PORT SCANNING PEs

Question 1

True or False: Netcat was designed to be a reliable front-end tool that can be used directly or easily driven by other programs and scripts.

Answer 1

False. Netcat is a backend tool

Question 2

True or False: In order to conduct port scanning you first need a list of what hosts are on the network or the IP addresses.

Answer 2

True

Question 3

Which term correctly fills in the blank? ScanLine is a command-line port scanner for all ______ platforms.

• ChromeOS
• MacOS
• Windows
• Linux

Answer 3

Windows

Question 4

CryptCat uses what encryption method?

Answer 4

TwoFish

Question 5

Ports range from 0 to ______and basically rank by popularity.

Answer 5

65535

For a total there are 65536 ports when you include port 0

Question 6

Which of these is the simplest port scan?

• TCP Half Open Port Scan
• UDP
• Ping Scan
• None of the above

Answer 6

Ping Scan

Question 7

TwoFish encryption utilizes _____ and one ____ key.

Answer 7

Symmetric encryption and uses one 256-bit key

Question 8

Which of the following best describes what ports are?

• Ports are a way for computers to interact with humans.
• Ports are the doorways in a computer that allow for data and information to be exchanged.
• Ports allow humans to communicate directly with machines.
• They are a tool used to scan for open doorways in a computer.

Answer 8

Ports are the doorways in a computer that allow for data and information to be exchanged.

Question 9

This type of scanning is performed by sending an SYN packet and analyzing the response. What type of scan is this?

Answer 9

SYN scan

Question 10

What command is being utilized?: nc -z -v site.com?

Answer 10

Netcat

Question 11

Which of the following tasks can NOT be done using Nmap?

• Quickly recognize devices on a single or multiple networks
• Monitor large networks
• Transfer files across the network
• Detects security risks

Answer 11

Transfer Files across the network

Question 12

Which tool is used for vulnerability scanning and network discovery?

Answer 12

Nmap

Question 13

Nmap utilizes a graphical user interface known as Zmap that develops visual nc -l – This command will instruct mappings of a network for better usability and reporting.

Answer 13

FALSE

ZMap is a free and open-source security scanner that was developed as a faster alternative to Nmap. ZMap was designed for information security research and can be used for both white hat and black hat purposes.

Question 14

True or False: While port scanning is an incredibly useful tool for malicious actors to use during reconnaissance, it is not nearly as useful for IT admin staff.

Answer 14

False.

It is extremely useful for both malicious actors and IT admin staff (defense)

Question 15

Port Scanning does what?

Answer 15

to check which ports are open

Question 16

Which of the following are advantages to port scanning? Select all that apply:

• Finding open and vulnerable server locations
• Checking security settings
• Identifying hosts connected to the network and the services that are running on them
• All of the above

Answer 16

All of the above

Question 17

Fill in the blank: Ports 0 to _____ are well known port numbers that are designed for Internet use although they can have specialized purposes as well.

Answer 17

1023

Question 18

True or False: A number of TCP protocol techniques actually make it possible for attackers to conceal their network location and use “decoy traffic” to perform port scans without revealing any network address to the target.

Answer 18

True.

Question 19

Which of these functions can be performed using ScanLine?

• ICMP TimeStamp Scanning
• TCP Scanning
• UDP Scanning
• All of the above

Answer 19

All of the above

Question 20

What tool utilizes the command “ping scan”.

Answer 20

nmap

Question 21

This command will do what function? nc -l

Answer 21

This command will instruct the local system to begin listening for TCP connections and UDP activity on a specific port number.

Question 22

What tool is used to read and write data across network connections using TCP or UDP protocol?

Answer 22

Netcat

Question 23

This Parameter will control the timing of scanning and is the highest speed available. This speed can expose your overall intent.

Answer 23

-T5

Question 24

A FIN packet sent to a closed port responds with which of the following packets?

Answer 24

RST

Question 25

This Parameter will export the scan results as an XML for external manipulation.

Answer 25

-oX

Question 26

Nmap's default scan with admin privledges

Answer 26

-sS

Question 27

Nmaps default scan without admin privledges

Answer 27

-sT

Question 28

This Parameter will give more information on basic scans implemented

Answer 28

-vv

Question 29

\_\_\_\_ - This port state is the result of an active port with an application that is actively accepting TCP connections.

Answer 29

Open

Question 30

This Parameter will scan only the provided ports input

Answer 30

-p

Question 31

\_\_\_\_ Is the result when it cannot determine whether the port is active because packet sorting stops connections from reaching the port. It could be the result of a dedicated firewall device, router, router rules or host-based firewall software.

Answer 31

Filtered

Question 32

A ______________ is a simple network scanning technique used for determining which range of IP address map to live hosts.

Answer 32

Ping Sweep

Question 33

Make an nmap scan for nonexist.org and Include more information

Answer 33

nmap -vv nonexist.org

Question 34

What flags are sent in a christmas scan?

Answer 34

FIN, PSH, URG

Question 35

For NMAP this parameter with **specified** numbers will scan all ports

Answer 35

--top-ports 1023

Question 36

Conduct a service probe on "scanme.nmap.org" for top ports on the machine. What ports are open? EX:10,20,30,455 (Lowest to highest port)

Answer 36

22,80,646 I think the command was nmap scanme.nmap.org but what does the question mean by top ports

Question 37

This parameter/option will assume every host in a network scan is online. Example: -sS

Answer 37

-Pn

Question 38

This Parameter will enable you to import a list of ip addresses or networks to scan

Answer 38

-iL

Question 39

Nmap scans how many ports by default if not specified?

Answer 39

Top 1000 used ports

Question 40

what is the possible Operating system for [scanme.nmap.org](http://scanme.nmap.org/)?

Answer 40

Linux

Question 41

When implementing nmap on a network its capabilities can include identifying ports, servers and active hosts within the network scope. What type of reconissiance is nmap classified to implement on a network?

Answer 41

Active

Question 42

The result of a port that is active but has no application listening on it.

Answer 42

Closed

Question 43

Nmap has the capability to integrate scripts

Answer 43

True

Question 44

\_\_\_\_ Is the result when nmap can connect to a port but is unable to verify ports as active or deactivated

Answer 44

Filtered

Question 45

Create a nmap scan that will scan a 198.216.0.0/16 network for version information on services ssh,dns,pop3 and RDP

Answer 45

nmap -sV -p ssh,dns,pop3,RDP 192.216.0.0/24

Question 46

This Parameter will control the timing of scanning and takes the longest time to assist in avoiding detection.

Answer 46

-T0

Question 47

Nmap scans are a form of what type of reconnisance?

Answer 47

Active

Question 48

Which flags are set on a packet sent with the nmap -sX 193.145.85.202 command?

Answer 48

FIN,PSH,URG