University of Maryland, University College CMIT 321 quiz 1 2nd part
Question 10 (5 points)
You have been hired to perform a black-box test
... [Show More] for a client. How much information will you be able to get from the client before commencing this test?
Question 10 options:
the IP address of the corporate web server
a list of employee e-mail addresses
the corporate name
system documentation only
Save
Question 11 (5 points)
An attacker delivers a SYN packet to a target system and receives a SYN/ACK from a listening port. The attacker responds with an RST packet to avoid completing the three-way handshake. Which of following scanning methods is the attacker using?
Question 11 options:
XMAS scan
RST scan
ACK scan
SYN scan<
Save
Question 12 (5 points)
If an organization has limited resources and money, which type of ethical hacking testing method might be best suited for the client?
Question 12 options:
black-box testing
blue-box testing
red-box testing
white-box testing
Save
Question 13 (5 points)
Which one of these attacks is considered an active attack?
Question 13 options:
a)
Causing a Denial of Service (DoS).
b)
Copying data from the target's website.
c)
Telnetting to the target website.
d)
Tracerouting to the target IP address.
Save
Question 14 (5 points)
________________ is the process of identifying the services running on a target system.
Question 14 options:
Network scanning
Enumeration
Port scanning
Ping sweep
Save
Question 15 (5 points)
Attackers can use an ACK scan to learn the type of firewall or firewall rule sets that might be guarding a target system. Based on the packet information below, which port is considered to be filtered? Packet 1: Attackers can use an ACK scan to learn the type of firewall or firewall rule sets that might be guarding a target system. Based on the packet information below, which port is considered to be filtered?
Packet 1: Server IP port 20: F: RST à TTL: 68 win:0
Packet 2: Server IP port 21: F: RST à TTL: 56 win:0
Packet 3: Server IP port 22: F: RST à TTL: 68 win:0
Packet 4: Server IP port 23: F: RST à TTL: 68 win:0
Question 15 options:
20
21
22
23
Save
Question 16 (5 points)
Based on the information below, identify the type of port scan and whether the port is open or closed.
CLIENT
SERVER
82.27.51.100:6347
--- FIN/URG/PSH ----->
10.31.64.21:25
82.27.51.100:6347
<--- NO RESPONSE ----
10.31.64.21:25
Question 16 options:
SYN Scan, Port is closed
FIN Scan, Port is closed
Idle Scan, Port is open
XMAS Scan, Port is open
Save
Question 17 (5 points)
Once an attacker has successfully compromised a target system, she will take one last step to avoid legal trouble while maintaining access. This phase of the attack is called ___________________.
Question 17 options:
patching the system
hiding tracks
covering tracks
concealing evidence
Save
Question 18 (5 points)
Identify the correct syntax command you would use to perform a SYN scan using the Nmap port scanning tool.
Question 18 options:
-S
-s
-SYN
–sS
Save
Question 19 (5 points)
Which of the following correctly identifies the three-way-handshake process?
Question 19 options:
SYN-ACK-ACK
SYN-ACK-SYN
SYN-SYN-ACK
SYN-SYN/ACK-ACK
Save
Question 20 (5 points)
When conducting penetration testing, it is important that a formal contract is drawn up to protect the ethical attacker from prosecution due to activities in the conducting phase. It is also important that the contract contains a __________________, to protect the client’s confidential data.
Question 20 options:
nondisclosure agreement
privacy clause
conduct agreement
statement of confidence
You receive a number of calls from customers who cannot access your corporate website. You decide to investigate by logging in to your routers, and the logs show that network traffic is unusually high. You also notice that almost all the traffic is originating from a specific address. Using several traceroute tools to find out where the suspect IP originates from, you discover that the IP is coming from somewhere in Europe. Thinking that the network is under a denial-of-service attack, you must find out more about the originating IP address. What Internet registry would you examine to find information about the IP address?
Question 1 options:
RIPE NCC
APNIC
ARIN
LACNIC
Which one of the following scanning tools contains an up-to-date vulnerability database and is made up of a server and client front-end?
Question 2 options:
NMAP
Nessus
traceroute
ZenMap
During the FootPrinting process, where is the best place to find information about a target organization’s software, hardware, and network-related information?
Question 3 options:
Check the organization’s public website.
Search Google for news-related articles about the target.
Examine Archive.org.
Look at job-related websites.
The following tools are used for footprining (choose 3):
Question 6 options:
Recong-ng
Aircrack-ng
Maltego
FOCA
Tracert counts the number of __________ to a destination IP Address.
Question 9 options:
Pings
Lookup Requests
Hops
ICMP Echo Replies
Which of the following Flags will indicate that there is a new sequence number:
Question 13 options:
ACK
URG
SYN
PSH
Which of the following countermeasures are considered best practices for preventing unauthorized DNS zone transfers? (Select all that apply.)
Question 14 options:
a)
Split DNS.
b)
Filter TCP port 53 on the firewall.
c)
Filter TCP port 139 and 445 on the firewall.
d)
Disable reverse lookup zones.
footprinting tools will help gather the following information about a target (choose 3):
Question 19 options:
DNS Records
Host Names
IP Addresses
Process Lists
Once an attacker gains access to a target system, he will attempt to _____________ in order to continue exploiting the system.
Question 11 options:
target other systems
maintain access
port scan
fingerprint
If you want to perform active banner grabbing on a target web server, which of the following tools would be most suitable?
Question 14 options:
Netstat
Telnet
Nslookup
NbtStat
The following is one of the most reliable forms of TCP scanning:
Question 19 options:
XMAS Scan
Inverse TCP Flag Scan
Connect Scan
Half-open Scan
The Simple Service Discovery Protocol (SSDP) will (choose 3):
Question 1 options:
Not work behind a firewall
Can be vulnerable to denial of service
Uses multicast addresses
Controls Communication for the Universal Plug and Play Service
_______________ is a spoofing technique that allows an attacker to choose the path a packet will take through the Internet.
Question 2 options:
SYN scanning
Tracerouting
Source routing
HTTP tunneling [Show Less]