IST-294 Ethical Hacking-Chapter 4 Footprinting and Social Engineering Flashcards

Textbook solutions

Students also studied

Study guides

Computer Networks 5th Edition by Andrew S. Tanenbaum

Computer Networks

5th Edition•ISBN: 9780133072624 (9 more)Andrew S. Tanenbaum

340 solutions

Practice questions for this set

View the company's Web site.
Look for company ads in phone directories.

Which of the following tools can assist you in finding general information about an organization and its employees? (Choose all that apply.)
www.google.com
http://groups.google.com
netcat
nmap

Which of the following is a fast and easy way to tướng gather information about a company? (Choose all that apply.)
Conduct port scanning.
Perform a zone transfer of the company's DNS server.
View the company's Web site.
Look for company ads in phone directories.

Shoulder surfers can use their skills to tướng find which of the following pieces of information? (Choose all that apply.)
Passwords
ATM PINs
Long-distance access codes
Open port numbers

A cookie can store information about a Web site's visitors. True or False?

View the company's Web site.
Look for company ads in phone directories.

To find information about the key IT personnel responsible for a company's tên miền, you might use which of the following tools? (Choose all that apply.)
Whois
Whatis
Domain Dossier
Nbtstat

_______is one of the components most vulnerable to tướng network attacks.
TCP/IP
WINS
DHCP
DNS

Which of the following contains host records for a domain?
DNS
WINS
Linux server
UNIX Web clients

Which of the following is a good Web site for gathering information on a domain?
www.google.com
www.namedroppers.com
http://centralops.net/co/
www.arin.net
All of the above

A cookie can store information about a Web site's visitors. True or False?

Which of the following enables you to tướng view all host computers on a network?
SOA
ipconfig
Zone transfers
HTTP HEAD method

What's one way to tướng gather information about a domain?
View the header of an e-mail you send to tướng an e-mail trương mục that doesn't exist.
Use the ipconfig command.
Use the ifconfig command.
Connect via Telnet to tướng TCP port 53.

View the header of an e-mail you send to tướng an e-mail trương mục that doesn't exist.

Which of the following is one method of gathering information about the operating systems a company is using?
Search the Web for e-mail addresses of IT employees.
Connect via Telnet to tướng the company's Web server.
Ping the URL and analyze ICMP messages.
Use the ipconfig /os command.

Search the Web for e-mail addresses of IT employees.

To determine a company's primary DNS server, you can look for a DNS server containing which of the following?
Cname record
Host record
PTR record
SOA record

SOA record

SOA means Start of Authority

When conducting competitive intelligence, which of the following is a good way to tướng determine the size of a company's IT tư vấn staff?
Review job postings on Web sites such as www.monster.com or www.dice.com.
Use the nslookup command.
Perform a zone transfer of the company's DNS server.
Use the host -t command.

Review job postings on Web sites such as www.monster.com or www.dice.com.

If you're trying to tướng find newsgroup postings by IT employees of a certain company, which of the following Web sites should you visit?
http://groups.google.com
www.google.com
www.samspade.com
www.arin.org

Which of the following tools can assist you in finding general information about an organization and its employees? (Choose all that apply.)
www.google.com
http://groups.google.com
netcat
nmap

www.google.com
http://groups.google.com

What's the first method a security tester should attempt to tướng find a password for a computer on the network?
Use a scanning tool.
Install a sniffer on the network.
Ask the user.
Install a password-cracking program.

Many social engineers begin gathering the information they need by using which of the following?
The Internet
The telephone
A company Intranet
E-mail