1) What command will help you to search files using Google as a search engine?
a. site: target.com filetype:xls username password email
b. inurl: target.com filename:xls username password email
c. domain: target.com archive:xls username password email
d. site: target.com file:xls username password email
Answer: a
Solution: The “site” operator is used to limit the results for a particular site. “filetype” parameter match only a specific file type such as PDF, DOC, XLS, PPT, and TXT. We can combine two or more search operator to narrow down our search results. The correct option is (a).
2) What type of OS fingerprinting technique sends specially crafted packets to the remote OS and analyzes the received response?
a. Passive
b. Distributive
c. Reflective
d. Active
Answer: d
Solution:
In active information gathering we gather information by directly communicating with the victim. The correct option is (d).
3) NMAP -sn 192.168.11.200-215
The NMAP command above performs which of the following?
a. A ping scan
b. A trace sweep
c. An operating system detect
d. A port scan
Answer: a
Solution:
-sn option tells nmap not to do a port scan after host discovery, and only print out the available hosts that responded to the scan. Thus, the above command will perform ping scan. The correct option is (a).
4) If you want to only scan fewer ports than the default scan using nmap tool, which option would you use
a. -r
b. -F
c. -sP
d. -p
Answer: d
Solution:
The -p option specifies customized port scan but you need to provide specific port number or port range. The correct option is (d).
5) Port scanning can be used as part of a technical assessment to determine network vulnerabilities. The TCP XMAS scan is used to identify listening ports on the targeted system. While doing a technical assessment to determine network vulnerabilities, you use the TCP XMAS scan. What would be the
response of all open ports?
a. The port will send an ACK
b. The port will send a SYN
c. The port will ignore the packets
d. The port will send an RST
Answer: c
Solution:
The TCP XMAS scan is used to identify listening ports on the targeted system. The open ports ignore the data packets. The correct option is (c).
