Lecture 5

Question 1

What is the purpose of enumeration tools?

Answer 1

To discover assets and manage vulnerabilities.

Question 2

Define Enumeration.

Answer 2

Scanning the network & hosts to map out the attack surface.

Question 3

What are the two main methods of enumeration?

Answer 3

• Active
• Passive

Question 4

What types of reconnaissance tools are used in mapping?

Answer 4

• Open-source Intelligence (OSINT)
• Foot-printing
• Fingerprinting

Question 5

What is the difference between foot-printing and fingerprinting?

Answer 5

• Foot-printing: Maps out network layout focusing on TCP/IP stack info, routing topology, DNS, domains, hostnames.
• Fingerprinting: Detects host systems focusing on open ports, OS types, versions, services.

Question 6

What is an example of internal scanning?

Answer 6

Scanning from subnet #1 in vCluster.

Question 7

What is an example of external scanning?

Answer 7

Scanning from subnet #3 in vCluster.

Question 8

• systeminfo/hostnamectl
• nmap
• zenmap (GUI nmap)
• unicornscan

What are these examples of?

Answer 8

Enumeration tools

Question 9

• traceroute
• ifconfig/ipconfig
• dig/nslookup
• ping

What are these examples of?

Answer 9

Enumeration tools

Question 10

• megaping
• hping3
• hostname
• arp

What are these examples of?

Answer 10

Enumeration tools

Question 11

What is the goal of enumeration?

Answer 11

To scan/identify network ranges and hosts belonging to the target.

Question 12

True or False: Passive enumeration requires an active connection to assets.

Answer 12

False