1) Which of the following is not an information source over the internet for target attackers?
d. Archive sites
Solution: Information is available for free from some sites and databases residing on the Internet. These services and sites are – Whois, Nslookup, Archive Sites, open-source software sites, etc. Whois data base lookup allows us to access information about the target including Registration Detail, IP address, contact information containing the address, Email ID, phone number. It also displays domain owner and domain registrar. Nslookup allows us to obtain IP address(es) corresponding to domain names. It is very easy to get a complete history of any website using the archive site http://www.archive.org YouTube is just a video streaming platform, and not an information source. The correct option is (b).
2) Which of the following is not a spot from where attackers seek information?
a. Domain name
b. IP address
c. System enumeration
d. Document files
Solution: Internet is a common medium for gathering information through various means such as from Domain name, IP address of the target user, enumeration of victim’s system, IDEs running, TCP & UDP services, etc. Document files do not reveal useful information to the attacker. The correct option is (d).
3) https://archive.org is a popular site where one can enter a domain name in its search box for finding out how the site was looking at a given date.
Solution: https://archive.org is a popular archive site where one can enter a domain name in its search box for finding out how the site was looking at a given date. It stores all the details about the look and working of the site, even when the site got updated. The correct option is (a).
4) Which one of the following Google advanced search operators allows an attacker to restrict the results to those websites in the given domain?
The “site” operator is used to limit the results to websites that belong to a given domain. The correct
option is (a).
5) Which results will be returned with the following Google search query?
Site:target.com -site:Marketing.target.com accounting
a. Results for matches on the site “Marketing.target.com” that are in the domain “target.com” but do not include the word “accounting”
b. Results for matches on “target.com” and “Marketing.target.com” that include the word “accounting”
c. Results matching “accounting” in domain “target.com” but not on the site “Marketing.target.com”
d. Results matching all words in the query
The “site” operator is used to limit the results for a particular site/domain. When we use “–site:sitename” it excludes the result from site that has been mentioned with “–site”. In Google, to search websites that contains a particular word we just need to write related word. Thus the given search query will result the websites matching “accounting” in domain “target.com” but not on the site “Marketing.target.com” The correct option is (c).