Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

TestOut Ethical Hacker Pro > 4.1.8 Practice Questions > Flashcards

4.1.8 Practice Questions Flashcards

1
Q

When a penetration tester starts gathering details about employees, vendors, business processes, and physical security, which phase of testing are they in?

answer

Covering tracks

Gaining access

Reconnaissance

Scanning

A

Reconnaissance

Explanation
During the reconnaissance phase, you gather information about a company. In addition to technical information, you’ll want to gather details about employees, vendors, business processes, and physical security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following elements of penetration testing includes the use of web surfing, social engineering, dumpster diving, and social networking?

answer

Information gathering techniques

Information types

Maintaining access

Permission and documentation

A

Information gathering techniques

Explanation
During the reconnaissance phase, you gather information by reading a company’s website, getting to know their employees, or dumpster diving.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

MinJu, a penetration tester, is testing a client’s security. She notices that every Wednesday, a few employees go to a nearby bar for happy hour. She goes to the bar and starts befriending one of the employees with the intention of learning the employee’s personal information. Which information gathering technique is MinJu using?

answer

Social engineering

Dumpster diving

Social networking

Web surfing

A

Social engineering

Explanation
Social engineering is an attempt to get to know a company’s employees or vendors. After-work social gatherings can provide important tidbits of information about an employee and about a company, especially its weaknesses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A penetration tester is trying to extract employee information during the reconnaissance phase. What kinds of data is the tester collecting about the employees?

answer

Geographical information, entry control systems, employee routines, and vendor traffic

Operating systems, applications, security policies, and network mapping

Intellectual property, critical business functions, and management hierarchy

Contact names, phone numbers, email addresses, fax numbers, and addresses

A

Contact names, phone numbers, email addresses, fax numbers, and addresses

Explanation
During the reconnaissance phase, you gather information about a company. For employee information, the penetration tester collects contact names, phone numbers, email addresses, fax numbers, and addresses for any individuals associated with the target company.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following is the difference between an ethical hacker and a criminal hacker?

answer

A criminal hacker is all-knowing, but an ethical hacker isn’t.

An ethical hacker is nice, clean, and polite, but a criminal hacker isn’t.

An ethical hacker has permission to hack a system, and a criminal hacker doesn’t have permission.

A criminal hacker is easily detected, but an ethical hacker isn’t.

A

An ethical hacker has permission to hack a system, and a criminal hacker doesn’t have permission.

Explanation
The difference between an ethical hacker and a criminal hacker is that an ethical hacker always obtains permission to hack a system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Whois, Nslookup, and ARIN are all examples of:

answer

IoT hacking tools

Network footprinting tools

Google hacking tools

Internet research tools

A

Network footprinting tools

Explanation
Website and email footprinting can provide details on information flow, operating systems, filenames, and network connections. Whois, nslookup, and ARIN are examples of footprinting tools.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Iggy, a penetration tester, is conducting a black box penetration test. He wants to do reconnaissance by gathering information about ownership, IP addresses, domain name, locations, and server types. Which of the following tools would be most helpful?

answer

ARIN

Nslookup

beSTORM

Whois

A

Whois

Explanation
Whois is a utility used to gain information about a target network. It can gather information about ownership, IP addresses, domain name, location, server type, and the date the site was created.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What does the Google Search operator allinurl:keywords do?

answer

Displays web sites similar to the one listed.

Shows results in pages that contain the keyword in the title.

Shows results in pages that contain all of the listed keywords.

Displays websites where directory browsing has been enabled.

A

Shows results in pages that contain all of the listed keywords.

Explanation
allinurl:keywords shows results in pages that contain all of the listed keywords.

index of /keyword displays websites where directory browsing has been enabled.

intitle:keyword shows results in pages that contain the keyword in the title.

related:website displays websites similar to the one listed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What’s the name of the open-source forensics tool that can be used to pull information from social media postings and find relationships between companies, people, email addresses, and other information?

answer

Echosec

Wayback Machine

Maltego

Google Earth

A

Maltego

Explanation
Maltego is an open-source forensics tool that can be used to pull information from social media postings and find relationships between companies, people, email addresses, and other information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Xavier is doing reconnaissance. He is gathering information about a company and its employees by going through their social media content. Xavier is using a tool that pulls information from social media postings that were made using location services. What is the name of this tool?

answer

Wayback Machine

Maltego

Echosec

Google Maps

A

Echosec

Explanation
Echosec is a tool that can be used to pull information from social media postings that were made using location services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

You are in the reconnaissance phase at the XYZ company. You want to use nmap to scan for open ports and use a parameter to scan the 1,000 most common ports. Which nmap command would you use?

answer

nmap -sV xyzcompany.com

nmap -sA xyzcompany.com

nmap -sT xyzcompany.com

nmap -sS xyzcompany.com

A

nmap -sS xyzcompany.com

Explanation
-sS TCP SYN port scan (default) scans the 1,000 most common ports.

-sV attempts to determine the version of the service running on port.

-sT TCP connects a port scan (default without root privilege).

-sA executes a TCP ACK port scan.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

You have found the IP address of a host to be 172.125.68.30. You want to see what other hosts are available on the network. Which of the following nmap commands would you enter to do a ping sweep?

answer

nmap -sn 172.125.68. 1-255

nmap -sM 172.125.68. 1-255

nmap -sS 172.125.68. 1-255

nmap -sU 172.125.68. 1-255

A

nmap -sn 172.125.68. 1-255

Explanation
The nmap -sn command is used to disable port scanning. The command nmap -sn 172.125.8. 1-225 will scan a range of ip addresses without listing the ports.

The nmap -sS command is used for a TCP SYN port scan (default).

The nmap -sU command is used for UDP port scans.

The nmap -sM command is used for TCP Maimon port scans.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

TestOut Ethical Hacker Pro (28 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions