Module 3: Scanning and Enumeration

Question 1

Scanning and Enumerations is the process of identifying

Answer 1

hosts, ports and services within the network.

Question 2

What are the three types of scanning?

Answer 2

Network Scanning
Port Scanning
Vulnerability Scanning

Question 3

TCP Flags

SYN

Answer 3

synchronise

Question 4

TCP Flags

ACK

Answer 4

Acknowledge the SYN flag

Question 5

TCP Flags

RST

Answer 5

Reset - forces a termination of the circuit

Question 6

TCP Flags

FIN

Answer 6

Finish - orderly tear down of the circuit

Question 7

TCP Flags

PSH

Answer 7

Push -

Question 8

TCP Flags

URG

Answer 8

Urgent

Question 9

Well-known Port Numbers

Answer 9

0-1023

Question 10

Registered Port Numbers

Answer 10

1024-49151

Question 11

Dynamic Port Numbers

Answer 11

49152-65535

Question 12

IPv4 Broadcast address subnet

Answer 12

255.255.255.255

Question 13

IPv6 Broadcast address subnet

Answer 13

FFFF.FFFF.FFFF.FFFF

Question 14

ICMP Type 8

Answer 14

Echo-Request

Question 15

ICMP Type 0

Answer 15

Echo Reply

Question 16

ICMP Type 3

Answer 16

Destination unreachable

Question 17

ICMP Type 3 - Code 0

Answer 17

The route is missing

Question 18

ICMP Type 3 - Code 1

Answer 18

the host is down

Question 19

ICMP Type 3 - Code 13

Answer 19

The firewall is stopping the ICMP

Question 20

What is a full connect scan

Answer 20

This is a TCP Connect scan - that performs the full three-way handshake - easy to detect

Question 21

What is a stealth scan

Answer 21

this is a half open scan or SYN scan. Only sends the first part of the handshake

Question 22

What is the XMAS scan type

Answer 22

all the flags on the tcp header are set. PSH, URG, FIN

Question 23

Syntax for Nmap is

Answer 23

nmap

Question 24

4 Evasion Methods

Answer 24

1. Fragmenting Packets
2. Spoof your IP Address
3. IP Source Routing
4. Use Proxies

Question 25

What is a vulnerability scanning tool

Answer 25

Nessus