PORT SCANNING PEs Flashcards
True or False: Netcat was designed to be a reliable front-end tool that can be used directly or easily driven by other programs and scripts.
False. Netcat is a backend tool
True or False: In order to conduct port scanning you first need a list of what hosts are on the network or the IP addresses.
True
Which term correctly fills in the blank? ScanLine is a command-line port scanner for all ______ platforms.
- ChromeOS
- MacOS
- Windows
- Linux
Windows
CryptCat uses what encryption method?
TwoFish
Ports range from 0 to ______and basically rank by popularity.
65535
For a total there are 65536 ports when you include port 0
Which of these is the simplest port scan?
- TCP Half Open Port Scan
- UDP
- Ping Scan
- None of the above
Ping Scan
TwoFish encryption utilizes _____ and one ____ key.
Symmetric encryption and uses one 256-bit key
Which of the following best describes what ports are?
- Ports are a way for computers to interact with humans.
- Ports are the doorways in a computer that allow for data and information to be exchanged.
- Ports allow humans to communicate directly with machines.
- They are a tool used to scan for open doorways in a computer.
Ports are the doorways in a computer that allow for data and information to be exchanged.
This type of scanning is performed by sending an SYN packet and analyzing the response. What type of scan is this?
SYN scan
What command is being utilized?: nc -z -v site.com?
Netcat
Which of the following tasks can NOT be done using Nmap?
- Quickly recognize devices on a single or multiple networks
- Monitor large networks
- Transfer files across the network
- Detects security risks
Transfer Files across the network
Which tool is used for vulnerability scanning and network discovery?
Nmap
Nmap utilizes a graphical user interface known as Zmap that develops visual nc -l – This command will instruct mappings of a network for better usability and reporting.
FALSE
ZMap is a free and open-source security scanner that was developed as a faster alternative to Nmap. ZMap was designed for information security research and can be used for both white hat and black hat purposes.
True or False: While port scanning is an incredibly useful tool for malicious actors to use during reconnaissance, it is not nearly as useful for IT admin staff.
False.
It is extremely useful for both malicious actors and IT admin staff (defense)
Port Scanning does what?
to check which ports are open
Which of the following are advantages to port scanning? Select all that apply:
- Finding open and vulnerable server locations
- Checking security settings
- Identifying hosts connected to the network and the services that are running on them
- All of the above
All of the above
Fill in the blank: Ports 0 to _____ are well known port numbers that are designed for Internet use although they can have specialized purposes as well.
1023
True or False: A number of TCP protocol techniques actually make it possible for attackers to conceal their network location and use “decoy traffic” to perform port scans without revealing any network address to the target.
True.
Which of these functions can be performed using ScanLine?
- ICMP TimeStamp Scanning
- TCP Scanning
- UDP Scanning
- All of the above
All of the above
What tool utilizes the command “ping scan”.
nmap
This command will do what function? nc -l
This command will instruct the local system to begin listening for TCP connections and UDP activity on a specific port number.
What tool is used to read and write data across network connections using TCP or UDP protocol?
Netcat
This Parameter will control the timing of scanning and is the highest speed available. This speed can expose your overall intent.
-T5
A FIN packet sent to a closed port responds with which of the following packets?
RST
This Parameter will export the scan results as an XML for external manipulation.
-oX
Nmap’s default scan with admin privledges
-sS
Nmaps default scan without admin privledges
-sT
This Parameter will give more information on basic scans implemented
-vv
____ - This port state is the result of an active port with an application that is actively accepting TCP connections.
Open
This Parameter will scan only the provided ports input
-p
____ Is the result when it cannot determine whether the port is active because packet sorting stops connections from reaching the port. It could be the result of a dedicated firewall device, router, router rules or host-based firewall software.
Filtered
A ______________ is a simple network scanning technique used for determining which range of IP address map to live hosts.
Ping Sweep
Make an nmap scan for nonexist.org and Include more information
nmap -vv nonexist.org
What flags are sent in a christmas scan?
FIN, PSH, URG
For NMAP this parameter with specified numbers will scan all ports
–top-ports 1023
Conduct a service probe on “scanme.nmap.org” for top ports on the machine. What ports are open? EX:10,20,30,455 (Lowest to highest port)
22,80,646
I think the command was nmap scanme.nmap.org but what does the question mean by top ports
This parameter/option will assume every host in a network scan is online. Example: -sS
-Pn
This Parameter will enable you to import a list of ip addresses or networks to scan
-iL
Nmap scans how many ports by default if not specified?
Top 1000 used ports
what is the possible Operating system for scanme.nmap.org?
Linux
When implementing nmap on a network its capabilities can include identifying ports, servers and active hosts within the network scope. What type of reconissiance is nmap classified to implement on a network?
Active
The result of a port that is active but has no application listening on it.
Closed
Nmap has the capability to integrate scripts
True
____ Is the result when nmap can connect to a port but is unable to verify ports as active or deactivated
Filtered
Create a nmap scan that will scan a 198.216.0.0/16 network for version information on services ssh,dns,pop3 and RDP
nmap -sV -p ssh,dns,pop3,RDP 192.216.0.0/24
This Parameter will control the timing of scanning and takes the longest time to assist in avoiding detection.
-T0
Nmap scans are a form of what type of reconnisance?
Active
Which flags are set on a packet sent with the nmap -sX 193.145.85.202 command?
FIN,PSH,URG