Applied College Shaqra Footprinting Techniques Quiz

Questions and Answers

Match the following terms with their definitions:

Foot printing = Collecting data about a specific target using innocuous methods Reconnaissance = Collecting data about the target's potential vulnerabilities and flaws Intrusion detection system (IDS) = System that triggers upon detecting suspicious activities Passive foot printing = A stealthier approach to collecting information remotely

Match the following tools with their purposes:

NeoTrace = Tool used for collecting data about a specific target Whois = Website that provides domain names and associated networks information Archive.org = Platform used for looking through historical data Job sites = Source for gathering information about employees

Match the following activities with their characteristics:

Passive foot printing = Does not engage the target's computer directly Foot printing = Involves determining the location and objective of an intrusion Reconnaissance = Similar to foot printing and focuses on potential vulnerabilities Intrusion detection system (IDS) = Triggers when detecting suspicious activities

Match the following phases of hacking with their descriptions:

Reconnaissance = Involves gathering preliminary data on the target organization Scanning = Uses technical tools to gather detailed intelligence on systems and applications

Match the following actions with their purpose in foot printing:

Gathering information about the target network = To find weaknesses that may be exploited Profiling an organization = To collect information about systems, network, and people associated

Match the following statements with their relation to foot printing:

Enables an ethical hacker to know about system security capabilities = Foot printing Helps identify vulnerabilities in businesses for policy changes = Foot printing

Match the following topics with their role in hacking phases:

Foot printing = Process used to gather information about the target network Scanning = Uses technical tools to gather intelligence on systems and applications

Match the purpose of foot printing with the correct description:

Know Security Posture = Hackers use data gathered during foot printing to know the security posture of the company Reduce Attack Surface = Enables hackers to identify and focus on a specific range of systems Identify vulnerabilities = Enables hackers and security professionals to gain additional knowledge about vulnerabilities in the target network Draw Network map = Helps to map the networks in the target environment, including the topology, trusted routers, firewalls, and servers

Match the following with what is collected during foot printing:

Security weaknesses = Identifying any security weaknesses during foot printing Contact information = Gathering contact information for system administrators and other users who may access sensitive data Network mapping = Mapping the networks in the target environment, including routers, firewalls, and servers Vulnerabilities and threats = Gaining knowledge about vulnerabilities and threats in the target network

Match the benefit of foot printing with its corresponding outcome:

Increased success likelihood = Gathering as much information about the target as possible to increase success when planning an attack Reduced time and effort = Significantly reduce the time and effort required for penetration testing by focusing on specific systems Additional knowledge gain = Gaining additional knowledge about vulnerabilities and threats in the target network Detailed network understanding = Mapping networks in the target environment with topology, routers, firewalls, and servers

Passive foot printing involves using malicious methods to collect information about a target.

False (B)

Reconnaissance is a crucial part of the initial hacking exercise and involves collecting data about potential vulnerabilities.

True (A)

Active foot printing always triggers the target's intrusion detection system (IDS).

False (B)

One of the innocuous methods used in passive foot printing is looking at employees' social media profiles.

True (A)

Foot printing processes typically start with determining the location and objective of an intrusion.

True (A)

Foot printing enables an ethical hacker to know the security posture of a company.

True (A)

Foot printing helps in increasing the attack surface of a target network.

False (B)

Foot printing involves identifying the IP addresses and hostnames of all systems on the network.

True (A)

Foot printing allows hackers to identify vulnerabilities in the target network.

True (A)

Active foot printing refers to using tools and techniques like traceroute commands or a ping sweep to collect data.

True (A)

Foot printing does not involve drawing a network map of the target environment.

False (B)

The main goal of foot printing is to gather as little information as possible about the target.

False (B)

Passive foot printing involves actively interacting with the target system to collect data.

False (B)

If a company uses an outdated version of Windows, it may be less vulnerable to specific attacks.

False (B)

Foot printing can reveal usernames and passwords for user accounts on the target system.

True (A)

Reconnaissance involves gathering preliminary data on the target organization to enable a hacker to plan for the attack.

True (A)

Scanning is the process where a hacker physically infiltrates the target organization's premises to gather information.

False (B)

Foot printing is the process used to gather information about the target network to find weaknesses that may be exploited.

True (A)

Ethical hackers do not spend time gathering information about the target organization's computer systems.

False (B)

Foot printing enables an ethical hacker to know very little about a system and its security capabilities.

False (B)

What is one of the main purposes of foot printing in network security attacks?

To map the networks in the target environment (C)

How does foot printing help hackers identify vulnerabilities in a target network?

By gathering additional knowledge about the vulnerabilities and threats (C)

Which type of foot printing involves tools like traceroute commands or ping sweeps?

Active foot printing (B)

In network security, what does foot printing aim to achieve regarding the security posture of a company?

Identifying the presence of firewalls and security configurations (A)

What kind of information is NOT typically collected during foot printing?

Sensitive data stored on the target network (C)

Which type of foot printing involves collecting data about a target using innocuous methods?

Passive foot printing (A)

What is the primary advantage of passive foot printing over active foot printing?

It is a stealthier approach (B)

What is one of the innocuous methods mentioned in passive foot printing?

Looking at employees' social media profiles (C)

What is the purpose of reconnaissance in hacking exercises?

To collect data about potential vulnerabilities (C)

What is the first step in foot printing processes as mentioned in the text?

Determining the location and objective of an intrusion (D)

What is the main purpose of foot printing in network security attacks?

To collect data about potential security vulnerabilities. (A)

Which of the following is an example of active foot printing as described in the text?

Collecting data using traceroute commands. (B)

In the context of network security, what does passive foot printing primarily involve?

Collecting information without directly interacting with the target. (B)

Why is it important for an ethical hacker to understand the operating system and applications of a target system?

To identify potential security vulnerabilities. (B)

What type of information can foot printing reveal about a company that is crucial for planning a network security attack?

Web server software versions and installed modules. (B)

What is the primary purpose of foot printing in hacking?

To gather information about the target network's weaknesses (A)

Which phase of hacking involves using technical tools to gather detailed intelligence on the systems and applications of the target organization?

Scanning (C)

What information does foot printing predominantly aim to collect about the target organization?

Weaknesses in the target network (C)

In foot printing, what does profiling an organization involve?

Collecting information about systems, network, and people associated with the organization (B)

How does foot printing benefit ethical hackers in their activities?

By enabling them to know as much as possible about a system and its security capabilities (A)

What is the first step in foot printing according to the text?

Identifying Targets (B)

Which tools are mentioned in the text as useful for gathering information during foot printing?

Whois, Nmap, Netcat (A)

What is the purpose of analyzing results in the context of foot printing?

To determine the most vulnerable points (C)

Which phase involves planning a successful attack based on the information gathered during foot printing?

Planning Attacks (A)

Why is reconnaissance important in the context of network security attacks?

To gather data before planning an attack (C)

What is the main purpose of web crawling in the context of network security attacks?

To mirror a website and download publicly accessible files (D)

How does NeoTrace contribute to network security attacks?

By providing path information between a source and a remote site (D)

What is a common outcome of foot printing in network security attacks?

Gathering information about the basic security configurations of a target machine (C)

Which activity is NOT typically associated with foot printing in network security attacks?

Interacting with the target system to collect data (B)

What is the main purpose of scanning in network security attacks?

To identify live hosts, open ports, and active services (D)

Which tool is specifically mentioned as a powerful tool used for discovering open ports?

NetScan Tools Pro (B)

What activity does an ethical hacker use a network analyzer like Wireshark for during scanning?

To monitor network traffic on open ports (B)

In foot printing, what is the purpose of determining the location and objective of an intrusion?

To gather preliminary data on potential vulnerabilities (D)

Which activity is typically associated with scanning during the reconnaissance phase?

Probing the target network to identify live hosts and open ports (D)

What does foot printing enable hackers to know about a target system?

The security posture of the company (B)

Which tool is NOT mentioned as a powerful tool used mainly for discovering open ports?

Wireshark (A)

What is the purpose of using ping scans during scanning?

To discover systems that are active on the network (D)

What is an activity involved in scanning during reconnaissance to identify vulnerabilities?

Probing the target network to identify live hosts, open ports, and active services (A)

How does scanning provide real-time insights into a target's vulnerabilities?

By sending ICMP echo request packets (A)