Section 4.1 Organizational Security Flashcards
What command tool shows the route taken from a computer to a remote host such as a website?
Tracert/Traceroute
What is a diagnostic tool for verifying the IP address of a hostname (a record by default) in the DNS server database?
Nslookup
What is the equivalent of nslookup in a Linux environment?
dig
What commands show the IP configuration?
ipconfig/ifconfig
What is a free and open-source network mapper that can be used to create an inventory of devices on your network?
Nmap
What command is good for banner grabbing?
Nmap
What command has the functionality of both ping and tracert? Also calculates statistics after the trace, showing the packet loss at each router (each hop) it passes through.
Pathping
What command is an open-source packet generator and analyzer for the TCP/IP protocol, often used for auditing firewalls and networks?
Hping
What is a native tool on Windows operating systems used to see the established connections, listening ports, and even running services?
Netstat
What is a Linux/Unix utility for showing network connections, port scanning, and even file transfer?
netcat
What are popular free and open-source applications that will scan addresses in a range and ID open ports?
IP scanners
What is a protocol for mapping an IP address to a physical MAC address on a local area network?
Address Resolution Protocol (ARP)
What does the “arp -a” command do?
shows the ARP cache
What command enables listing existing routes in the local routing table, as well as adding manual entries into the network routing tables?
route
What does the “route print” command do?
view the local route table
What does the “route add” command do?
add a route
What is a command line tool used to transfer data using many supported protocols?
Curl
What is a passive tool that comes with Kali Linux used to harvest the email addresses of an organization?
TheHarvester
What is a penetration test reconnaissance tool that can be used for automated tests? Can also scan for vulnerabilities, open ports, web application vulnerabilities and perform attack surface discovery.
Sn1per
What is a pentesting tool used to perform anonymous open port scans on target hosts, such as web servers? (free and open source)
Scanless
What is a command line tool that automatically identifies basic DNS records and it has the ability to attempt reverse DNS resolution?
Dnsenum
What is a network security (vulnerability) scanner that utilizes plug-ins, which are separate files, to handle the vulnerability checks? It raises an alert if it discovers any vulnerabilities that malicious hackers could use to gain access.
Nessus
What tool creates a sandbox that can be used for analyzing files for malware inspection?
Cuckoo
What command in Linux can be used to create files, view files, and also concatenate several files into another file?
cat
What command can we use to check the top 10 messages from a log?
head
What command views the last x number of lines of a log file?
tail
What command is used to search text and log files for specific values?
Grep
What command is used to change the permission level?
chmod
What command can add a message to the local system log file or to a remote syslog server? Frequently used to send log messages from automation scripts to record actions performed and errors encountered.
Logger
What was created to serve as a secure alternative to Telnet for running commands remotely, and is commonly used when you want remote access to network devices? It can be used as a command line tool or in a Graphical User Interface (GUI), but it is not browser based.
SSH
What can perform tasks in a Window’s environment? Each command is known as a cmdlet and can be saved to a script with a .ps1 extension.
PowerShell
What is a popular and powerful programming language used by open source developers and data scientists? It is widely used in cybersecurity.
Python
What is a suite that can be used to create and manage Transport Layer Security (TLS) and Secure Socket Layer (SSL) protocol? Often used to generate private keys, create CSR’s, install your SSL/TLS certificate, and identify certificate information.
OpenSSL
What is an open-source tool that can be used to analyze .pcap files generated by either Wireshark or tcpdump? It can then replay the traffic and send it to the NIPS.
tcpreplay
What is a network packet analyzer command line tool on LInux/UNIX?
tcpdump
What is a free and open-source packet analyzer, with a command-line and GUI versions, available for Windows and Linux?
Wireshark
When the forensics team needs to investigate an image on a desktop or laptop, what command can be used to clone a disk or copy a folder in a Linux/Unix environment?
dd
What is a hexadecimal editor that can be used on any version of Windows OS’s to help forensics teams find evidence? It can be used to find and recover deleted or lost data from a corrupt drive.
WinHex
When a computer system crashes, all of the content of the memory is saved in what kind of file?
dump (.dmp) file
What is a data preview and imaging tool that lets you quickly assess electronic evidence to determine if further analysis with a forensic tool is warranted?
FTK imager
What can be used to analyze hard drives, smartphones, and media cards? Has a built-in translator to translate foreign languages into English.
Autopsy
What is a collection of commonly used tools that provide a complete environment for penetration testing and exploit development? Contains capabilities to detect and then exploit vulnerabilities on remote systems.
Metasploit Framework
What attempts to assign severity scores to vulnerabilities, allowing responders to prioritize responses and resources according to threats?
Common Vulnerability Scoring System (CVSS)
What is the process of irreversibly removing or destroying data stored on a memory device? (hard dries, flash memory, SSD’s, etc.) It is important to use the proper technique to ensure that all data is purged.
Data Sanitization
