Podcast
Questions and Answers
What is the primary purpose of the Metasploit Framework?
What is the primary purpose of the Metasploit Framework?
NetScanTools Pro can only discover IPv4 addresses.
NetScanTools Pro can only discover IPv4 addresses.
False
Which tool is used to perform a UDP scan on port 53?
Which tool is used to perform a UDP scan on port 53?
hping3
The tool __________ provides packet-level network analysis for troubleshooting.
The tool __________ provides packet-level network analysis for troubleshooting.
Signup and view all the answers
Match the following tools with their descriptions:
Match the following tools with their descriptions:
Signup and view all the answers
Which tool is a high-performance scanner aimed at large-scale network audits?
Which tool is a high-performance scanner aimed at large-scale network audits?
Signup and view all the answers
Mobile device scanning tools can perform port scanning.
Mobile device scanning tools can perform port scanning.
Signup and view all the answers
List one capability of the Metasploit Framework.
List one capability of the Metasploit Framework.
Signup and view all the answers
Which technique uses ARP requests to discover active devices?
Which technique uses ARP requests to discover active devices?
Signup and view all the answers
ICMP Echo Ping Scan is ineffective for identifying active systems.
ICMP Echo Ping Scan is ineffective for identifying active systems.
Signup and view all the answers
What command is used for a UDP Ping Scan?
What command is used for a UDP Ping Scan?
Signup and view all the answers
The technique that sends TCP requests to initiate a 3-way handshake is called ______.
The technique that sends TCP requests to initiate a 3-way handshake is called ______.
Signup and view all the answers
What response indicates that a host is inactive when using an ICMP Timestamp Ping Scan?
What response indicates that a host is inactive when using an ICMP Timestamp Ping Scan?
Signup and view all the answers
Match the following scanning techniques with their respective commands:
Match the following scanning techniques with their respective commands:
Signup and view all the answers
The TCP ACK Ping Scan creates actual connections.
The TCP ACK Ping Scan creates actual connections.
Signup and view all the answers
What is the purpose of sending ICMP Address Mask requests?
What is the purpose of sending ICMP Address Mask requests?
Signup and view all the answers
What does SSDP stand for?
What does SSDP stand for?
Signup and view all the answers
A List Scan actively scans services and ports on a network.
A List Scan actively scans services and ports on a network.
Signup and view all the answers
What is one primary advantage of using SSDP scans?
What is one primary advantage of using SSDP scans?
Signup and view all the answers
SSDP uses multicast over _____ and _____ to communicate.
SSDP uses multicast over _____ and _____ to communicate.
Signup and view all the answers
What vulnerability can SSDP scans expose?
What vulnerability can SSDP scans expose?
Signup and view all the answers
List Scans utilize reverse DNS resolution to identify hostnames.
List Scans utilize reverse DNS resolution to identify hostnames.
Signup and view all the answers
Name one disadvantage of using List Scans.
Name one disadvantage of using List Scans.
Signup and view all the answers
Match the scanning technique with its feature:
Match the scanning technique with its feature:
Signup and view all the answers
What type of attack can exploit vulnerabilities in UPnP?
What type of attack can exploit vulnerabilities in UPnP?
Signup and view all the answers
Active banner grabbing is a stealthy method of gathering OS information.
Active banner grabbing is a stealthy method of gathering OS information.
Signup and view all the answers
What is the main purpose of a List Scan?
What is the main purpose of a List Scan?
Signup and view all the answers
The process of using a phone number to find someone's name is similar to _____ DNS resolution.
The process of using a phone number to find someone's name is similar to _____ DNS resolution.
Signup and view all the answers
Match the following OS discovery techniques with their descriptions:
Match the following OS discovery techniques with their descriptions:
Signup and view all the answers
Which of the following is a disadvantage of passive banner grabbing?
Which of the following is a disadvantage of passive banner grabbing?
Signup and view all the answers
Active banner grabbing is more detailed than passive methods.
Active banner grabbing is more detailed than passive methods.
Signup and view all the answers
What is the common term for OS fingerprinting?
What is the common term for OS fingerprinting?
Signup and view all the answers
What is an advantage of using the hping3 command with IP spoofing?
What is an advantage of using the hping3 command with IP spoofing?
Signup and view all the answers
MAC address spoofing is effective even if the firewall doesn’t rely on MAC filtering.
MAC address spoofing is effective even if the firewall doesn’t rely on MAC filtering.
Signup and view all the answers
What command in Nmap can be used to randomize the order of hosts being scanned?
What command in Nmap can be used to randomize the order of hosts being scanned?
Signup and view all the answers
The attacker can send packets with __________ checksums to trick improperly configured firewalls.
The attacker can send packets with __________ checksums to trick improperly configured firewalls.
Signup and view all the answers
What is a disadvantage of using hping3 for IP spoofing?
What is a disadvantage of using hping3 for IP spoofing?
Signup and view all the answers
Randomizing host order increases the chances of detection by network monitoring systems.
Randomizing host order increases the chances of detection by network monitoring systems.
Signup and view all the answers
Match the following command options with their functions in Nmap:
Match the following command options with their functions in Nmap:
Signup and view all the answers
What is a potential disadvantage of sending packets with bad checksums?
What is a potential disadvantage of sending packets with bad checksums?
Signup and view all the answers
Study Notes
Host Discovery Techniques
- ARP Ping Scan - Sends ARP requests to find active devices on a network.
- UDP Ping Scan - Sends UDP packets to identify active hosts.
- ICMP Echo Ping Scan - Sends ICMP Echo requests to check for active systems.
- ICMP Echo Ping Sweep - Used to find active hosts on a network by sending ICMP Echo requests to multiple hosts.
- ICMP Timestamp Ping Scan - Sends ICMP Timestamp requests (useful when ICMP Echo is blocked).
- ICMP Address Mask Ping Scan - Sends ICMP Address Mask requests (effective when ICMP Echo is blocked).
- TCP SYN Ping Scan - Initiates TCP connection handshake (without establishing actual TCP connections).
- TCP ACK Ping Scan - Sends TCP ACK requests - This can bypass firewalls that block SYN scans.
SSDP and List Scan
- SSDP Scan - Uses Simple Service Discovery Protocol (SSDP) to discover Universal Plug and Play (UPnP) devices on a network.
- List Scan - Creates a list of IP addresses and hostnames without actively scanning or pinging them.
OS Discovery/Banner Grabbing
- Active Banner Grabbing - Uses crafted packets to analyze responses from a target system based on OS characteristics.
- Passive Banner Grabbing - Gathers information from network traffic and error messages without interacting with a target system.
Other Techniques
- MAC Address Spoofing - Changes a device's MAC address to impersonate a legitimate user on a network.
- Randomizing Host Order - Scans network hosts in a random order to avoid detection.
- Sending Bad Checksums - Sends packets with incorrect checksums.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Related Documents
Description
Explore various host discovery techniques such as ARP, UDP, and ICMP scans. In this quiz, test your knowledge on methods used to identify active devices on a network. Learn about the nuances of different scanning techniques and their applications for network discovery.