- (Topic 19)
What do you conclude from the nmap results below?
Staring nmap V. 3.10ALPHA0 (www.insecure.org/map/)
(The 1592 ports scanned but not shown below are in state: closed) PortStateService
21/tcpopenftp 25/tcpopensmtp 80/tcpopenhttp 443/tcpopenhttps
Remote operating system guess: Too many signatures match the reliability guess the OS. Nmap run completed – 1 IP address (1 host up) scanned in 91.66 seconds
Correct Answer:B
There is no reports of any ports being filtered.
- (Topic 4)
SNMP is a connectionless protocol that uses UDP instead of TCP packets? (True or False)
Correct Answer:A
TCP and UDP provide transport services. But UDP was preferred. This is due to TCP characteristics, it is a complicate protocol and it consume to many memory and CPU resources. Where as UDP is easy to build and run. Into devices (repeaters and modems) vendors have built simple version of IP and UDP.
- (Topic 15)
Derek has stumbled upon a wireless network and wants to assess its security. However, he does not find enough traffic for a good capture. He intends to use AirSnort on the captured traffic to crack the WEP key and does not know the IP address range or the AP. How can he generate traffic on the network so that he can capture enough packets to crack the WEP key?
Correct Answer:D
By forcing the network to answer to a lot of ICMP messages you can gather enough packets to crack the WEP key.
- (Topic 3)
Bob has been hired to perform a penetration test on ABC.com. He begins by looking at IP address ranges owned by the company and details of domain name registration. He then goes to News Groups and financial web sites to see if they are leaking any sensitive information of have any technical details online.
Within the context of penetration testing methodology, what phase is Bob involved with?
Correct Answer:A
He is gathering information and as long as he doesn’t make contact with any of the targets systems he is considered gathering this information in a passive mode.
- (Topic 23)
Theresa is the chief information security officer for her company, a large shipping company based out of New York City. In the past, Theresa and her IT employees manually checked the status of client computers on the network to see if they had the most recent Microsoft updates. Now that the company has added over 100 more clients to accommodate new departments, Theresa must find some kind of tool to see whether the clients are up-to-date or not. Theresa decides to use Qfecheck to monitor all client computers. When Theresa runs the tool, she is repeatedly told that the software does not have the proper permissions to scan. Theresa is worried that the operating system hardening that she performs on all clients is keeping the software from scanning the necessary registry keys on the client computers.
What registry key permission should Theresa check to ensure that Qfecheck runs properly?
Correct Answer:B
Qfecheck check the registry HKLM\Software\Microsoft\Updates