1) Which of the following provide complete set of tools for vulnerability assessment?
A. Nexpose
B. Nessus
C. Pentest
D. All of these
Answer: A, B
Solution: Nexpose is a popular vulnerability assessment tool that aims to support the entire vulnerability management lifecycle, including discovery, detection, verification, risk classification, impact analysis, reporting and mitigation.
Nessus is an open-source vulnerability scanner that uses the Common Vulnerabilities and Exposures architecture for easy cross-linking between compliant security tools. Nessus employs the Nessus Attack
Scripting Language (NASL), a simple language that describes individual threats and potential attacks.
2) Which of the following can be performed using the NMAP tool?
A. Identify open ports on a target system
B. Identify the operating system that is running on a target system
C. Identify the hosts available in a network
D. All of these
Answer: D
Solution: Nmap uses raw IP packets to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.
3) Which of the following can be used to bypass firewalls and router security restrictions?
A. Reverse TCP Connection
B. Bind TCP Connection
C. Gaining Elevated Access
D. None of these
Answer: A
Solution: In a normal forward TCP connection, a client connects to a server through the server’s open port, but in the case of a reverse connection, the client opens the port that the server connects to. The most common way a reverse connection is used is to bypass firewall and router security restrictions. The correct option is (A).
4) What is the purpose of the MSFcli tool available in Metasploit?
A. It provides a command line interface for Metasploit
B. It is used to create the encrypted backdoor which helps to bypass antivirus software
C. It is used to generate all of the various types of shellcodes available in Metasploit
D. None of these
Answer: A
Solution: It provides a command line interface for Metasploit.
5) An ethical hacker is using the Metasploit tool to exploit an FTP server and pivot to a LAN. Which of the following is a feasible approach?
A. Issue the pivot exploit and set the meterpreter.
B. Reconfigure the network settings in the meterpreter.
C. Set the payload to propagate through the meterpreter.
D. Create a route statement in the meterpreter.
Answer: D
Solution: Pivoting is the unique technique of using an instance to be able to move around inside a network. It first compromise to allow and even aid in the compromise of other inaccessible systems. In this scenario we will be using it for routing traffic from a normally non-routable network.
