- Email support@dumps4free.com
Topic 3, Scanning
You are conducting an idlescan manually using HPING2. During the scanning
process, you notice that almost every query increments the IPID- regardless of the
port being queried. One or two of the queries cause the IPID to increment by more
than one value. Which of he following options would be a possible reason?
A.
Hping2 can’t be used for idlescanning
B.
The Zombie you are using is not truly idle
C.
These ports are actually open on the target system
D.
A stateful inspection firewall is resetting your queries
The Zombie you are using is not truly idle
Explanation: If the IPID increments more than one value that means that there has been
network traffic between the queries so the zombie is not idle.
Bob is a Junior Administrator at ABC.com is searching the port number of POP3 in a
file. The partial output of the file is look like:
In which file he is searching?
A.
services
B.
protocols
C.
hosts
D.
resolve.conf
services
Explanation: The port numbers on which certain standard services are offered are defined
in the RFC 1700 Assigned Numbers. The /etc/services file enables server and client
programs to convert service names to these numbers -ports. The list is kept on each host
and it is stored in the file /etc/services.
Which of the following Nmap commands would be used to perform a stack
fingerprinting?
A.
Nmap -O -p80 <host(s.>
B.
Nmap -hU -Q<host(s.>
C.
Nmap -sT -p <host(s.>
D.
Nmap -u -o -w2 <host>
E.
Nmap -sS -0p target
Nmap -O -p80 <host(s.>
Explanation: This option activates remote host identification via TCP/IP fingerprinting. In
other words, it uses a bunch of techniques to detect subtlety in the underlying operating
system network stack of the computers you are scanning. It uses this information to create
a "fingerprint" which it compares with its database of known OS fingerprints (the nmap-osfingerprints
file. to decide what type of system you are scanning.
Which of the following is a patch management utility that scans one or more
computers on your network and alerts you if you important Microsoft Security
patches are missing. It then provides links that enable those missing patches to be
downloaded and installed.
A.
MBSA
B.
BSSA
C.
ASNB
D.
PMUS
MBSA
Explanation: The Microsoft Baseline Security Analyzer (MBSA) is a tool put out by
Microsoft to help analyze security problems in Microsoft Windows. It does this by scanning
the system for security problems in Windows, Windows components such as the IIS web
server application, Microsoft SQL Server, and Microsoft Office. One example of an issue
might be that permissions for one of the directories in the wwwroot folder of IIS could be set
at too low a level, allowing unwanted modification of files from outsiders.
You are concerned that someone running PortSentry could block your scans, and
you decide to slow your scans so that no one detects them. Which of the following
commands will help you achieve this?
A.
nmap -sS -PT -PI -O -T1 <ip address>
B.
nmap -sO -PT -O -C5 <ip address>
C.
nmap -sF -PT -PI -O <ip address>
D.
nmap -sF -P0 -O <ip address>
nmap -sS -PT -PI -O -T1 <ip address>
Explanation: -T[0-5]: Set timing template (higher is faster)
| Page 12 out of 153 Pages |
| Previous |