Module 3 - Scanning Networks Flashcards
Network Scanning Concepts:
Refers to a set of procedures used for identifying hosts, ports, and services in a network.
a. Network Incident Response
b. Network Eavesdropping
c. Network Scanning
d. Network Discovery
c. Network Scanning
Network Scanning Concepts:
What is the correct sequence for a 3-Way Handshake?
a. ACK–SYN–SYN/ACK
b. SYN–SYN/ACK–ACK
c. SYN–ACK–SYN/ACK
d. SYN/ACK–SYN–ACK
b. SYN–SYN/ACK–ACK
Scanning Tools:
- Network administrators can use this for network inventory, managing service upgrade schedules, and monitoring host or service uptime.
- Attacker uses it to extract information such as live hosts on the network, services (application name and version), type of packet filters/firewalls, operating systems, and OS Versions.
a. Nmap
b. Fing
c. NetScanTools Pro
d. Hping2 / Hping3
a. Nmap
Scanning Techniques:
What TCP flags are used in a Xmas Scan/Attack?
a. FIN–RST–URG
b. FIN–PSH–SYN
c. URG–PSH–RST
d. URG–PSH–FIN
d. URG–PSH–FIN
Scanning Techniques:
The following is an example of what kind of attack?
SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK, SYN–SYN/ACK
a. DoS Syn
b. Syn Flood
c. Syn DD0S
d. Flood Syn
b. Syn Flood
Scanning Techniques:
What protocol is used when you conduct a PING or TRACEROUTE?
a. TCP
b. UDP
c. IP
d. ICMP
d. ICMP
Scanning Techniques:
In Xmas scan, attackers send a TCP frame to a remote device with ___, ___, and ___ flags set. (Choose 3)
a. SYN
b. PSH
c. ACK
d. SYN/ACK
e. URG
f. FIN
g. RST
b. PSH
e. URG
f. FIN
Scanning Beyond IDS and Firewall:
Sending fragmented probe packets to the intended server which re-assembles it after receiving all the fragments.
a. Source Routing
b. Packet Fragmentation
c. IP Address Decoy
d. IP Address Spoofing
e. Proxy Server
b. Packet Fragmentation
Scanning Beyond IDS and Firewall:
Use routers and firewalls at your network perimeter to filter incoming packets that appear to come from an internal IP address.
a. IP Spoofing
b. Egress Filtering
c. Ingress Filtering
d. Proxy
c. Ingress Filtering
Scanning Beyond IDS and Firewall:
Filter all outgoing packets with an invalid local IP address as source address.
a. IP Spoofing
b. Egress Filtering
c. Ingress Filtering
d. Proxy
b. Egress Filtering
Scanning Tools:
The following syntax is used to conduct what kind of scan or find out what information?
Nmap -P
a. Operating Systems
b. Stealth Scan
c. Speed Scan
d. TCP Scan
e. Open Ports
e. Open Ports
Scanning Tools:
The following syntax is used to conduct what kind of scan or find out what information?
Nmap -O
a. Operating Systems
b. Stealth Scan
c. Speed Scan
d. TCP Scan
e. Open Ports
a. Operating Systems
Scanning Tools:
The following syntax is used to conduct what kind of scan or find out what information?
Nmap -sS
a. Operating Systems
b. Stealth Scan
c. Speed Scan
d. TCP Scan
e. Open Ports
b. Stealth Scan
Scanning Tools:
The following syntax is used to conduct what kind of scan or find out what information?
Nmap -T
a. Operating Systems
b. Stealth Scan
c. Speed Scan
d. TCP Scan
e. Open Ports
d. TCP Scan
Scanning Tools:
The following syntax is used to conduct what kind of scan or find out what information?
Nmap -T2
a. Operating Systems
b. Stealth Scan
c. Speed Scan
d. TCP Scan
e. Open Ports
c. Speed Scan