Applied College Shaqra Footprinting Techniques Quiz

Questions and Answers

Match the following terms with their definitions:

Foot printing = Collecting data about a specific target using innocuous methods Reconnaissance = Collecting data about the target's potential vulnerabilities and flaws Intrusion detection system (IDS) = System that triggers upon detecting suspicious activities Passive foot printing = A stealthier approach to collecting information remotely

Match the following tools with their purposes:

NeoTrace = Tool used for collecting data about a specific target Whois = Website that provides domain names and associated networks information Archive.org = Platform used for looking through historical data Job sites = Source for gathering information about employees

Match the following activities with their characteristics:

Passive foot printing = Does not engage the target's computer directly Foot printing = Involves determining the location and objective of an intrusion Reconnaissance = Similar to foot printing and focuses on potential vulnerabilities Intrusion detection system (IDS) = Triggers when detecting suspicious activities

Match the following phases of hacking with their descriptions:

Reconnaissance = Involves gathering preliminary data on the target organization Scanning = Uses technical tools to gather detailed intelligence on systems and applications

Match the following actions with their purpose in foot printing:

Gathering information about the target network = To find weaknesses that may be exploited Profiling an organization = To collect information about systems, network, and people associated

Match the following statements with their relation to foot printing:

Enables an ethical hacker to know about system security capabilities = Foot printing Helps identify vulnerabilities in businesses for policy changes = Foot printing

Match the following topics with their role in hacking phases:

Foot printing = Process used to gather information about the target network Scanning = Uses technical tools to gather intelligence on systems and applications

Match the purpose of foot printing with the correct description:

Know Security Posture = Hackers use data gathered during foot printing to know the security posture of the company Reduce Attack Surface = Enables hackers to identify and focus on a specific range of systems Identify vulnerabilities = Enables hackers and security professionals to gain additional knowledge about vulnerabilities in the target network Draw Network map = Helps to map the networks in the target environment, including the topology, trusted routers, firewalls, and servers

Match the following with what is collected during foot printing:

Security weaknesses = Identifying any security weaknesses during foot printing Contact information = Gathering contact information for system administrators and other users who may access sensitive data Network mapping = Mapping the networks in the target environment, including routers, firewalls, and servers Vulnerabilities and threats = Gaining knowledge about vulnerabilities and threats in the target network

Match the benefit of foot printing with its corresponding outcome:

Increased success likelihood = Gathering as much information about the target as possible to increase success when planning an attack Reduced time and effort = Significantly reduce the time and effort required for penetration testing by focusing on specific systems Additional knowledge gain = Gaining additional knowledge about vulnerabilities and threats in the target network Detailed network understanding = Mapping networks in the target environment with topology, routers, firewalls, and servers

Passive foot printing involves using malicious methods to collect information about a target.

False

Reconnaissance is a crucial part of the initial hacking exercise and involves collecting data about potential vulnerabilities.

True

Active foot printing always triggers the target's intrusion detection system (IDS).

False

One of the innocuous methods used in passive foot printing is looking at employees' social media profiles.

True

Foot printing processes typically start with determining the location and objective of an intrusion.

True

Foot printing enables an ethical hacker to know the security posture of a company.

True

Foot printing helps in increasing the attack surface of a target network.

False

Foot printing involves identifying the IP addresses and hostnames of all systems on the network.

True

Foot printing allows hackers to identify vulnerabilities in the target network.

True

Active foot printing refers to using tools and techniques like traceroute commands or a ping sweep to collect data.

True

Foot printing does not involve drawing a network map of the target environment.

False

The main goal of foot printing is to gather as little information as possible about the target.

False

Passive foot printing involves actively interacting with the target system to collect data.

False

If a company uses an outdated version of Windows, it may be less vulnerable to specific attacks.

False

Foot printing can reveal usernames and passwords for user accounts on the target system.

True

Reconnaissance involves gathering preliminary data on the target organization to enable a hacker to plan for the attack.

True

Scanning is the process where a hacker physically infiltrates the target organization's premises to gather information.

False

Foot printing is the process used to gather information about the target network to find weaknesses that may be exploited.

True

Ethical hackers do not spend time gathering information about the target organization's computer systems.

False

Foot printing enables an ethical hacker to know very little about a system and its security capabilities.

False

What is one of the main purposes of foot printing in network security attacks?

To map the networks in the target environment

How does foot printing help hackers identify vulnerabilities in a target network?

By gathering additional knowledge about the vulnerabilities and threats

Which type of foot printing involves tools like traceroute commands or ping sweeps?

Active foot printing

In network security, what does foot printing aim to achieve regarding the security posture of a company?

Identifying the presence of firewalls and security configurations

What kind of information is NOT typically collected during foot printing?

Sensitive data stored on the target network

Which type of foot printing involves collecting data about a target using innocuous methods?

Passive foot printing

What is the primary advantage of passive foot printing over active foot printing?

It is a stealthier approach

What is one of the innocuous methods mentioned in passive foot printing?

Looking at employees' social media profiles

What is the purpose of reconnaissance in hacking exercises?

To collect data about potential vulnerabilities

What is the first step in foot printing processes as mentioned in the text?

Determining the location and objective of an intrusion

What is the main purpose of foot printing in network security attacks?

To collect data about potential security vulnerabilities.

Which of the following is an example of active foot printing as described in the text?

Collecting data using traceroute commands.

In the context of network security, what does passive foot printing primarily involve?

Collecting information without directly interacting with the target.

Why is it important for an ethical hacker to understand the operating system and applications of a target system?

To identify potential security vulnerabilities.

What type of information can foot printing reveal about a company that is crucial for planning a network security attack?

Web server software versions and installed modules.

What is the primary purpose of foot printing in hacking?

To gather information about the target network's weaknesses

Which phase of hacking involves using technical tools to gather detailed intelligence on the systems and applications of the target organization?

Scanning

What information does foot printing predominantly aim to collect about the target organization?

Weaknesses in the target network

In foot printing, what does profiling an organization involve?

Collecting information about systems, network, and people associated with the organization

How does foot printing benefit ethical hackers in their activities?

By enabling them to know as much as possible about a system and its security capabilities

What is the first step in foot printing according to the text?

Identifying Targets

Which tools are mentioned in the text as useful for gathering information during foot printing?

Whois, Nmap, Netcat

What is the purpose of analyzing results in the context of foot printing?

To determine the most vulnerable points

Which phase involves planning a successful attack based on the information gathered during foot printing?

Planning Attacks

Why is reconnaissance important in the context of network security attacks?

To gather data before planning an attack

What is the main purpose of web crawling in the context of network security attacks?

To mirror a website and download publicly accessible files

How does NeoTrace contribute to network security attacks?

By providing path information between a source and a remote site

What is a common outcome of foot printing in network security attacks?

Gathering information about the basic security configurations of a target machine

Which activity is NOT typically associated with foot printing in network security attacks?

Interacting with the target system to collect data

What is the main purpose of scanning in network security attacks?

To identify live hosts, open ports, and active services

Which tool is specifically mentioned as a powerful tool used for discovering open ports?

NetScan Tools Pro

What activity does an ethical hacker use a network analyzer like Wireshark for during scanning?

To monitor network traffic on open ports

In foot printing, what is the purpose of determining the location and objective of an intrusion?

To gather preliminary data on potential vulnerabilities

Which activity is typically associated with scanning during the reconnaissance phase?

Probing the target network to identify live hosts and open ports

What does foot printing enable hackers to know about a target system?

The security posture of the company

Which tool is NOT mentioned as a powerful tool used mainly for discovering open ports?

Wireshark

What is the purpose of using ping scans during scanning?

To discover systems that are active on the network

What is an activity involved in scanning during reconnaissance to identify vulnerabilities?

Probing the target network to identify live hosts, open ports, and active services

How does scanning provide real-time insights into a target's vulnerabilities?

By sending ICMP echo request packets