Mastering Network Routing and Packet Forwarding

Questions and Answers

Which of the following best describes the purpose of network vulnerability scanning?

• To track applications at scale around the world
• To exploit known vulnerabilities
• To identify mistakes in an organization's network (correct)
• To find potential victims for attackers

What is the main function of a network vulnerability scanner?

• To connect to a server and check for outdated applications
• To confirm the existence of a vulnerability (correct)
• To exploit known vulnerabilities
• To find potential victims for attackers

What is the role of the Shodan search engine?

• To exploit known vulnerabilities
• To identify vulnerabilities in an organization's network
• To catalog scan results of internet-connected devices (correct)
• To find potential victims for attackers

Why are network vulnerability scans of interest to both organizations and attackers?

To find potential victims for attackers (D)

What does the Shodan search engine claim to be?

A search engine for internet-connected devices (C)

How can network vulnerability scans be used to remediate vulnerabilities?

By identifying mistakes in an organization's network (D)

What type of records does the Shodan search engine store?

Records of collected scan results (D)

What is the purpose of running periodic network vulnerability scans?

To identify mistakes in an organization's network (D)

What action does a network vulnerability scanner take if an application is running an outdated version with a known vulnerability?

It confirms the existence of the vulnerability (C)

What is the significance of the Shodan search engine for security researchers?

To access a vast catalogue of scan results (A)

Which technique is an essential part of network administration and network analysis at organizations?

Technical scanning (D)

What does a ping test involve?

Sending an ICMP packet to a target machine (C)

What does a ping test indicate if the target machine replies with an echo reply packet?

The target machine is active and switched on (B)

What is the purpose of technical scanning during the reconnaissance stage of an attack?

To collect information about the technical configuration (A)

What information does a ping test provide?

The status of a machine (C)

What is the outbound packet called in a ping test?

Echo request packet (D)

What is a packet?

A small amount of formatted data (A)

What does the "time to live" (TTL) property indicate in a packet?

How far into a network the machine is located (D)

Which technique is commonly used by organizations to debug networking issues?

Ping test (B)

What details about a target machine can be obtained through technical scanning?

Services running on the machine, operating system in use, vulnerabilities of services (C)

Which of the following statements is true about the 'time to live' (TTL) in a packet?

The TTL is decreased by one at each router it passes through. (B)

What can be determined by performing a traceroute between two computers?

The number of devices on a network. (D)

Which command can be used to start a ping test on Windows machines?

ping target_name (D)

What is the purpose of port scanning?

To identify open ports on a target machine. (C)

Which of the following is true about "well known" ports?

They are the first 1,024 ports in the TCP protocol. (D)

What is the main purpose of vulnerability scanning?

To determine if a vulnerability exists on a target system. (A)

Which method of vulnerability scanning involves comparing software version numbers against a database?

Database scanning (D)

What is the potential risk of dynamic scanning in vulnerability scanning?

It may perform illegal actions in certain countries. (A)

Which statement is true about a network vulnerability scan?

It requires the owner's consent before scanning a target. (D)

Which protocol is commonly used for web-based applications?

HTTP (C)