Security tools

Question 1

The _____ command views and configures the host’s local routing table

Answer 1

route

Question 2

The _____ command uses ICMP probes to report the round trip time (RTT) for hops between the local host and a host on a remote network on Windows.

Answer 2

tracert

Question 3

The _____ command performs route discovery from a Linux host using UDP probes rather than ICMP.

Answer 3

traceroute

Question 4

The _____ tool for Windows provides statistics for latency and packet loss along a route over a longer measuring period.

Answer 4

pathping

Question 5

The ___ command is a TCP/IP command-line utility for viewing and modifying the local Address Resolution Protocol ____ cache, which contains recently resolved MAC addresses of Internet Protocol (IP) hosts on the network.

Answer 5

arp

Question 6

The Linux-based tool _____ can run against the /dev/mem device file provided a kernel driver

Answer 6

memdump

Question 7

_____ is a hex and disk editor for Windows that, when preinstalled on the host system, allows live capture of system memory.

Answer 7

WinHex

Question 8

The common Linux tool ____ is a file conversion and copying tool that can copy entire disks, including hard disk images and memory dump files such as the /dev/mem device file. This makes it useful for easily and simply obtaining captures of a system’s memory.

Answer 8

dd

Question 9

_____ is a tool for gathering open-source intelligence (OSINT) for a particular domain or company name. It works by scanning multiple public data sources and gathering emails, names, subdomains, IPs, URLs, and other relevant data.

Answer 9

theHarvester

Question 10

The ____ tool is a port scanner that runs its scans through third-party websites to evade detection. This allows for stealthy port scanning.

Answer 10

scanless

Question 11

____ is an open-source tool that has packet sniffing and injection as well as Denial of Service (DoS) testing features built right in.

Answer 11

hping

Question 12

_____ is a commercial suite of Windows-compatible forensic investigation software and includes the capability for live memory capture and saves the data in a proprietary .eo1 file format.

Answer 12

FTK Imager

Question 13

The ______ is widely used for system memory analysis and can install the pmem kernel driver, allowing tools such as memdump or dd to access the /dev/mem device memory file on Linux.

Answer 13

Volatility Framework

Question 14

_____ is a framework designed for penetration test reporting and evidence gathering and can integrate with other tools, such as Metasploit, to run automated tests.

Answer 14

Sn1per

Question 15

The _______, developed by the Open Web Application Security Project (OWASP), provides scanning tools and scripts for web application and mobile app security testing.

Answer 15

Zed Attack Proxy

Question 16

_____ is a security product designed to analyze malware as it runs in an isolated sandbox environment. It does not scan for vulnerabilities.

Answer 16

Cuckoo

Question 17

The _____ command allows the admin to check the state of ports on the local machine (Windows or Linux)

Answer 17

netstat

Question 18

_____ is a suite of tools to assist with troubleshooting issues with Windows

Answer 18

Sysinternals

Question 19

______ is a disk wiping sanitization software tool that can purge data on disk by overwriting data with 1s and 0s.

Answer 19

Active KillDisk

Question 20

_____ is a fileless open source Linux malware framework that enables customers to build and manage payloads quickly.

Answer 20

FireELF