Advanced OSINT Techniques Quiz

Questions and Answers

What is the purpose of using TCP SYN ping scan?

To record logs at the system level

To leave traces for detection

To determine if the host is active without creating a connection (correct)

To establish a connection with the host

Why is it mentioned that logs are not recorded at the system or network level in TCP SYN ping scans?

To attract more attention from the defenders

Because the attackers do not know how to record logs

To avoid leaving traces for detection (correct)

To increase network performance

What is the primary goal of enumerating usernames and other information during network attacks?

To reduce network services

To improve network security

To establish connections with network shares

To identify vulnerabilities in the target network (correct)

How does TCP SYN ping scan help attackers in stealthy reconnaissance?

By determining host activity without creating a connection

What critical aspect does enumeration help attackers with during network intrusions?

Uncovering vulnerabilities in the target network

What specific IP address range is reserved for private internets?

10.0.0.0–10.255.255.255 (10/8 prefix)

What important information can network range details reveal?

Network topology, OS used, access control devices

What is the aim of social engineering?

To gain unauthorized access to systems or networks

What type of information can be obtained through social engineering?

Social security numbers, credit card details, usernames and passwords

How does social engineering start?

Gaining the confidence of an authorized user

What can an attacker do with the confidential information obtained through social engineering?

Use it for malicious purposes like identity theft and unauthorized access

What is the primary goal of footprinting?

To collect information about an organization, network, and systems

Which of the following is NOT part of the organizational information collected during footprinting?

Passwords of employees

What is one of the benefits of footprinting for an attacker?

It allows for the identification of vulnerabilities in the target system

Which of the following types of information is NOT typically collected during network footprinting?

Encryption keys used in the network

What is one of the advantages of footprinting for an attacker?

It helps in identifying the most effective attack vector

What type of information is NOT typically collected during system footprinting?

Encryption algorithms used in the system

What is the title of the book authored by Ric Messier in 2021?

CEH V11: Certified Ethical Hacker Version 11 Practice Tests

Who authored the book 'Penetration Testing A Hands-On Introduction to Hacking'?

Georgia Weidman

Which book is not authored by Ric Messier?

Ethical Hacking and Penetration Testing Made Easy

Which edition of 'Ethical Hacking and Countermeasures' corresponds to the CEH Exam 31250?

v11

Who published the book 'Ethical Hacking and Countermeasures v11 (CEH Exam 31250) Professional Series'?

EC-Council

'The Basics of Hacking and Penetration Testing, Second Edition' was authored by:

Patrick Engebretson

Which of the following is NOT a technique used in passive footprinting?

Performing traceroute analysis

What is the primary difference between active and passive footprinting?

Active footprinting involves direct interaction with the target, while passive does not.

Which of the following is an example of active footprinting?

Performing social engineering techniques

What is the purpose of performing competitive intelligence during footprinting?

To determine the target's market position and business strategies

Which of the following is NOT a technique used in active footprinting?

Collecting information from public forums and blogs

What is the potential consequence of using active footprinting techniques?

It may trigger alerts on the target system, revealing the footprinting activity.