handshake before sending data
c. It only scans UDP ports
d. It encrypts network traffic
a. It sends FIN packets to a target and expects a response
If a port is closed, the target responds with an RST packet. Open ports ignore FIN packets.
What is a UDP scan?
a. A scan that detects open UDP ports
b. A scan that only checks TCP services
c. A scan that ignores firewalls
d. A scan that targets web servers
a. A scan that detects open UDP ports
UDP scans send UDP packets to check whether services like DNS or SNMP are running.
What is the most widely used port-scanning tool?
a. Netcat
b. Nmap
c. Wireshark
d. Nessus
b. Nmap
Nmap is the most common port-scanning tool used by security professionals.
What is the purpose of the nmap -sS command?
a. To perform a UDP scan
b. To send a SYN scan
c. To run a full vulnerability assessment
d. To encrypt network traffic
b. To send a SYN scan
The -sS option in Nmap performs a stealthy SYN scan.
What is Zenmap?
a. A firewall tool
b. A graphical interface for Nmap
c. A database security scanner
d. A Windows-only penetration testing tool
b. A graphical interface for Nmap
Zenmap makes it easier to use Nmap by providing a GUI.
What is Nessus primarily used for?
a. Network encryption
b. Vulnerability scanning
c. Data recovery
d. DNS management
b. Vulnerability scanning
Nessus is a vulnerability scanner that extends Nmap’s capabilities.
What is OpenVAS?
a. A replacement for Wireshark
b. A network traffic encryption tool
c. An open-source vulnerability scanner
d. A firewall logging tool
c. An open-source vulnerability scanner
OpenVAS (now Greenbone Security Assistant) is an open-source alternative to Nessus.
What is a ping sweep used for?
a. Identifying active hosts on a network
b. Encrypting network traffic
c. Detecting malware infections
d. Blocking unauthorized network access
a. Identifying active hosts on a network
Ping sweeps determine which IP addresses correspond to active devices.
What is the purpose of fping?
a. Scanning for open ports
b. Sending multiple ping requests simultaneously
c. Encrypting web traffic
d. Detecting malware infections
b. Sending multiple ping requests simultaneously
fping can ping multiple hosts at once, unlike the standard ping command.
What is hping3 used for?
a. Performing ping sweeps and advanced network scanning
b. Blocking unauthorized access to a network
c. Encrypting file transfers
d. Detecting SQL injection attacks
a. Performing ping sweeps and advanced network scanning
hping3 is a flexible tool for crafting network packets and performing advanced scans.
What is an intrusion detection system (IDS) used for?
a. Actively blocking network attacks
b. Detecting suspicious network activity and issuing alerts
c. Encrypting all network communications
d. Preventing phishing attacks
b. Detecting suspicious network activity and issuing alerts
An IDS monitors network traffic for signs of cyberattacks.
How can organizations defend against port scanning attacks?
a. Using encryption algorithms
b. Blocking all network traffic
c. Implementing firewalls and intrusion prevention systems
d. Disabling all internet access
c. Implementing firewalls and intrusion prevention systems
Firewalls and IPS can detect and block unauthorized scans.
What is the primary purpose of shell scripting in security testing?
a. Automating repetitive security tasks
b. Encrypting network traffic
c. Blocking malicious software
d. Improving internet speed
a. Automating repetitive security tasks
Security testers use shell scripts to automate scans, data collection, and vulnerability assessments.
