Podcast
Questions and Answers
What is the primary purpose of the Metasploit Framework?
What is the primary purpose of the Metasploit Framework?
- Scanning network performance
- Creating web applications
- Penetration testing and exploiting vulnerabilities (correct)
- Managing databases
NetScanTools Pro can only discover IPv4 addresses.
NetScanTools Pro can only discover IPv4 addresses.
False (B)
Which tool is used to perform a UDP scan on port 53?
Which tool is used to perform a UDP scan on port 53?
hping3
The tool __________ provides packet-level network analysis for troubleshooting.
The tool __________ provides packet-level network analysis for troubleshooting.
Match the following tools with their descriptions:
Match the following tools with their descriptions:
Which tool is a high-performance scanner aimed at large-scale network audits?
Which tool is a high-performance scanner aimed at large-scale network audits?
Mobile device scanning tools can perform port scanning.
Mobile device scanning tools can perform port scanning.
List one capability of the Metasploit Framework.
List one capability of the Metasploit Framework.
Which technique uses ARP requests to discover active devices?
Which technique uses ARP requests to discover active devices?
ICMP Echo Ping Scan is ineffective for identifying active systems.
ICMP Echo Ping Scan is ineffective for identifying active systems.
What command is used for a UDP Ping Scan?
What command is used for a UDP Ping Scan?
The technique that sends TCP requests to initiate a 3-way handshake is called ______.
The technique that sends TCP requests to initiate a 3-way handshake is called ______.
What response indicates that a host is inactive when using an ICMP Timestamp Ping Scan?
What response indicates that a host is inactive when using an ICMP Timestamp Ping Scan?
Match the following scanning techniques with their respective commands:
Match the following scanning techniques with their respective commands:
The TCP ACK Ping Scan creates actual connections.
The TCP ACK Ping Scan creates actual connections.
What is the purpose of sending ICMP Address Mask requests?
What is the purpose of sending ICMP Address Mask requests?
What does SSDP stand for?
What does SSDP stand for?
A List Scan actively scans services and ports on a network.
A List Scan actively scans services and ports on a network.
What is one primary advantage of using SSDP scans?
What is one primary advantage of using SSDP scans?
SSDP uses multicast over _____ and _____ to communicate.
SSDP uses multicast over _____ and _____ to communicate.
What vulnerability can SSDP scans expose?
What vulnerability can SSDP scans expose?
List Scans utilize reverse DNS resolution to identify hostnames.
List Scans utilize reverse DNS resolution to identify hostnames.
Name one disadvantage of using List Scans.
Name one disadvantage of using List Scans.
Match the scanning technique with its feature:
Match the scanning technique with its feature:
What type of attack can exploit vulnerabilities in UPnP?
What type of attack can exploit vulnerabilities in UPnP?
Active banner grabbing is a stealthy method of gathering OS information.
Active banner grabbing is a stealthy method of gathering OS information.
What is the main purpose of a List Scan?
What is the main purpose of a List Scan?
The process of using a phone number to find someone's name is similar to _____ DNS resolution.
The process of using a phone number to find someone's name is similar to _____ DNS resolution.
Match the following OS discovery techniques with their descriptions:
Match the following OS discovery techniques with their descriptions:
Which of the following is a disadvantage of passive banner grabbing?
Which of the following is a disadvantage of passive banner grabbing?
Active banner grabbing is more detailed than passive methods.
Active banner grabbing is more detailed than passive methods.
What is the common term for OS fingerprinting?
What is the common term for OS fingerprinting?
What is an advantage of using the hping3 command with IP spoofing?
What is an advantage of using the hping3 command with IP spoofing?
MAC address spoofing is effective even if the firewall doesn’t rely on MAC filtering.
MAC address spoofing is effective even if the firewall doesn’t rely on MAC filtering.
What command in Nmap can be used to randomize the order of hosts being scanned?
What command in Nmap can be used to randomize the order of hosts being scanned?
The attacker can send packets with __________ checksums to trick improperly configured firewalls.
The attacker can send packets with __________ checksums to trick improperly configured firewalls.
What is a disadvantage of using hping3 for IP spoofing?
What is a disadvantage of using hping3 for IP spoofing?
Randomizing host order increases the chances of detection by network monitoring systems.
Randomizing host order increases the chances of detection by network monitoring systems.
Match the following command options with their functions in Nmap:
Match the following command options with their functions in Nmap:
What is a potential disadvantage of sending packets with bad checksums?
What is a potential disadvantage of sending packets with bad checksums?
Study Notes
Host Discovery Techniques
- ARP Ping Scan - Sends ARP requests to find active devices on a network.
- UDP Ping Scan - Sends UDP packets to identify active hosts.
- ICMP Echo Ping Scan - Sends ICMP Echo requests to check for active systems.
- ICMP Echo Ping Sweep - Used to find active hosts on a network by sending ICMP Echo requests to multiple hosts.
- ICMP Timestamp Ping Scan - Sends ICMP Timestamp requests (useful when ICMP Echo is blocked).
- ICMP Address Mask Ping Scan - Sends ICMP Address Mask requests (effective when ICMP Echo is blocked).
- TCP SYN Ping Scan - Initiates TCP connection handshake (without establishing actual TCP connections).
- TCP ACK Ping Scan - Sends TCP ACK requests - This can bypass firewalls that block SYN scans.
SSDP and List Scan
- SSDP Scan - Uses Simple Service Discovery Protocol (SSDP) to discover Universal Plug and Play (UPnP) devices on a network.
- List Scan - Creates a list of IP addresses and hostnames without actively scanning or pinging them.
OS Discovery/Banner Grabbing
- Active Banner Grabbing - Uses crafted packets to analyze responses from a target system based on OS characteristics.
- Passive Banner Grabbing - Gathers information from network traffic and error messages without interacting with a target system.
Other Techniques
- MAC Address Spoofing - Changes a device's MAC address to impersonate a legitimate user on a network.
- Randomizing Host Order - Scans network hosts in a random order to avoid detection.
- Sending Bad Checksums - Sends packets with incorrect checksums.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Related Documents
Description
Explore various host discovery techniques such as ARP, UDP, and ICMP scans. In this quiz, test your knowledge on methods used to identify active devices on a network. Learn about the nuances of different scanning techniques and their applications for network discovery.
