- Email support@dumps4free.com
Topic 3, Scanning
A distributed port scan operates by:
A.
Blocking access to the scanning clients by the targeted host
B.
Using denial-of-service software against a range of TCP ports
C.
Blocking access to the targeted host by each of the distributed scanning clients
D.
Having multiple computers each scan a small number of ports, then correlating the
results
Having multiple computers each scan a small number of ports, then correlating the
results
Explanation: Think of dDoS (distributed Denial of Service) where you use a large number
of computers to create simultaneous traffic against a victim in order to shut them down.
What are two things that are possible when scanning UDP ports? (Choose two.)
A.
A reset will be returned
B.
An ICMP message will be returned
C.
The four-way handshake will not be completed
D.
An RFC 1294 message will be returned
E.
Nothing
An ICMP message will be returned
Nothing
Explanation: Closed UDP ports can return an ICMP type 3 code 3 message. No response
can mean the port is open or the packet was silently dropped.
What are the default passwords used by SNMP?(Choose two.)
A.
Password
B.
SA
C.
Private
D.
Administrator
E.
Public
F.
Blank
Private
Public
Explanation: Besides the fact that it passes information in clear text, SNMP also uses
well-known passwords. Public and private are the default passwords used by SNMP.
An Nmap scan shows the following open ports, and nmap also reports that the OS
guessing results to match too many signatures hence it cannot reliably be identified:
21 ftp
23 telnet
80 http
443 https
What does this suggest ?
A.
This is a Windows Domain Controller
B.
The host is not firewalled
C.
The host is not a Linux or Solaris system
D.
The host is not properly patched
The host is not properly patched
Explanation: Explanation: If the answer was A nmap would guess it, it holds the MS
signature database, the host not being firewalled makes no difference. The host is not linux
or solaris, well it very well could be. The host is not properly patched? That is the closest;
nmaps OS detection architecture is based solely off the TCP ISN issued by the operating
systems TCP/IP stack, if the stack is modified to show output from randomized ISN's or if
your using a program to change the ISN then OS detection will fail. If the TCP/IP IP ID's
are modified then os detection could also fail, because the machine would most likely come
back as being down.
What port scanning method is the most reliable but also the most detectable?
A.
Null Scanning
B.
Connect Scanning
C.
ICMP Scanning
D.
Idlescan Scanning
E.
Half Scanning
F.
Verbose Scanning
Connect Scanning
Explanation: A TCP Connect scan, named after the Unix connect() system call is the most
accurate scanning method. If a port is open the operating system completes the TCP threeway
handshake, and the port scanner immediately closes the connection.
| Page 19 out of 153 Pages |
| Previous |