section 4.1

Question 1

Used to determine the route a packet takes to a destination

• Will map the entire path
• Time in TTL (Time To Live) is in hops

Answer 1

traceroute (POSIX)

tracert (Windows)

Question 2

Lookup names and IP addresses

- If deprecated use dig instead

Answer 2

nslookup

Question 3

• More advanced domain information

- Does the same as nslookup just more advanced than nslookup

Answer 3

dig or DIG

- Domain Information Groper

Question 4

Helps determine TCP/IP and network adapter information

• additional IP details
• ping your IP address

Answer 4

ipconfig for Windows

ifconfig for Linux

Question 5

What are the Nmap abilities and give a description of each of them.

Answer 5

Network mapper
- Find and learn more about network devices
Port scan
- Find devices and identify open ports
OS scan
- Discover the OS w/o loggin in to a device
Service scan
- What service is available on a device
NMAP scripting
- external capabilities, vulnerabulites

Question 6

• What command test reach ability, determines round-trip time
• Uses Internet Control Message Protocal (ICMP)

Answer 6

Ping

Question 7

Name the command that combines ping and traceroute and also describe the steps of the process and what happens in each step

Answer 7

pathping

First: run traceroute
- Build a map
Second: run ping
- Measure round trip time and packet loss at each hop

Question 8

This command is a TCP/IP packet assembler/ analyzer
Sends crafted frames
- Modify all IP, TCP, UDP, and ICMP values

Answer 8

hping

Question 9

Network command to show all active connections.

Answer 9

netstat -a

Question 10

Network command shows binaries

Answer 10

netstat -b

Question 11

Network command to not resolve names on the network

Answer 11

netstat -n

Question 12

This command allows you to read and write to the network.

List some functions that this command can do

Answer 12

netcat
- Listen on a port number
- Transfer data
- Scan ports and send data to a port
Go as far as to run a shell from a remote device

Question 13

This network scanner will search a network for IP addresses

• Locate active devices
• Avoids doing work on an IP address that is not there

Answer 13

IP scanners

Question 14

List some IP scanner techniques

Answer 14

ARP
ICMP
TCP ACK
ICMP timestamp requests

Question 15

What do you call a determination of a MAC address bases on an IP address

Answer 15

Address Resolution Protocol (ARP)

Question 16

arp -a command

Answer 16

Lets the user view local ARP table

Question 17

Purpose of the route command

Answer 17

View the device’s routing table
-Find out which way the packets will go
Windows command: route print
Linux & macOS: netstat -r

Question 18

What is the curl command

Answer 18

Client URL

• Retrieve data using a URL
• Uniform Resources Locator
• Grab the raw data

Question 19

Name some functions of the theHarvester command

Answer 19

• Gather OSINT
• Scrape information from Google or Bing
• Find PGP keys by email domain
• DNS bruteforce
  
  • Find those unknown hosts, vpn, chat, mail, partner, and etc.

Question 20

List some functions of the sniper command

Answer 20

• Combine many recons tools into a single framework
  
  • dnesum, metasploit, nmap, theHarvester
• Both intrusive and non-intrusive scanning options
• Another tool that can cause problems
  ex. Brute force and server scanning

Question 21

What does the dnesum command do?

Answer 21

• Enumerate DNS information: find host names
• View host information from DNS servers
• Find host names in Google

Question 22

What is Nessus

Answer 22

• Industry leader in vulnerability scanning
• Identify known vulnerabilities
• Extensive reporting
  
  • a checklist of issues
  • filter out false positives

Question 23

What is Cuckoo

Answer 23

• a sandbox for malware
• a virtualized environment
• a track and trace
  
  • API calls, network traffic, memory analysis
  • Traffic captures
  • Screenshots

Question 24

This is a file manipulation to view the first part of the file

Answer 24

head [option] [file]

Question 25

This File manipulation tool allows you to view the bottom of the file

Answer 25

tail [option] [file]

Question 26

What does the cat command do?

Answer 26

Concatenate

• copy a file/files to the screen
  ex: cat file.txt file2.txt
• copy a file/files to another file
  ex: cat file1.txt file2.txt > both.txt

Question 27

What does grep do?

Answer 27

Find text in a file

grep PATTERN [FILE]

Question 28

What is the chmod command. What are some options to set permissions and modes

Answer 28

• Change mode of a file system object
• Also use octal notation
  ex. 7 4 4
• r = read, w = write, x = execute
• Setting permissions:
  file owner: u
  the group: g
  others: o
  all: a

Question 29

What does the logger command do?

Answer 29

• Add entries to the system log
  
  • syslog
• Adding to the local syslog file

Question 30

What is Toreplay? What does it do?

Answer 30

a suite of packet replay utilities
Test security devices

Test and tune IP Flow/NetFlow devices
Evaluate the performance of security devices

Question 31

This command captures packets from the command line

Answer 31

tcpdump

Question 32

Name this graphical packet analyzer. Also, name some other functions

Answer 32

Wireshark
Gathers frames on the network
Extensively decodes
- View the application traffic

Question 33

This is a reference to the DD command. What does it do?

Answer 33

dd
create a bit-by-bit copy of a drive
create a disk image
restore from an image

Question 34

What does memdump do?

Answer 34

Copy information in system memory to the standard output stream
Copy to another host across the network

Question 35

What is Winhex?

Answer 35

Universal hexadecimal editor for Window OS

• Edit disks, files, RAM
• Disk cloning
• Secure wipe

Question 36

What does FTK imager do?

Answer 36

AccessData forensic drive imaging tool

• includes file utilites and read-only image mounting
• Windows executable

Question 37

What does Autopsy do?

Answer 37

Perform digital forensics of hard drives, smartphones
- View and recover data from storage devices

Extract many different data types:

• Downloaded files
• Brows history and cache
• Email messages

Question 38

Exploitation frameworks

Answer 38

pre-built toolkit for exploitations
- Build custom attacks
metasploit
- attack known vulnerabilities
The Social-Engineer Toolkit (SET)
- Spear phishing, infectious media generator

Question 39

Password Crackers

Answer 39

Find the passwords
online cracking
- Try username/password combinations
offline cracking
- Brute force a hash file

Question 40

Data sanitization

Answer 40

Completely remove data
Many different use cases
A one-way trip
- permanent