Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security+ > Reconnaissance And Discovery > Flashcards

Reconnaissance And Discovery Flashcards

1
Q

theHarvester

A

Tool for gathering OSINT for a domain or company name.

Works by scanning multiple public data sources to gather emails, names, subdomains, IPs, urls, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

dnsenum

A

Used to check that external DNS is not leaking too much Info.
-Command line tool that identifies essential DNS records like MX, NS, or A records.
-can also attempt zone transfers
-try reverse resolution
-try brute-forcing if subdomains and host names

-Perl script

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

scanless

A

Utility that runs port scans through third-party websites to evade detection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

curl

A

Utility for command-line manipulation of URL-based protocol requests.

This tool can be used to submit HTTP GET, POST, and PUT requests as part of web application vulnerability testing. curl supports many other data transfer protocols, including FTP, IMAP, LDAP, POP3, SMB, and SMTP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Nessus

A

One of the best-known commercial vulnerability scanners, produced by Tenable Network Security.

It is available in on-premises (Nessus Manager) and cloud (Tenable Cloud) versions, as well as a Nessus Professional version, designed for smaller networks. The product is free to use for home users but paid for on a subscription basis for enterprises. As a previously open-source program, Nessus also supplies the source code for many other scanners.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Packet Analysis

A

The act of examining protocol headers and payloads within individual network packets or frames.

refers to deep-down frame-by-frame scrutiny of captured frames.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Protocol Analysis

A

The act of examining protocol usage statistics over a network link.

means using statistical tools to analyze a sequence of packets, or packet trace.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

SPAN

A

switched port analyzer
(Mirror port)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

TAP

A

test access port

Sniffing can also be performed over a network cable segment - inserting device in the cabling to copy frames passing over it. There are passive and active (powered) versions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

tcpdump

A

command line packet capture utility on Linux
Basic is tcpdump -i eth0
Need to use ctrl+c to stop

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

hping

A

Open-source spoofing took that provides penetration tester with the ability to craft network packets to exploit vulnerable firewalls and IDSs.

Can probe IPs like nmap, can be similar to traceroute and change packet formats to TCP/UDP if ICMP is blocked, and can perform flood-based DoS attacks to test a system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

pathping

A

Windows host : can be used to measure latency along a route

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security+ (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions