Terms Lesson 1 Flashcards
Eavesdropping
Escuchar secretamente
Pod slurping
Extraer datos del computador a través de USB usando iPods
Wire tapping
Escucha telefónica. Pinchazo telefónico
IA
Information assurance
Ciberkill chain
Real - recon Women - weaponization Date - delivery Engineers - explotation In - installation Command - C2 Armor - actions and objectives
Hacking phases
Recon Scanning Gaining access Maintaining access Clearing tracks
Risk management
Identification Assessment (evaluación) Treatment Tracking Review
Threat modeling
Identify security objectives Application overview Decompose the application Identify threats Identify vulnerabilities
Ports: NTP TFTP BGP Kerberos Finger Netbios LDAP Telnet
123 69 179 88 79 139 389
Which of the following information is collected using enumeration?
Open ports and services
Operating systems, location of web servers, users, and passwords
Email Recipient’s system IP address and geolocation
Network resources, network shares, and machine names
Network resources, network shares, and machine names
Enumeration is the process of extracting user names, machine names, network resources, shares, and services from a system or network. Enumeration allows you to collect following information: Network resources Network shares Routing tables Audit and service settings SNMP and FQDN details Machine names Users and groups Applications and banners
What is the default port used by IPSEC IKE protocol?
Port 51
Port 4500
Port 50
Port 500
Port 500
IPSEC IKE: IP Security Internet Key Exchange Protocol is used for establishing Security Association for IPsec Protocol Suite. IKE uses UDP port 500 for establishing security association.
UDP port 4500 is used IPsec NAT-T
Remote Mail Checking Protocol uses UDP/TCP port 50
Port 51 is reserved by IANA
Which of the following NetBIOS service codes is used to obtain information related to the master browser name for the subnet?
<03>
<20>
<1D>
<1E>
1D
Which of the following tools is not a NetBIOS enumeration tool?
Hyena
NetScanTools Pro
OpUtils
SuperScan
Among the given options, Hyena, SuperScan, and NetScanTools Pro can be used to perform NetBIOS enumeration, whereas OpUtils is an SNMP enumeration tool.
Which of the following commands allows an SNMP agent to inform the pre-configured SNMP manager of a certain event?
GetNextRequest
Trap
GetResponse
SetRequest
Trap
SetRequest: Used by the SNMP manager to modify the value of a parameter within an SNMP agent’s management information base (MIB).
Trap: Used by an SNMP agent to inform the pre-configured SNMP manager of a certain event.
GetNextRequest: Used by the SNMP manager continuously to retrieve all the data stored in an array or table.
GetResponse: Used by an SNMP agent to satisfy a request made by the SNMP manager.
Which of the following management information bases (MIBs) contains object types for workstation and server services?
HOSTMIB.MIB
MIB_II.MIB
WINS.MIB
LNMIB2.MIB
LNMIB2.MIB
WINS.MIB: For the Windows Internet Name Service (WINS)
HOSTMIB.MIB: Monitors and manages host resources.
MIB_II.MIB
: Manages TCP/IP-based Internet using a simple architecture and system.
LNMIB2.MIB: Contains object types for workstation and server services.
Which protocol enables an attacker to enumerate user accounts and devices on a target system?
SMTP
SNMP
NetBIOS
TCP
SNMP
SNMP (Simple Network Management Protocol) is an application layer protocol that runs on UDP and maintains and manages routers, hubs, and switches on an IP network. SNMP agents run on Windows and UNIX networks on networking devices.
SNMP holds two passwords to access and configure the SNMP agent from the management station:
Read community string: It is public by default; allows viewing of device/system configuration
Read/write community string: It is private by default; allows remote editing of configuration
Attacker uses these default community strings to extract information about a device Attackers enumerate SNMP to extract information about network resources such as hosts, routers, devices, shares, etc. and network information such as ARP tables, routing tables, traffic, etc.
