Enumeration

Question 1

What port does BGP use?

Answer 1

179

Question 2

What port does NetBIOS use for accessing resources?

Answer 2

139

Question 3

What port does IPSEC IKE use?

Answer 3

500

Question 4

Which of the following port numbers is used by the Windows NetBIOS session service for both null-session establishment as well as file and printer sharing

Answer 4

TCP 139

Question 5

What port does LDAP use by default?

Answer 5

389

Question 6

What does PsList do?

Answer 6

PsList displays the CPU and memory information or thread statistics.

Question 7

Which NetBIOS service code is used to obtain information related to the master browser name (aka domain name) for the subnet?

Answer 7

<1D>

Question 8

Which NetBIOS service code is used to obtain information related to the username of the logged in user, or the host name?

Answer 8

<03>

Question 9

Which NetBIOS service code is used to obtain the host name?

Answer 9

<20>

Question 10

Which flag do you pass to nbtstat to display the count of all names resolved by a broadcast or WINS server?

Answer 10

-r

Question 11

Which command allows an SNMP agent to inform the pre-configured SNMP manager of a certain event

Answer 11

Trap

Question 12

Which MIB (management information base) contains WINS (Windows Internet Name Service) object types?

Answer 12

WINS.MIB

Question 13

Which MIB (management information base) contains host resources object types?

Answer 13

HOSTMIB.MIB

Question 14

Which MIB (management information base) contains TCP/IP-based object types?

Answer 14

MIB_II.MIB

Question 15

Which MIB (management information base) contains Workstation and Server Services object types?

Answer 15

LNMIB2.MIB

Question 16

Which command is used by an SNMP agent to meet a request made by the SNMP manager?

Answer 16

GetResponse

Question 17

Which protocol enables an attacker to enumerate user accounts and devices on a target system

Answer 17

SNMP

Question 18

What is JXplorer?

Answer 18

JXplorer is an LDAP enumeration tool

Question 19

What do you pass to ntpdate to force the time to always be skewed?

Answer 19

-B

Question 20

What do you pass to ntpdate to force the time to always be stepped?

Answer 20

-b

Question 21

What do you pass to ntpdate to enable debugging mode?

Answer 21

-d

Question 22

What do you pass to ntpdate to query an ntp server without updating the clock?

Answer 22

-q

Question 23

What is RPCScan?

Answer 23

An NFS enumeration tool

Question 24

What is ntpdc?

Answer 24

A command used by the attackers to query the ntpd daemon about its current state

Question 25

What does the -h flag do when passed to smtp-user-enum?

Answer 25

-h specifies the hostname of the SMTP server

Question 26

What does the -u flag do when passed to smtp-user-enum?

Answer 26

-u username specifies a user whose existence you’d like to check on a given SMTP server.

Question 27

What does the -U flag do when passed to smtp-user-enum?

Answer 27

Check usernames listed in given file to see if they exist on given SMTP server

Question 28

What does the -u flag do when passed to smtp-user-enum?

Answer 28

Use the hostnames given in the file to enumerate SMTP servers.

Question 29

What is the VRFY SMTP command?

Answer 29

VRFY validates users

Question 30

What is the EXPN SMTP command?

Answer 30

EXPN tells the actual delivery addresses of aliases and mailing lists

Question 31

What is the RCPT TO SMTP command?

Answer 31

Defines the recipients of the message

Question 32

What is the default SMB port?

Answer 32

445

Question 33

What is Enyx?

Answer 33

Enyx is an enumeration tool that fetches the IPv6 address of a machine through SNMP

Question 34

What is Svmap?

Answer 34

Svmap is an open-source scanner that identifies SIP devices and PBX servers on a target network. It can be helpful for system administrators when used as a network inventory tool

Question 35

What is ike-scan?

Answer 35

ike-scan discovers IKE hosts and can fingerprint them using the retransmission backoff pattern

Question 36

Which flag do you pass to finger to prevent the matching of usernames?

Answer 36

-m

Question 37

Which flag do you pass to finger to display the user’s login name, real name, terminal name, idle time, login time, office location and office phone number?

Answer 37

-s

Question 38

Which flag do you pass to finger to output a detailed multi-line output?

Answer 38

-l

Question 39

Which flag do you pass to finger to prevent the -l flag from displaying the contents of the .plan, .project, and .pgpkey files?

Answer 39

-p

Question 40

What’s SNMP’s default port?

Answer 40

161