Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Meu CEH > Module 2 - Footprinting and Reconnaissance > Flashcards

Module 2 - Footprinting and Reconnaissance Flashcards

1
Q

The first step of any attack on information systems in which an attacker collects information about a target network for identifying various ways to intrude into the system.

a. Banner Grabbing
b. Scanning/Enumeration
c. Reconnaissance/Footprinting
d. Gaining Access
e. Maintaining Access

A

c. Reconnaissance/Footprinting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Refers to the use of advanced Google search operators for creating complex search queries in order to extract sensitive or hidden information that helps attackers to find vulnerable targets.

A

Google Hacking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Footprinting through Search Engines:

Displays the web pages stored in the Google cache.

a. cache
b. link
c. related
d. info
e. site
f. allintitle
g. intitle
h. allinurl
i. inurl
j. location

A

a. cache

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Footprinting through Search Engines:

Lists web pages that have links to the specified web page.

a. cache
b. link
c. related
d. info
e. site
f. allintitle
g. intitle
h. allinurl
i. inurl
j. location

A

b. link

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Footprinting through Search Engines:

Restricts the results to those websites in the given domain.

a. cache
b. link
c. related
d. info
e. site
f. allintitle
g. intitle
h. allinurl
i. inurl
j. location

A

e. site

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Footprinting through Search Engines:

Restricts the results to those with all of the search keywords in the URL.

a. cache
b. link
c. related
d. info
e. site
f. allintitle
g. intitle
h. allinurl
i. inurl
j. location

A

h. allinurl

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Footprinting through Search Engines:

  • An authoritative source for querying the ever-widening reach of the Google search engine.
  • Common Vulnerabilities and Exposures (CVE) compliant archive of public exploits and corresponding vulnerable software.
A

Google Hacking Database (GHDB)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Website Footprinting:

Extracts metadata of public documents (pdf, doc, xls, ppt, docx, pptx, xlsx, etc.) belonging to a target company.

a. Burp Suite
b. Netcraft.com
c. Archive.org
d. Metagoofil

A

d. Metagoofil

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Whois Footprinting:

Whois databases are maintained by ______ ______ _______ and contain personal information of domain owners.

A

Regional Internet Registries

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Whois Footprinting:

Regional Internet Registries (RIRs): ARIN

a. North America & Canada
b. Africa
c. Europe
d. Latin America and Caribbean Islands
e. Asian/Pacific

A

a. North America & Canada

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Whois Footprinting:

Regional Internet Registries (RIRs): AFRINIC

a. North America & Canada
b. Africa
c. Europe
d. Latin America and Caribbean Islands
e. Asian/Pacific

A

b. Africa

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Whois Footprinting:

Regional Internet Registries (RIRs): RIPE NCC

a. North America & Canada
b. Africa
c. Europe
d. Latin America and Caribbean Islands
e. Asian/Pacific

A

c. Europe

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Whois Footprinting:

Regional Internet Registries (RIRs): lacnic

a. North America & Canada
b. Africa
c. Europe
d. Latin America and Caribbean Islands
e. Asian/Pacific

A

d. Latin America & Caribbean

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Whois Footprinting:

Regional Internet Registries (RIRs): APNIC

a. North America & Canada
b. Africa
c. Europe
d. Latin America and Caribbean Islands
e. Asian/Pacific

A

e. Asian/Pacific

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

DNS Footprinting:

Points to a host’s IP address:

a. A / AAAA (IPv6)
b. MX
c. CNAME
d. SOA
e. PTR

A

a. A / AAAA (IPv6)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

DNS Footprinting:

Points to domain’s mail server.

a. A / AAAA (IPv6)
b. MX
c. CNAME
d. SOA
e. PTR

A

b. MX

17
Q

DNS Footprinting:

Canonical naming allows aliases to a host.

a. A / AAAA (IPv6)
b. MX
c. CNAME
d. SOA
e. PTR

A

c. CNAME

18
Q

DNS Footprinting:

Indicate authority for domain. (Start of Authority)

a. A / AAAA (IPv6)
b. MX
c. CNAME
d. SOA
e. PTR

A

d. SOA

19
Q

DNS Footprinting:

Maps IP address to a hostname.

a. A / AAAA (IPv6)
b. MX
c. CNAME
d. SOA
e. PTR

A

e. PTR

Coments:

A / AAAA -> names to ip

MX -> specify the e-mail server(s) responsible for a domain name.

CNAME -> Long names to short names (aliases)

SOA -> one register to main DNS server on zone (some propeties)

PTR -> reverse records- IP to Names

Ref:https://simpledns.com/help/dns-record-types

20
Q

Footprinting through Web Services:

_______ is a tool used determine the Operating Systems in use by the target organization.

a. Censys
b. SHODAN
c. Netcraft
d. Firebug

A

c. Netcraft

Censys-> is a search engine that monitors all the devices connected to the internet. Companies and their IT staff can use Censys to keep track of their devices and determine which ones might have vulnerabilities

Shodan- > is a search engine that lets the user find specific types of computers connected to the internet using a variety of filters. Some have also described it as a search engine of service banners,

Netcraft-> provides web server and web hosting market-share analysis, including web server and operating system detection.Is also known for its free anti-phishing toolbar for the Firefox, Internet Explorer, and Chrome browsers

Firebug -> is a discontinued free and open-source web browser extension for Mozilla Firefox that facilitated the live debugging, editing, and monitoring of any website’s CSS, HTML, DOM, XHR, and JavaScript.

21
Q

Website Footprinting:

This website allows you to visit archived versions of websites.

A

archive.org

22
Q

Network Footprinting:

This command is used to see the path a packet travels from source to destination.

A

Traceroute

23
Q

Footprinting through Social Engineering:

  • Is unauthorized listening of conversations or reading of messages.
  • It is interception of any form of communication such as audio, video, or written.
    a. Shoulder Surfing
    b. Dumpster Diving
    c. Eavesdropping
A

c. Eavesdropping

24
Q

Footprinting through Social Engineering:

-Is atechnique, where attackers secretly observe or look the target to get users login, passwords, etc.

Can be done witch cameras, or visual procedure.

a. Shoulder Surfing
b. Dumpster Diving
c. Eavesdropping

A

a. Shoulder Surfing

25
Q

Footprinting through Social Engineering:

  • Is looking for treasure in someone else’s trash.
  • It involves the collection of phone bills, contact information, financial information, operations-related information, etc. from the target company’s trash bins, printer trash bins, user desk for sticky notes, etc.
    a. Shoulder Surfing
    b. Dumpster Diving
    c. Eavesdropping
A

b. Dumpster Diving

26
Q

Footprinting Tools:

A program that can be used to determine the relationships and real world links between people, groups of people (social networks), companies, organizations, websites, internet infrastructure, phrases, documents, and files.

a. Metasploit
b. Maltego
c. Recon-ng
d. Foca

A

b. Maltego

27
Q

Footprinting Pen Testing:

Perform footprinting through web services such as ______ to gather information about target organization’s website, employees, competitor, infrastructure, operating systems, etc.

a. Google
b. DNSstuff
c. Netcraft
d. LexisNexis

A

c. Netcraft

Meu CEH (22 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions