QUESTIONS 26-50 Flashcards
- Whois information searches start with which organization?
http://www .iana.org/domains/root/db/.
- Why is the physical address to a company useful to hackers?
The Whois protocol was designed to query databases to look up and identify the registrant of a domain name. Whois information contains the name, address, and phone number of the administrative, billing, and technical contacts of the domain name. It is primarily used to verify whether a domain name is available or whether it has been registered.
- Why is footprinting a useful tool?
Footprinting can be a very powerful tool in the hands of an attacker who has the knowledge and patience to ferret out the information that is available about any entity online. But although footprinting is a powerful tool, there are some countermeasures that can lessen the impact to varying degrees. (See review for more info)
- What can be revealed from info gathering from a company’s Website (job posting or employee blogs)?
- Examine the company’s Web site
- Identify key employees
- Analyze open positions and job requests
- Assess affiliate, parent, or sister companies
- Find technologies and software used by the organization
- Where can newsgroups be used?
?
- What does the option –Po do for nmap?
(–Po= Don’t ping) -At its core, Nmap is a port scanner that has the ability to perform a number of different scan types. The scanner is freely available for several operating systems.
Nmap is a widely used security tools and a firm understanding of Nmap is considered a requirement for security professionals.
31a.To perform an Nmap scan, at the Windows command prompt you ___.
type Nmap IP address, followed by the switches that are needed to perform the scan desired.
For example, to scan the host with the IP address 192.168.123.254 using a full TCP connecting scan type, enter the following at the command line:
Nmap -sT 92.168.123.254)
31a.To perform an Nmap scan, at the Windows command prompt you ___.
type Nmap IP address, followed by the switches that are needed to perform the scan desired.
For example, to scan the host with the IP address 192.168.123.254 using a full TCP connecting scan type, enter the following at the command line:
Nmap -sT 92.168.123.254)
- What is Nessus and OpenVAS?
Providing an additional tool is the use of a category of software known as the vulnerability scanner. Software of this type can be used to scan a system, locate, and report back on services such as Trojans listening on the ports of a system. One of the best known scanners of this type is the tool known as Nessus.
32a.What is OpenVAS?
From Internet} The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.
The actual security scanner is accompanied with a daily updated feed of Network Vulnerability Tests (NVTs), over 35,000 in total (as of April 2014).
All OpenVAS products are Free Software.
- What does OS fingerprinting allow?
Once analyzed, can allow for a well-educated guess to be made about the system in place. To seek out these unique characteristics, active and passive fingerprinting can probe a system to generate a response or listen to a system’s communications for details about the OS.
- What type of port scan shows Windows IPC administrative shares?
NULL sessions are designed to facilitate connection between systems on a network to allow one system to enumerate the process and shares on another
34a. Examples of a NULL session would include?
- List of users and groups
- List of machines
- List of shares
- Users and host SIDs
- What does NetBIOS enumeration show?
Enumeration represents a more aggressive step in the hacking and penetration testing process because the attacker has now started to access the system to see specifically what is available.When enumeration is performed, the process is now attempting to discover what is offered by these services for later usage in actual system hacking.
- What type of probe bypasses some firewalls?
???