Section 4.1 Organizational Security

Question 1

What command tool shows the route taken from a computer to a remote host such as a website?

Answer 1

Tracert/Traceroute

Question 2

What is a diagnostic tool for verifying the IP address of a hostname (a record by default) in the DNS server database?

Answer 2

Nslookup

Question 3

What is the equivalent of nslookup in a Linux environment?

Answer 3

dig

Question 4

What commands show the IP configuration?

Answer 4

ipconfig/ifconfig

Question 5

What is a free and open-source network mapper that can be used to create an inventory of devices on your network?

Answer 5

Nmap

Question 6

What command is good for banner grabbing?

Answer 6

Nmap

Question 7

What command has the functionality of both ping and tracert? Also calculates statistics after the trace, showing the packet loss at each router (each hop) it passes through.

Answer 7

Pathping

Question 8

What command is an open-source packet generator and analyzer for the TCP/IP protocol, often used for auditing firewalls and networks?

Answer 8

Hping

Question 9

What is a native tool on Windows operating systems used to see the established connections, listening ports, and even running services?

Answer 9

Netstat

Question 10

What is a Linux/Unix utility for showing network connections, port scanning, and even file transfer?

Answer 10

netcat

Question 11

What are popular free and open-source applications that will scan addresses in a range and ID open ports?

Answer 11

IP scanners

Question 12

What is a protocol for mapping an IP address to a physical MAC address on a local area network?

Answer 12

Address Resolution Protocol (ARP)

Question 13

What does the “arp -a” command do?

Answer 13

shows the ARP cache

Question 14

What command enables listing existing routes in the local routing table, as well as adding manual entries into the network routing tables?

Answer 14

route

Question 15

What does the “route print” command do?

Answer 15

view the local route table

Question 16

What does the “route add” command do?

Answer 16

add a route

Question 17

What is a command line tool used to transfer data using many supported protocols?

Answer 17

Curl

Question 18

What is a passive tool that comes with Kali Linux used to harvest the email addresses of an organization?

Answer 18

TheHarvester

Question 19

What is a penetration test reconnaissance tool that can be used for automated tests? Can also scan for vulnerabilities, open ports, web application vulnerabilities and perform attack surface discovery.

Answer 19

Sn1per

Question 20

What is a pentesting tool used to perform anonymous open port scans on target hosts, such as web servers? (free and open source)

Answer 20

Scanless

Question 21

What is a command line tool that automatically identifies basic DNS records and it has the ability to attempt reverse DNS resolution?

Answer 21

Dnsenum

Question 22

What is a network security (vulnerability) scanner that utilizes plug-ins, which are separate files, to handle the vulnerability checks? It raises an alert if it discovers any vulnerabilities that malicious hackers could use to gain access.

Answer 22

Nessus

Question 23

What tool creates a sandbox that can be used for analyzing files for malware inspection?

Answer 23

Cuckoo

Question 24

What command in Linux can be used to create files, view files, and also concatenate several files into another file?

Answer 24

cat

Question 25

What command can we use to check the top 10 messages from a log?

Answer 25

head

Question 26

What command views the last x number of lines of a log file?

Answer 26

tail

Question 27

What command is used to search text and log files for specific values?

Answer 27

Grep

Question 28

What command is used to change the permission level?

Answer 28

chmod

Question 29

What command can add a message to the local system log file or to a remote syslog server? Frequently used to send log messages from automation scripts to record actions performed and errors encountered.

Answer 29

Logger

Question 30

What was created to serve as a secure alternative to Telnet for running commands remotely, and is commonly used when you want remote access to network devices? It can be used as a command line tool or in a Graphical User Interface (GUI), but it is not browser based.

Answer 30

SSH

Question 31

What can perform tasks in a Window’s environment? Each command is known as a cmdlet and can be saved to a script with a .ps1 extension.

Answer 31

PowerShell

Question 32

What is a popular and powerful programming language used by open source developers and data scientists? It is widely used in cybersecurity.

Answer 32

Python

Question 33

What is a suite that can be used to create and manage Transport Layer Security (TLS) and Secure Socket Layer (SSL) protocol? Often used to generate private keys, create CSR’s, install your SSL/TLS certificate, and identify certificate information.

Answer 33

OpenSSL

Question 34

What is an open-source tool that can be used to analyze .pcap files generated by either Wireshark or tcpdump? It can then replay the traffic and send it to the NIPS.

Answer 34

tcpreplay

Question 35

What is a network packet analyzer command line tool on LInux/UNIX?

Answer 35

tcpdump

Question 36

What is a free and open-source packet analyzer, with a command-line and GUI versions, available for Windows and Linux?

Answer 36

Wireshark

Question 37

When the forensics team needs to investigate an image on a desktop or laptop, what command can be used to clone a disk or copy a folder in a Linux/Unix environment?

Answer 37

dd

Question 38

What is a hexadecimal editor that can be used on any version of Windows OS’s to help forensics teams find evidence? It can be used to find and recover deleted or lost data from a corrupt drive.

Answer 38

WinHex

Question 39

When a computer system crashes, all of the content of the memory is saved in what kind of file?

Answer 39

dump (.dmp) file

Question 40

What is a data preview and imaging tool that lets you quickly assess electronic evidence to determine if further analysis with a forensic tool is warranted?

Answer 40

FTK imager

Question 41

What can be used to analyze hard drives, smartphones, and media cards? Has a built-in translator to translate foreign languages into English.

Answer 41

Autopsy

Question 42

What is a collection of commonly used tools that provide a complete environment for penetration testing and exploit development? Contains capabilities to detect and then exploit vulnerabilities on remote systems.

Answer 42

Metasploit Framework

Question 43

What attempts to assign severity scores to vulnerabilities, allowing responders to prioritize responses and resources according to threats?

Answer 43

Common Vulnerability Scoring System (CVSS)

Question 44

What is the process of irreversibly removing or destroying data stored on a memory device? (hard dries, flash memory, SSD’s, etc.) It is important to use the proper technique to ensure that all data is purged.

Answer 44

Data Sanitization