Exam 5: Port Scanning

To verify if all the IP addresses of a network are being used by computers that are up and running, you can use a port scanner to ____________________ the range of IP addresses.

____ is a reasonably priced commercial port scanner with a GUI interface.

What is a UDP scan?

The ____ tool was originally written for Phrack magazine in 1997 by Fyodor.

Port scanning is a method of finding out which services a host computer offers.

The ____ vi command deletes the current line.

MATCHING Match each term with the correct statement below. -in this type of scan, the FIN, PSH, and URG flags are set

MATCHING Match each term with the correct statement below. -does not allow entry or access to a service

____ is currently the standard port-scanning tool for security professionals.

MATCHING Match each term with the correct statement below. -might indicate that a firewall is being used

In an ACK scan, if the attacked port returns an RST packet the attacked port is considered to be "____".

Why is it important for you as a security tester to understand and be able to create scripts?

Which ports should security professionals scan when doing a test? Why?

What makes the ____________________ tool unique is the ability to update security check plug-ins when they become available.

MATCHING Match each term with the correct statement below. -operates on ports 65301, 22, 5631, and 5632

MATCHING Match each term with the correct statement below. -TCP scan with all the packet flags are turned off

An OpenVAS____________________ is a security test program (script) that can be selected from the client interface.

A closed port responds to a SYN scan with an RST packet, so if no packet is received, the best guess is that the port is open.

Many security testers use the ____ tool to bypass filtering devices by injecting modified IP packets.

____ was developed to assist security testers in conducting tests on large networks and to consolidate many of the tools needed for large-scale endeavors.