quiz 6

Question 1

_ is a system process that runs on Windows OSs to facilitate the exchange of network data.

Answer 1

NetDDE

Question 2

What is the Net view command and how can you use it?

Answer 2

The Net view command is a built-in Windows tool that gives you a quick way to see whether there are any shared resources on a computer or server. To see the syntax for this command, type net view ? at the command prompt.

Question 3

The enumeration process for Windows Me is the same as for Windows 98.

Answer 3

True

Question 4

NBTscan is a tool for enumerating Windows OSs.

Answer 4

True

Question 5

__ is an enhancement to NDS (NetWare Directory Services).

Answer 5

eDirectory

Question 6

One of the biggest vulnerabilities of NetBIOS systems is a(n) ____, which is an unauthenticated connection to a Windows computer using no logon and password values.

Answer 6

null session

Question 7

__ implemented Windows File Protection to prevent core system files from being overwritten.

Answer 7

Windows XP Professional

Question 8

Probably the biggest enhancement in Windows 95 was the ____________________, a database that stores information about the system’s hardware and software.

Answer 8

Registry

Question 9

NetBIOS names have a limit of ____ characters.

Answer 9

16

Question 10

As a security professional, should you learn about the security issues in the NetWare OS? Why or why not?

Answer 10

Many security professionals assume that knowledge of just one operating system is enough, but focusing on Windows and ignoring *nix systems—or vice versa—can limit your career as a security professional. Similarly, some security professionals see Novell NetWare as a “dead” OS, but many corporations still rely on their faithful NetWare servers that keep plugging away.

Question 11

LDAP (port ____) is the protocol used to access Novell’s eDirectory, Microsoft Active Directory, and Apple Open Directory.

Answer 11

389

Question 12

Windows 98 introduced the ____ file system.

Answer 12

FAT32

Question 13

How does Windows 7 differ from its predecessors?

Answer 13

Windows 7 has an optional Windows XP Mode (XPM) that allows running older applications in a virtual Windows XP environment, because software incompatibility issues have prevented many companies from upgrading from Windows XP. However, XPM requires late-model processors that support virtualization extensions, and upgrading to Windows 7 from XP requires a complete reinstallation. Other improvements include faster startup, better overall performance, and refinements to the UAC feature, the desktop/taskbar user interface, and integration of peripheral devices.

Question 14

To determine what resources or shares are on a network, security testers must first determine what _________________________ is being used via port scanning and footprinting.

Answer 14

OS
operating system
operating system (OS)

Question 15

Why do hackers pay attention to NetBIOS computer name suffixes?

Answer 15

The NetBIOS name suffixes correspond to the services, or resource types, running on a computer. You don’t need to memorize all the suffixes, but several are critical because they identify the computer or server being enumerated as a standalone computer or a domain controller. Hackers often exert more effort attacking computers identified as domain controllers because they can offer more information, including logon names for user accounts and network resources.

Question 16

The ____ command gives you a quick way to see whether there are any shared resources on a computer or server.

Answer 16

Net view

Question 17

The most recent version of Novell OS is called ____.

Answer 17

Novell Open Enterprise Server

Question 18

Nessus can be used to enumerate Windows OSs, as well as ____________________ systems.

Answer 18

NetWare

Question 19

With ____, you can have your desktop computer or laptop start in both Windows and Linux.

Answer 19

Grand Unified Bootloader

Question 20

Many password-guessing programs are available that can determine a password in a matter of seconds. One such program the Department of Defense uses is ________________

Answer 20

L0phtcrack

Question 21

The computer names you assign to Windows systems are called ____ names.

Answer 21

NetBIOS

Question 22

What is Hyena and what can it be used for?

Answer 22

Hyena is an excellent GUI product for managing and securing Microsoft OSs. The interface is easy to use and gives security professionals a wealth of information. With just a click,you can look at the shares and user logon names for Windows servers and domain controllers. If any domains or workgroups are on the network, this tool displays them, too. Hyena can also display a graphical representation of the following areas:

• Microsoft Terminal Services
• Microsoft Windows Network
• Web Client Network
• Find User/Group

Question 23

Windows NT 3.51 uses the ____ file system.

Answer 23

NTFS

Question 24

In NetWare 5.0, TCP/IP replaced ____ as the default protocol.

Answer 24

IPX/SPX

Question 25

NetWare’s ____ is a graphical Java utility for centralized network administration.

Answer 25

ConsoleOne

Question 26

The “NBT” part of “NBTscan” is an abbreviation for ____________________ over TCP/IP.

Answer 26

NetBIOS

Question 27

A NetBIOS name does not need to be unique on a network

Answer 27

False

Question 28

The Netmon Agent is a Linux network-monitoring tool.

Answer 28

False

Question 29

What is DumpSec and what can it be used for?

Answer 29

DumpSec is a popular enumeration tool for Windows systems. The information you can gather with this tool is astonishing. For example, after connecting to a Windows server, you can download—or, as it’s called in DumpSec, “dump”—the following information:

• Permissions for shares
• Permissions for printers
• Permissions for the Registry
• Users in column or table format
• Policies (such as local, domain, or group policies)
• Rights
• Services

Question 30

The most popular enumeration tool for security testers and hackers alike is the ____ utility, which enables you to find out who is logged in to a *nix system with one simple command.

Answer 30

Finger

Question 31

The open-source descendant of Nessus is called ____.

Answer 31

OpenVAS

Question 32

Why is enumeration a more intrusive process than port scanning or footprinting?

Answer 32

Enumeration is more intrusive because you’re not just identifying a resource; you’re attempting to access it. It goes beyond passive scanning of a network to find open ports. Sometimes this process entails guessing passwords after determining a user name.

Question 33

___ is an excellent GUI tool for managing Windows OSs and is capable of displaying graphical representations of several areas.

Answer 33

Hyena