CMIT312 - Quiz 1

________________ is the process of identifying the services running on a target system.

The Traceroute utility initially sends a packet with a TTL value of ___ to a targeted host.

_______________ is a spoofing technique that allows an attacker to choose the path a packet will take through the Internet.

Attackers can use an ACK scan to learn the type of firewall or firewall rule sets that might be guarding a target system. Based on the packet information below, which port is considered to be filtered? Packet 1: Attackers can use an ACK scan to learn the type of firewall or firewall rule sets that might be guarding a target system. Based on the packet information below, which port is considered to be filtered?

Which one of these attacks is considered an active attack?

If you want to perform active banner grabbing on a target web server, which of the following tools would be most suitable?

What is the most important difference between an ethical hacker and an unethical hacker?

Which port scanning method is considered the most reliable in terms of accurately reporting port status on a target system?

An attacker is interested in discovering ports that might be open on a target system. The attacker decides to port scan the IP address of the system but also wants to make the scan as stealthy as possible. Which of the following techniques would be the best choice in this scenario?

A(n) _______________ occurs when a software developer uses code licensed from other sources or uses free libraries and doesn’t change or modify the code to make it more secure. This code is often used in multiple applications.

Which of the following correctly identifies the three-way-handshake process?

During the FootPrinting process, where is the best place to find information about a target organization’s software, hardware, and network-related information?

Although it can be difficult, what is one way that IP spoofing can be detected?

You have been hired to perform a black-box test for a client. How much information will you be able to get from the client before commencing this test?

An attacker delivers a SYN packet to a target system and receives a SYN/ACK from a listening port. The attacker responds with an RST packet to avoid completing the three-way handshake. Which of following scanning methods is the attacker using?

Once an attacker gains access to a target system, he will attempt to _____________ in order to continue exploiting the system

Once an attacker has successfully compromised a target system, she will take one last step to avoid legal trouble while maintaining access. This phase of the attack is called ___________________.

Passive fingerprinting uses captured packets to determine the type of operating system running on a target system. If the TTL value contained in a packet sent from a target system is 48, what type of operating system might be running on the system, and how many hops did the original packet take to reach the target?

Identify the correct syntax command you would use to perform a SYN scan using the Nmap port scanning tool.

Which type of information cannot be found in a resource record (RR)?