K01 - Gathering Information

Question 1

What are the two modes Nslookup can be used in? Format (xxx, xxx-xxx)

Answer 1

interactive, non-interactive

Question 2

_______________ mode allows a user to execute queries back-to-back without typing the entire command for each query.

Answer 2

interactive

Question 3

_______________ mode involves typing the entire command for each query.

Answer 3

non-interactive

Question 4

What command queries a DNS (Domain Name System) server for DNS records relating to IP addresses, mail exchanges, and name servers?

Answer 4

dig

Question 5

What is the name of the website using the address 63.147.161.50?

Answer 5

goarmy.com

Question 6

What is IPv4 address is the webpage text-lb.esams.wikimedia.org using?

Answer 6

91.198.174.192

Use “dig text-lb.easams.wikimedia.org”

Question 7

If there are no errors with a dig query, what status will the user see?

Answer 7

no error

Question 8

PFC Tyler is attempting to execute a dig query on a site, but he misspelled the website name and accidentally spelled a non-existent website name instead. What status will PFC Tyler see when he attempts this query? Hint: the domain name queried does not exist

Answer 8

nxdomain

Question 9

What query status might a user see if they attempt a dig query on a site that has security settings configured so that zone transfers are not permitted or the zone does not exist at the request authority?

Answer 9

refused

Question 10

SGT Gray wants to verify that the H&S Company printer is able to respond to network connections. The IP address of the printer is 192.168.0.105? What command will SGT Gray execute to perform this task?

Answer 10

ping 192.168.0.105

Question 11

How many times will the remote host 192.168.1.101 be ping’d if the following command is executed? ping -c 6 192.168.1.101

Answer 11

6

Question 12

Target Development includes all of the following EXCEPT:

• Understanding potential vulnerabilities
• Obtaining or developing scripts
• Deliver brief derived from mission analysis
• Planning execution of exploit
• Testing in a controlled environment

Answer 12

Deliver brief derived from mission analysis

Question 13

It is possible to exploit a target without gathering any information on the target.

• True
• False

Answer 13

False

Question 14

Which of the following is NOT one of the 4 Ds:

• Deny
• Degrade
• Destroy
• Delay
• Disrupt

Answer 14

Delay

Question 15

Some information cannot be found within the IP address alone. Select the group of tools that can used in the information gathering phase:

• Traceroute, Dig, dnsquery
• nslookup, traceroute, sing
• ping, dig, traceroute, nslookup
• routetrace gid,uplook, ipconfig

Answer 15

ping, dig, traceroute, nslookup

Question 16

A traceroute is a network command that can be run on your computer if you experience routing problems. It traces the “hops” between your computer and the final destination. For each hop, the traceroute will diagnose where the problem is.

• True
• False

Answer 16

True

Question 17

What is an example of nslookup syntax:

• nsbookup www.yahoo.com
• nstookup.www.google.com
• nslookup www.comptia.com
• nislookup.slack,com

Answer 17

nslookup www.comptia.com

Question 18

These __________ packets are sent and all routers involved receives these particular packets. These determine if the information in the packets are able to transfer the data effectively.

• IGMP
• Traceroute
• ICMP
• IMPC

Answer 18

ICMP?

Question 19

When in the Information Gathering/Reconnaissance phase, an attacker should gather the least amount of data possible so they can reduce the number of attack vectors, which will reduce the probability of being detected.

• True
• False

Answer 19

False

Question 20

The ____________ is a series of steps that trace stages of a cyber attack from the early reconnaissance stages to exfiltration. Understanding this process can help users understand and combat ransomware, security breaches, and advanced persistent attacks (APTs)

Answer 20

cyber kill chain

Question 21

What specifies the number of pings?

• -#
• -c
• -C
• -p

Answer 21

-c

Question 22

When using the dig command, you may see multiple IP’s from your query. This could be an indication that a __________ may be present?

Answer 22

load balancer

Question 23

SSG Thomas needs to see the gateways that packets pass through to reach the destination amazon.com. What command can SSG Thomas use to see this?

Answer 23

traceroute www.amazon.com

Question 24

What phase of the Cyber kill chain would be considered the most important phase? This would be paramount to successfully continue all the other phases.

Answer 24

reconnaissance

Question 25

___________ is built into both Windows and UNIX operating systems, and is a universal way of testing network response time and performance.

Answer 25

ping command

Question 26

What is it called when an attacker probes for weakness including harvesting login credentials or information that is useful in phishing attacks?

• Weaponization
• Reconnaissance
• Spam
• Installation of Malware

Answer 26

Reconnaissance

Question 27

This type of exploitation is taking advantage of a system’s setting that allows it to be manipulated by an unintended source.

Answer 27

misconfiguration

Question 28

This type of exploitation is taking advantage of poor OPSEC, cyber training, or restrictions in place.

Answer 28

human

Question 29

What command queries DNS servers for relating information such as name servers, mail exchanges and IP addresses.

• traceroute command
• dig command
• ipcontrig command
• DIIG command

Answer 29

dig command

Question 30

What is an example of the a Cyber Kill Chain?

• a group of botnets
• a planned process of cyberattack
• a series of worms based on the same core code
• a combination of virus, worm, and Trojan Horse

Answer 30

a planned process of cyberattack