1) Which of the following open source tools would be the best choice to scan a network for potential targets?
d. John the Ripper
Solution: NMAP is a port scanning tool and can be used to scan a network for potential targets. NIKTO is a web site vulnerability scanner that carries out multiple tests on web servers. CAIN is a password recovery tool. John the Ripper is a password cracking tool. The correct option is (a).
2) Which Nmap option would you use if you were not concerned about being detected and wanted to perform a very fast scan?
Solution: -T0 to -T5 time templates can be used for this purpose, where the scan time can vary from slow and stealthy to fast and detectable. The correct option is (c).
3) A hacker is attempting to see which IP addresses are currently active on a network. Which NMAP switch would the hacker use?
–sO option is used for IP Protocol Scan
–sP option is used for Ping scan
–sS option is used for Stealth scan
–sU option is used for UDP scan
The currently active IP addresses can be found out using ping scan. The correct option is (b).
4) You are attempting to run an NMAP port scan on a web server. Which of the following commands would result in a scan of common ports with the least amount of noise in order to evade IDS?
a. Nmap -sT -O -T0
b. Nmap –sU –O –T5
c. Nmap –sP –O –T5
d. Nmap –sT –O –T4
T0 create least noise and sT means TCP connect scan. The correct option is (a).
5) What would you enter if you wanted to perform a stealth scan using Nmap?
a. Nmap -sU
b. Nmap –sS
c. Nmap –sT
d. Nmap -sA
The -sS option is used for stealth scan. The correct option is (b).