Lecture 5: 1st October 2019 Flashcards

Pentesting: Info gathering

1
Q

What are the first 3 phases of pentesting?

A

footprinting, scanning, and enumeration.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is footprinting aka?

A

Information gathering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are some tools you can use for footprinting?

A

web archive, search engines, NSLookup, whois, social engineering, census/electoral records, etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What does nmap do?

A

scans target systems to find their architecture

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How can you detect sniffing?

A

analyze incoming IP connections; many from one IP address are likely to be scanning/sniffing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Why would you want to telnet or SSH into an open port?

A

You can take root access and manipulate the remote host to accomplish your malicious goals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does dig do?

A

Looks up DNS records for a specified domain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What does NSLookup do?

A

Looks up DNS records for a specified domain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What info can be gathered when footprinting?

A

Contact info, file links, source code, news or press releases, physical locations and bus routes or transport services, personal info, etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are some resources which you can use for footprinting?

A

nmap, ping, host, dig, nslookup, google, Wikipedia, google maps, dsniff, shodan, census sites, web archive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is footprinting?

A

Using system calls or simple tools to find out very basic information about users or systems. This is an information-gathering phase for both pentesters and hackers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is scanning?

A

Using automated programs to discover more about the architecture of the target’s systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is enumeration?

A

The process of extracting user names, machine names, network resources, shares and services from a system, using an active connection, in order to find vulnerabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is IP sniffing?

A

The interception and reading of IP packets on a network by a malicious third party.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly