Module 3 - Scanning Networks Flashcards
Network Scanning Concepts:
Refers to a set of procedures used for identifying hosts, ports, and services in a network.
a. Network Incident Response
b. Network Eavesdropping
c. Network Scanning
d. Network Discovery
c. Network Scanning
Network Scanning Concepts:
What is the correct sequence for a 3-Way Handshake?
a. ACK–SYN–SYN/ACK
b. SYN–SYN/ACK–ACK
c. SYN–ACK–SYN/ACK
d. SYN/ACK–SYN–ACK
b. SYN–SYN/ACK–ACK
Scanning Tools:
- Network administrators can use this for network inventory, managing service upgrade schedules, and monitoring host or service uptime.
- Attacker uses it to extract information such as live hosts on the network, services (application name and version), type of packet filters/firewalls, operating systems, and OS Versions.
a. Nmap
b. Fing
c. NetScanTools Pro
d. Hping2 / Hping3
a. Nmap
Scanning Techniques:
What TCP flags are used in a Xmas Scan/Attack?
a. FIN–RST–URG
b. FIN–PSH–SYN
c. URG–PSH–RST
d. URG–PSH–FIN
d. URG–PSH–FIN
Scanning Techniques:
The following is an example of what kind of attack?
SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK
a. DoS Syn
b. Syn Flood
c. Syn DD0S
d. Flood Syn
b. Syn Flood
Scanning Techniques:
What protocol is used when you conduct a PING or TRACEROUTE?
a. TCP
b. UDP
c. IP
d. ICMP
d. ICMP
Scanning Techniques:
In Xmas scan, attackers send a TCP frame to a remote device with ___, ___, and ___ flags set. (Choose 3)
a. SYN
b. PSH
c. ACK
d. SYN/ACK
e. URG
f. FIN
g. RST
b. PSH
e. URG
f. FIN
Scanning Beyond IDS and Firewall:
Sending fragmented probe packets to the intended server which re-assembles it after receiving all the fragments.
a. Source Routing
b. Packet Fragmentation
c. IP Address Decoy
d. IP Address Spoofing
e. Proxy Server
b. Packet Fragmentation
Scanning Beyond IDS and Firewall:
Use routers and firewalls at your network perimeter to filter incoming packets that appear to come from an internal IP address.
a. IP Spoofing
b. Egress Filtering
c. Ingress Filtering
d. Proxy
c. Ingress Filtering
Scanning Beyond IDS and Firewall:
Filter all outgoing packets with an invalid local IP address as source address.
a. IP Spoofing
b. Egress Filtering
c. Ingress Filtering
d. Proxy
b. Egress Filtering
Scanning Tools:
The following syntax is used to conduct what kind of scan or find out what information?
Nmap -P
a. Operating Systems
b. Stealth Scan
c. Speed Scan
d. TCP Scan
e. Open Ports
e. Open Ports
Scanning Tools:
The following syntax is used to conduct what kind of scan or find out what information?
Nmap -O
a. Operating Systems
b. Stealth Scan
c. Speed Scan
d. TCP Scan
e. Open Ports
a. Operating Systems
Scanning Tools:
The following syntax is used to conduct what kind of scan or find out what information?
Nmap -sS
a. Operating Systems
b. Stealth Scan
c. Speed Scan
d. TCP Scan
e. Open Ports
b. Stealth Scan
Scanning Tools:
The following syntax is used to conduct what kind of scan or find out what information?
Nmap -T
a. Operating Systems
b. Stealth Scan
c. Speed Scan
d. TCP Scan
e. Open Ports
d. TCP Scan
Scanning Tools:
The following syntax is used to conduct what kind of scan or find out what information?
Nmap -T2
a. Operating Systems
b. Stealth Scan
c. Speed Scan
d. TCP Scan
e. Open Ports
c. Speed Scan
Scanning Beyond IDS and Firewall:
- Remove all the identifying information from the user’s computer while the user surfs the internet.
- Privacy and Anonymity
- Protects from online attacks
a. Anonymizers
b. Proxy
c. Firewall
d. IDS
e. IPS
a. Anonymizers
_________ is the method used to determine the operating system running on a remote target system.
Banner Grabbing
Scanning Techniques:
If a port is closed you will get a ____ packet which reestablishes a connection.
a. SYN
b. ACH
c. FIN
d. URG
e. RST
f. PSH
e. RST
Scanning Beyond IDS and Firewall:
A _____ server is an application that can serve as an intermediary for connecting with other computers.
-Goes to the internet on your behalf.
Proxy Server
Scanning Beyond IDS and Firewall:
Increases a hackers anonymity by connecting through multiple proxy servers.
a. Proxy Server
b. Proxy Workbench
c. Proxy Chaining
d. Proxy Switcher
c. Proxy Chaining
Scanning Pen Testing:
The penetration testing report will help the system administrators to:
a. Network Discovery
b. Harden Systems
c. Scan Beyond IDS and Firewall
d. Draw Network Diagrams
b. Harden Systems
What port is LDAP?
389
What port is IMAP?
143
What is port 23?
Telnet
What port is SMTP?
25
What port is TFTP?
69
What port is 53?
DNS
What port is Kerberos?
88
What port is 123?
NTP