Ethical Hacking: Reconnaissance Phase

Questions and Answers

What are the six phases of ethical hacking?

• Reconnaissance, scanning, gaining access, maintaining access, clearing tracks, reporting (correct)
• Passive methods, active methods, Nmap, Metasploit, ethical hackers, black hat hackers
• Foot printing, fingerprinting, network mapping, domain names, IP addresses, employee details
• White hat hackers, grey hat hackers, black hat hackers, suicide hackers/hacktivists

What is the main goal of ethical hacking?

• To conduct malicious attacks
• To steal confidential data
• To identify vulnerabilities in systems (correct)
• To gather personal information

What is the purpose of reconnaissance in ethical hacking?

• Reporting vulnerabilities to the media
• Gathering information about the target system (correct)
• Executing cyber attacks
• Manipulating network configurations

Which tool is commonly used in ethical hacking for network mapping and information gathering?

Nmap (C)

What is the term used to determine the operating system of a target computer in ethical hacking?

Fingerprinting (B)

Which type of hacker is also known as a cracker?

Black hat hacker (C)

What is the primary goal of ethical hacking?

Identifying vulnerabilities to enhance security (B)

What is the difference between white hat hackers and black hat hackers?

White hat hackers identify vulnerabilities to enhance security, while black hat hackers exploit vulnerabilities for personal gain. (C)

What phase of ethical hacking involves removing traces of the hacker's activities?

Clearing tracks (A)

In ethical hacking, what task is performed during the reconnaissance phase?

Gathering information about the target system (C)

What is the purpose of fingerprinting in ethical hacking?

Determining the operating system of a target computer (B)

Which tool is commonly used in ethical hacking for gaining access to a target system?

Metasploit (B)

What information is collected during foot printing in ethical hacking?

Domain names and IP addresses (B)

What is the main focus of ethical hackers when conducting reconnaissance?

Finding potential vulnerabilities in the system (C)

What action should an ethical hacker take after gaining unauthorized access to a system?

Report the vulnerability and provide recommendations for securing the system (C)

Flashcards are hidden until you start studying

Study Notes

• Hacking originated in the early 1960s at MIT, evolving into a discipline with ethical hacking being a legal form of hacking done with permission.
• Different types of hackers include white hat hackers (ethical hackers), black hat hackers (crackers), grey hat hackers, and suicide hackers/hacktivists.
• Ethical hacking consists of six phases: reconnaissance, scanning, gaining access, maintaining access, clearing tracks, and reporting.
• Reconnaissance involves gathering information about the target system through active and passive methods like foot printing and after foot printing.
• Foot printing involves collecting information like domain names, IP addresses, employee details, and network configurations to understand the target system.
• Fingerprinting in ethical hacking determines the operating system of a target computer through active (crafting packets) and passive (sniffer traces) methods.
• Tools like Nmap and Metasploit are commonly used in ethical hacking for reconnaissance, scanning, and gaining access phases.
• Ethical hackers aim to identify vulnerabilities in systems to enhance security and protect against malicious attacks.
• The ethical hacking process includes compiling a report with findings, tools used, success rate, vulnerabilities found, and exploit processes.
• Detailed examples of how reconnaissance is conducted, including obtaining domain information, IP addresses, network mapping, and using tools like Nmap for information gathering.

Description

Explore the reconnaissance phase of ethical hacking, including information gathering, footprinting, and fingerprinting techniques. Learn about the tools and methods used to gather data on target systems and conduct vulnerability assessments.