Test Bank For Computer Security and Penetration Testing 2e Alfred Basta Nadine Basta Mary Brown

Chapter 3 True/False Indicate whether the statement is true or false. 1. Scanners were originally developed to aid security professionals and system administrators in examining networks for security vulnerabilities. ANS:T PTS: 1 REF: 45 2. In the early 1980s, the majority of servers ran on Windows platforms. ANS: F PTS: 1 REF: 47 3. A user needs root privileges to perform TCP connect scanning. ANS:F PTS: 1 REF: 48 4. Nessus is a remote security scanner designed to be run on Linux, BSD, Solaris, and other versions of UNIX. ANS: T PTS: 1 REF: 50 5. SARA was designed to complement and interface with other security tools, such as Nmap. ANS: T PTS: 1 REF: 62 Multiple Choice Identify the choice that best completes the statement or answers the question. 1. ____, the precursor to the Internet, appeared in ____. a. UNIX, 1975 c. TCP, 1986 d. UDP, 1993 REF: 46 b. ARPANET, 1969 ANS: B PTS: 1 2. A ____ is a script that tells the modem to dial a range of phone numbers defined by the user, and then identifies those numbers that connect to remote computers. a. modem b. firewall ANS: D PTS: 1 c. router d. war dialer REF: 47 3. In ____, the target host transmits connection-succeeded messages for active ports and host-unreachable messages for inactive ports. a. UDP scanning c. TCP connect scanning b. ping scanning d. IP protocol scanning ANS: C PTS: 1 REF: 48 4. A(n) ____ scan demonstrates whether a remote host is active by sending ICMP echo request packets to that host. c. UDP c. SAINT d. SARA a. IP protocol b. ping ANS: B d. TCP connect REF: 49 PTS: 1 5. ____ is a third-generation network security analysis tool developed by Advanced Research Corporation a. Cheops b. Strobe ANS: D Completion Complete each statement. PTS: 1 REF: 62 1. A(n) ____________________ is a software tool that examines and reports about vulnerabilities on local and remote hosts. ANS: scanner PTS:1REF: 45 2. A(n) ____________________ examines and reports upon the condition (open or closed) of a port as well as the application listening on that port, if possible. ANS: port scanner PTS:1REF: 45 3. ____________________ scanning is TCP connection scanning, but it does not complete the connections. ANS: Half-open PTS:1REF: 48 4. NmapFE is an nmap graphic interface for the ____________________ Linux Desktop. ANS: GNOME PTS:1REF: 59 5. ____________________ was developed by Alexandre Sagala and is a GUI for Nmap, to be used with the KDE desktop environment. ANS: KNmap PTS:1REF: 62 Short Answer 1. How do scanners work? ANS: Scanners automate the process of examining network weaknesses. Scanners are not heuristic; they do not discover new vulnerabilities but check for known vulnerabilities and open ports. A scanner performs these functions: * Connects to a target host(s) * Examines the target host for the services running on it * Examines each service for any known vulnerability Scanners can be set to target either a single IP address,and search for vulnerabilities on the target host, or a range of IP addresses. In either mode, the scanner attempts to connect with the target (or targets) to find open ports and possible vulnerabilities present on the target host(s). PTS:1REF: 47 2. What are the most important types of scanning? ANS: The most important types of scanning are the following: * Transmission Control Protocol (TCP) connect scanning * Half-open scanning * User Datagram Protocol (UDP) scanning * IP protocol scanning * Ping scanning * Stealth scanning PTS: 1 REF: 47-48 3. How does IP protocol scanning work? ANS: IP protocol scanning examines a target host for supported IP protocols. In this method, the scanner transmits IP packets to each protocol on the target host. If a protocol on the target host replies with an ICMP unreachable message to the scanner, then the target host does not use that protocol. If there is no reply, then the hacker assumes that the target host supports that protocol. Unfortunately for the hacker, firewalls and computers that run operating systems such as Digital UNIX (now replaced with Compaq Tru64 Operating System) and HP-UX do not send any ICMP unreachable messages. Consequently, the IP protocols supported by such hosts cannot be determined by using IP protocol scanning. Fortunately for the script kiddie population, the number of Digital UNIX,Tru64, and HP-UX servers is relatively small. PTS:1REF: 49 4. What are some of the most popular scanner tools? ANS: Although the earliest scanners were based on UNIX platforms, they are currently available for Windows and Macintosh platforms. Some popular scanners that can be easily found are: * Nessus * Network Mapper (Nmap) * Security Auditor’s Research Assistant (SARA) * Security Administrator’s Integrated Network Tool (SAINT) * Strobe * Cheops PTS:1REF: 50 5. Briefly describe the main characteristics of Cheops. ANS: Cheops, a port scanner for Linux operating systems, was developed for the GNOME interface by using the GTK+ kit. The most important differentiating feature of Cheops is its graphical nature. This application uses a dramatically large percentage of cpu cycles and slows all other applications to a crawl, which probably has something to do with the complexity of its graphical interface. This is a popular application, but Nessus and Nmap do more useful work without this beautiful GUI. This program can be downloaded from ftp:// PTS: 1 REF: 63