Module 3 - Scanning Networks Flashcards

1
Q

Network Scanning Concepts:

Refers to a set of procedures used for identifying hosts, ports, and services in a network.

a. Network Incident Response
b. Network Eavesdropping
c. Network Scanning
d. Network Discovery

A

c. Network Scanning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Network Scanning Concepts:

What is the correct sequence for a 3-Way Handshake?

a. ACK–SYN–SYN/ACK
b. SYN–SYN/ACK–ACK
c. SYN–ACK–SYN/ACK
d. SYN/ACK–SYN–ACK

A

b. SYN–SYN/ACK–ACK

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Scanning Tools:

  • Network administrators can use this for network inventory, managing service upgrade schedules, and monitoring host or service uptime.
  • Attacker uses it to extract information such as live hosts on the network, services (application name and version), type of packet filters/firewalls, operating systems, and OS Versions.
    a. Nmap
    b. Fing
    c. NetScanTools Pro
    d. Hping2 / Hping3
A

a. Nmap

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Scanning Techniques:

What TCP flags are used in a Xmas Scan/Attack?

a. FIN–RST–URG
b. FIN–PSH–SYN
c. URG–PSH–RST
d. URG–PSH–FIN

A

d. URG–PSH–FIN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Scanning Techniques:

The following is an example of what kind of attack?

SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK

a. DoS Syn
b. Syn Flood
c. Syn DD0S
d. Flood Syn

A

b. Syn Flood

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Scanning Techniques:

What protocol is used when you conduct a PING or TRACEROUTE?

a. TCP
b. UDP
c. IP
d. ICMP

A

d. ICMP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Scanning Techniques:

In Xmas scan, attackers send a TCP frame to a remote device with ___, ___, and ___ flags set. (Choose 3)

a. SYN
b. PSH
c. ACK
d. SYN/ACK
e. URG
f. FIN
g. RST

A

b. PSH
e. URG
f. FIN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Scanning Beyond IDS and Firewall:

Sending fragmented probe packets to the intended server which re-assembles it after receiving all the fragments.

a. Source Routing
b. Packet Fragmentation
c. IP Address Decoy
d. IP Address Spoofing
e. Proxy Server

A

b. Packet Fragmentation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Scanning Beyond IDS and Firewall:

Use routers and firewalls at your network perimeter to filter incoming packets that appear to come from an internal IP address.

a. IP Spoofing
b. Egress Filtering
c. Ingress Filtering
d. Proxy

A

c. Ingress Filtering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Scanning Beyond IDS and Firewall:

Filter all outgoing packets with an invalid local IP address as source address.

a. IP Spoofing
b. Egress Filtering
c. Ingress Filtering
d. Proxy

A

b. Egress Filtering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Scanning Tools:

The following syntax is used to conduct what kind of scan or find out what information?

Nmap -P

a. Operating Systems
b. Stealth Scan
c. Speed Scan
d. TCP Scan
e. Open Ports

A

e. Open Ports

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Scanning Tools:

The following syntax is used to conduct what kind of scan or find out what information?

Nmap -O

a. Operating Systems
b. Stealth Scan
c. Speed Scan
d. TCP Scan
e. Open Ports

A

a. Operating Systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Scanning Tools:

The following syntax is used to conduct what kind of scan or find out what information?

Nmap -sS

a. Operating Systems
b. Stealth Scan
c. Speed Scan
d. TCP Scan
e. Open Ports

A

b. Stealth Scan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Scanning Tools:

The following syntax is used to conduct what kind of scan or find out what information?

Nmap -T

a. Operating Systems
b. Stealth Scan
c. Speed Scan
d. TCP Scan
e. Open Ports

A

d. TCP Scan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Scanning Tools:

The following syntax is used to conduct what kind of scan or find out what information?

Nmap -T2

a. Operating Systems
b. Stealth Scan
c. Speed Scan
d. TCP Scan
e. Open Ports

A

c. Speed Scan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Scanning Beyond IDS and Firewall:

  • Remove all the identifying information from the user’s computer while the user surfs the internet.
  • Privacy and Anonymity
  • Protects from online attacks
    a. Anonymizers
    b. Proxy
    c. Firewall
    d. IDS
    e. IPS
A

a. Anonymizers

17
Q

_________ is the method used to determine the operating system running on a remote target system.

A

Banner Grabbing

18
Q

Scanning Techniques:

If a port is closed you will get a ____ packet which reestablishes a connection.

a. SYN
b. ACH
c. FIN
d. URG
e. RST
f. PSH

A

e. RST

19
Q

Scanning Beyond IDS and Firewall:

A _____ server is an application that can serve as an intermediary for connecting with other computers.

-Goes to the internet on your behalf.

A

Proxy Server

20
Q

Scanning Beyond IDS and Firewall:

Increases a hackers anonymity by connecting through multiple proxy servers.

a. Proxy Server
b. Proxy Workbench
c. Proxy Chaining
d. Proxy Switcher

A

c. Proxy Chaining

21
Q

Scanning Pen Testing:

The penetration testing report will help the system administrators to:

a. Network Discovery
b. Harden Systems
c. Scan Beyond IDS and Firewall
d. Draw Network Diagrams

A

b. Harden Systems

22
Q

What port is LDAP?

A

389

23
Q

What port is IMAP?

A

143

24
Q

What is port 23?

A

Telnet

25
Q

What port is SMTP?

A

25

26
Q

What port is TFTP?

A

69

27
Q

What port is 53?

A

DNS

28
Q

What port is Kerberos?

A

88

29
Q

What port is 123?

A

NTP