Ethical Hacking 2

Question 1

When using Nslookup, you must type ____ if you wish to query for a host name outside the domain.

Answer 1

The FQDN

Question 2

Which DNS tool uses a technique that scans and browses a list of generated names in order to spot domains that capitalize on inadvertent URL misspellings?

Answer 2

MSR Strider URL Tracer

Question 3

What type of information gathering is carried out by obtaining details that are freely available on the Internet and through various other techniques, without directly coming into contact with the organization’s internal servers?

Answer 3

passive

Question 4

You are scanning a domain and need to see third party domains that it serves content from, and you need to be able to detect whether the site is being redirected. What tool should you use?

Answer 4

MSR Strider

Question 5

What type of information are you likely to find in a zone?

Answer 5

resource records

Question 6

Which WHOIS tool can be used to see when someone has connected to his or her computer?

Answer 6

CallerIP

Question 7

What IP address blocks are valid for use as private IP address networks?

Answer 7

10.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12

Question 8

How does the traceroute utility determine the path of data through a network?

Answer 8

Traceroute sends a pakcet with a TTL value of 1 initially, causing the packet to be returned. It then send sout additional packets, increasing the TTL value by 1 to account for each hop in the path.

Question 9

You are using the BiDiBLAH toolset and are trying to determine DNS information for a doman that does not allow DNS zone transfers. What utility should you use?

Answer 9

jarf-dnsbrute

Question 10

When identifying security postures for a network, what are can an attacker investigate to find information about authentication mechanisms?

Answer 10

Remote access

Question 11

What file stored at the root of a website and is publicly accessible might contain a list of directories filled with sensitive information that is not to be indexed by search engines?

Answer 11

robots.txt

Question 12

What Regional Internet Registry (RIR) might contain whois database information about an IP address sourced from Russia?

Answer 12

APNIC

Question 13

What intelligence gathering stance involves the process of accumulating information from resources such as the Internet that can later be analyzed as business intellignce?

Answer 13

Competitive information gathering

Question 14

What query protocol can be used to identify IP addresses, domain names, server type, domain name registrar, and name servers for a domain?

Answer 14

WHOIS

Question 15

Which tool used to locat the network range can be used to reveal relationships between people, organizations, and ideas in the network?

Answer 15

TouchGraph

Question 16

Of which phase of an attack is footprinting an essential element?

Answer 16

Reconnaissance

Question 17

You are using the BiDiBLAH toolset and wish to perform a reverse DNS lookup on an IP range. What utility should you use?

Answer 17

jarf-rev

Question 18

Which script is used to plot the boundary sections of a class C network?

Answer 18

qtrace.pl

Question 19

What statement accuretely descrives how the Universal Man-in-the-Middle Phishing Kit works?

Answer 19

The kit creates a fake URL that communicates with the legitimate web site of a targeted organization in real time. When a victim clicks on a link to the URL, they are directed to the fake page.

Question 20

Which type of query can be carried out on a WHOIS database that will provide information about personnel that deal with administration, technical, or billing accounts?

Answer 20

Point of contact