- Email support@dumps4free.com
Topic 3, Scanning
You want to know whether a packet filter is in front of 192.168.1.10. Pings to
192.168.1.10 don't get answered. A basic nmap scan of 192.168.1.10 seems to hang
without returning any information. What should you do next?
A.
Use NetScan Tools Pro to conduct the scan
B.
Run nmap XMAS scan against 192.168.1.10
C.
Run NULL TCP hping2 against 192.168.1.10
D.
The firewall is blocking all the scans to 192.168.1.10
Run NULL TCP hping2 against 192.168.1.10
Ann would like to perform a reliable scan against a remote target. She is not
concerned about being stealth at this point.
Which of the following type of scans would be the most accurate and reliable
option?
A.
A half-scan
B.
A UDP scan
C.
A TCP Connect scan
D.
A FIN scan
A TCP Connect scan
Explanation: A TCP Connect scan, named after the Unix connect() system call is the most
accurate scanning method. If a port is open the operating system completes the TCP threeway
handshake, and the port scanner immediately closes the connection. Otherwise an
error code is returned.
Example of a three-way handshake followed by a reset:
Source Destination Summary
-------------------------------------------
[192.168.0.8] [192.168.0.10] TCP: D=80 S=49389 SYN SEQ=3362197786 LEN=0
WIN=5840
[192.168.0.10] [192.168.0.8] TCP: D=49389 S=80 SYN ACK=3362197787 SEQ=58695210
LEN=0 WIN=65535
[192.168.0.8] [192.168.0.10] TCP: D=80 S=49389 ACK=58695211 WIN<<2=5840
[192.168.0.8] [192.168.0.10] TCP: D=80 S=49389 RST ACK=58695211 WIN<<2=5840
You are doing IP spoofing while you scan your target. You find that the target has port 23
open.Anyway you are unable to connect. Why?
A.
A firewall is blocking port 23
B.
You cannot spoof + TCP
C.
You need an automated telnet tool
D.
The OS does not reply to telnet even if port 23 is open
A firewall is blocking port 23
Explanation: Explanation: The question is not telling you what state the port is being
reported by the scanning utility, if the program used to conduct this is nmap, nmap will
show you one of three states – “open”, “closed”, or “filtered” a port can be in an “open”
state yet filtered, usually by a stateful packet inspection filter (ie. Netfilter for linux, ipfilter for
bsd). C and D to make any sense for this question, their bogus, and B, “You cannot spoof +
TCP”, well you can spoof + TCP, so we strike that out.
The following excerpt is taken from a honeyput log. The log captures activities
across three days. There are several intrusion attempts; however, a few are
successful. Study the log given below and answer the following question:
(Note: The objective of this questions is to test whether the student has learnt about
passive OS fingerprinting (which should tell them the OS from log captures): can
they tell a SQL injection attack signature; can they infer if a user ID has been created
by an attacker and whether they can read plain source – destination entries from log
entries.)
What can you infer from the above log?
A.
The system is a windows system which is being scanned unsuccessfully.
B.
The system is a web application server compromised through SQL injection.
C.
The system has been compromised and backdoored by the attacker.
D.
The actual IP of the successful attacker is 24.9.255.53.
The system is a windows system which is being scanned unsuccessfully.
What is a primary advantage a hacker gains by using encryption or programs such
as Loki?
A.
It allows an easy way to gain administrator rights
B.
It is effective against Windows computers
C.
It slows down the effective response of an IDS
D.
IDS systems are unable to decrypt it
E.
Traffic will not be modified in transit
IDS systems are unable to decrypt it
Explanation: Because the traffic is encrypted, an IDS cannot understand it or evaluate the
payload.
| Page 21 out of 153 Pages |
| Previous |