Lesson 3: Performing Security Assessments Flashcards

1
Q

Netstat

A

Report port status on local machine/ shows the state of TCP/UDP ports on the local machine.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

nslookup and dig

A

Query name servers, Zone transfers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Service Discovery

A

Scan custom TCP/UDP port ranges

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Nmap

A

Service and version detection, fingerprinting each port, protocol, application/version, OS type, device type, host discovery

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

TheHarvester

A

collate open source intelligence (OSINT)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Dnsenus

A

collate DNS hosting information, name records, and IP schema

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Scanless

A

Collate results from third-party port scanning sites

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Curl

A

Craft and submit protocol requests

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Nessus

A

Perform automated vulnerability scanner that checks for software vulnerabilities and missing patches.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Sniffer

A

tool for capturing network frames

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Tcpdump

A

read/write from pcap, filters. Packet capture utility for linux

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Fingerprinting

A

detailed analysis of services on a particular host

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Protocol Analysis

A

Using statistical tools to analyze a sequence of packets, or packet trace.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Packet Analysis

A

Deep-down frame by frame scrutiny of captured frames

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Packet injection

A

crafting spoofed packets, Dsniff, Ettercap, Scapy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Hping

A

Host/port detection and firewall testing, traceroute, DoS

Opensource spoofing tool that provides penetration tester with the ability to craft network packets to exploit firewall and IDS

17
Q

Tcpreplay

A

stream a packet capture through an interface, sandbox analysis and intrusion detection testing. It takes previously captured traffic that has been saved to a .pcap file and replays it through a network interface

18
Q

Wireshark

A

packet capture and analysis utility.

19
Q

RAT (Remote access trojan)

A

malware that gives the adversary the means of remotely accessing the network.

20
Q

Metasploit

A

Modules to exploit known code vulnerabilities, obfuscate code to evade detection

21
Q

Sn1Per

A

Penetration test reporting and evidence gathering

22
Q

Netcat

A

Tool for network tasks such as; port scanning and fingerprinting, CMD listener on the arbitrary port, File transfer over the arbitrary port.

Simple but effective tool for testing connectivity.

23
Q

Black Box

A

unknown environment, the consultant is given no privileged information about the network and its security systems.

24
Q

White Box

A

Known environment, the consultant is given complete access to information about the network.

25
Gray Box
Partially known environment – the consultant is given some information. Useful for simulating the behavior of an unprivileged insider threat.
26
Red Team
Performs offensive roles
27
Blue Team
Performs the defensive role
28
White Team
Sets the rules of engagement and monitors the exercise
29
Purple Team
Exercise set up to encourage collaboration, Red and blue teams share information and debrief on a regular basis.