what is the next step to be performed after footprinting?
According to the CEH methodology, what is the next step to be performed after footprinting?
What does the following command accomplish?
NSLookup is a good tool to use to gain additional information about a target network. What does
the following command accomplish?
nslookup
> server <ipaddress>
> set type =any
> ls -d <target.com>
what port/service should you look for to attempt a zone transfer?
While footprinting a network, what port/service should you look for to attempt a zone transfer?
Which one would you suggest she looks in first?
Your lab partner is trying to find out more information about a competitors web site. The site has a
.com extension. She has decided to use some online whois tools and look in one of the regional
Internet registrys. Which one would you suggest she looks in first?
Which of these would be a cause for alarm?
Network Administrator Patricia is doing an audit of the network. Below are some of her findings
concerning DNS. Which of these would be a cause for alarm?
Select the best answer.
Which of the following could be the most likely cause behind this lack of response?
Doug is conducting a port scan of a target network. He knows that his client target network has a
web server and that there is a mail server also which is up and running. Doug has been sweeping
the network but has not been able to elicit any response from the remote target. Which of the
following could be the most likely cause behind this lack of response? Select 4.
What does the first and second column mean?
Exhibit
Joe Hacker runs the hping2 hacking tool to predict the target host’s sequence numbers in one of
the hacking session.
What does the first and second column mean? Select two.
What is the most likely cause behind this response?
While performing a ping sweep of a subnet you receive an ICMP reply of Code 3/Type 13 for all
the pings sent out.
What is the most likely cause behind this response?
What can you infer from the above log?
The following excerpt is taken from a honeyput log. The log captures activities across three days.
There are several intrusion attempts; however, a few are successful. Study the log given below
and answer the following question:
(Note: The objective of this questions is to test whether the student has learnt about passive OS
fingerprinting (which should tell them the OS from log captures): can they tell a SQL injection
attack signature; can they infer if a user ID has been created by an attacker and whether they can
read plain source – destination entries from log entries.)
What can you infer from the above log?
what phase is Bob involved with?
Bob has been hired to perform a penetration test on XYZ.com. He begins by looking at IP address
ranges owned by the company and details of domain name registration. He then goes to News
Groups and financial web sites to see if they are leaking any sensitive information of have any
technical details online.
Within the context of penetration testing methodology, what phase is Bob involved with?