1) What results will the following command yield: ‘nmap -sS -O -p 123-153 192.168.100.3’?
a. A stealth scan, opening port 123 and 153
b. A stealth scan, checking open ports 123 to 153
c. A stealth scan, checking all open ports excluding ports 123 to 153
d. A stealth scan, determine operating system, and scanning ports 123 to 153
The -sS option is used for stealth scan. The -O option used for operating system scan and –p option used for port scan followed by the port range 123 to 153. The correct option is (d).
2) Which NMAP command combination would let a tester scan every TCP port from a class C network that is blocking ICMP with fingerprinting and service detection?
a. nmap -Pn -O -sS -p 1-1024 192.168.0/8
b. nmap -Pn -A -sS -p 1-65535 192.168.2.0/24
c. nmap -sI -Pn -p 0-65535 192.168.2.0/16
d. nmap -P0 -A -O -p 1-65535 192.168.2.0/24
The -p 1-65535 option indicates scanning of all ports. The -A option is used to fingerprint the OS on the host as well as the services being used. NMAP automatically pings which will result in a failed attempt to probe a system that is in a network that is blocking ICMP. The option “-Pn” (treat hosts as online, skipping host discovery) is used for a network that is blocking ICMP.
3) Which of the following tools will scan a network to perform vulnerability checks and compliance
NMAP is used for port scanning and sometimes for vulnerability assessment.
Metasploit is mainly used for penetration testing.
Nessus perform vulnerability checks and compliance auditing.
BeEF is used to compromise system using cross site scripting attack.
The correct option is (c).
4) The network administrator contacts you and tells you that she noticed the temperature on the internal wireless router increases by more than 20% during weekend hours when the office was closed. She asks you to investigate the issue because she is busy dealing with a big conference and she doesn’t have time to perform the task.
What tool can you use to view the network traffic being sent and received by the wireless router?
Wireshark is a Free and open source packet analyzer. It can be used to capture and analyze all the packets.
Nessus is an open-source network vulnerability scanner that uses the common vulnerabilities and exposures architecture for easy cross-linking between compliant security tools.
Netcat (often abbreviated to nc) is a computer networking utility for reading from and writing to network connections using TCP or UDP.
Netstat provides network statistics.
The correct option is (a).
5) The establishment of a TCP connection involves a negotiation called 3-way handshake. What type of
message the client sends to the server in order to begin this negotiation?
Step 1 (SYN): In the first step, client wants to establish a connection with server, so it sends a segment with SYN that informs server that client is likely to start communication and with what sequence number it starts the segments with.
Step 2 (SYN + ACK): Server responds to the client request with SYN-ACK signal bits set. Acknowledgement (ACK) signifies the response of segment it received and SYN signifies with what sequence number it is likely to start the segments with.
Step 3 (ACK): In the final part client acknowledges the response of server and they both establish a reliable connection with which they will start actual data transfer.