- (Topic 5)
What does the following command in netcat do? nc -l -u -p 55555 < /etc/passwd
Correct Answer:
C
-l forces netcat to listen for incoming connections.
-u tells netcat to use UDP instead of TCP
-p 5555 tells netcat to use port 5555
< /etc/passwd tells netcat to grab the /etc/passwd file when connected to.
- (Topic 23)
James is an IT security consultant as well as a certified ethical hacker. James has been asked to audit the network security of Yerta Manufacturing, a tool manufacturing company in Phoenix. James performs some initial external tests and then begins testing the security from inside the company's network.
James finds some big problems right away; a number of users that are working on Windows XP computers have saved their usernames and passwords used to connect to servers on the network. This way, those users do not have to type in their credentials every time they want access to a server. James tells the IT manager of Yerta Manufacturing about this, and the manager does not believe this is possible on Windows XP. To prove his point, James has a user logon to a computer and then James types in a command that brings up a window that says "Stored User Names and Passwords".
What command did James type in to get this window to come up?
Correct Answer:
B
The Stored User Names and Passwords applet lets you assign user names and passwords to use when needing to authenticate yourself
to services in domains other than the one you are currently logged into. The normal way of running this applet can be difficult to find quickly,
so here is a way to launch it using a desktop shortcut using the rundll32.exe program:
Click on START - RUN and type the following (follwed by ENTER): rundll32.exe keymgr.dll,KRShowKeyMgr
http://www.tweakxp.com/article37352.aspx
- (Topic 3)
Which of the following Nmap commands would be used to perform a stack fingerprinting?
Correct Answer:
A
This option activates remote host identification via TCP/IP fingerprinting. In other words, it uses a bunch of techniques to detect subtlety in the underlying operating system network stack of the computers you are scanning. It uses this information to create a "fingerprint" which it compares with its database of known OS fingerprints (the nmap-os- fingerprints file. to decide what type of system you are scanning.
- (Topic 3)
While attempting to discover the remote operating system on the target computer, you receive the following results from an nmap scan:
Starting nmap V. 3.10ALPHA9 ( www.insecure.org/nmap/
(The 1592 ports scanned but not shown below are in state: filtered) Port State Service
21/tcp open ftp 25/tcp open smtp 53/tcp closed domain 80/tcp open http 443/tcp open https
Remote operating system guess: Too many signatures match to reliably guess the OS.
Nmap run completed -- 1 IP address (1 host up) scanned in 277.483 seconds
What should be your next step to identify the OS?
Correct Answer:
D
Most people don’t care about changing the banners presented by applications listening to open ports and therefore you should get fairly accurate information when grabbing banners from open ports with, for example, a telnet application.
- (Topic 2)
How does Traceroute map the route that a packet travels from point A to point B?
Correct Answer:
C
Traceroute works by increasing the "time-to-live" value of each successive batch of packets sent. The first three packets have a time-to-live (TTL) value of one (implying that they make a single hop). The next three packets have a TTL value of 2, and so on. When a packet passes through a host, normally the host decrements the TTL value by one, and forwards the packet to the next host. When a packet with a TTL of one reaches a host, the host discards the packet and sends an ICMP time exceeded (type 11) packet to the sender. The traceroute utility uses these returning packets to produce a list of hosts that the packets have traversed en route to the destination.
