Chat with AI
Deck 4: Footprinting and Social Engineering
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/48
Play
Full screen (f)
Deck 4: Footprinting and Social Engineering
1
Which HTTP method starts a remote Application-layer loopback of the request message?
A) TRACE
B) PUT
C) GET
D) HEAD
A) TRACE
B) PUT
C) GET
D) HEAD
A
2
The HTTP CONNECT method starts a remote application-layer loopback of the request message.
False
3
Wget is a *nix system command that can be used to retrieve HTTP,HTTPS,and FTP files over the Internet.
True
4
What is the HTTP method that retrieves data by URI?
A) GET
B) PUT
C) CONNECT
D) HEAD
A) GET
B) PUT
C) CONNECT
D) HEAD
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
5
Which process enables you to see all the host computers on a network and basically give you a diagram of an organization's network?
A) Web bugs
B) footprints
C) zone transfers
D) namedroppers
A) Web bugs
B) footprints
C) zone transfers
D) namedroppers
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
6
What HTTP method is the same as the GET method,but retrieves only the header information of an HTML document,not the document body?
A) CONNECT
B) PUT
C) POST
D) HEAD
A) CONNECT
B) PUT
C) POST
D) HEAD
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
7
When an individual attempts to discover as much information legally possible about their competition,what information gathering technique are they performing?
A) competitive study
B) packet study
C) basic information
D) competitive intelligence
A) competitive study
B) packet study
C) basic information
D) competitive intelligence
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
8
Which utility can extract meta-data and documents on a Website to reveal the document creator's network login,e-mail address,IP address,and other important information?
A) Samba
B) Bugnosis
C) SamSpade
D) FOCA
A) Samba
B) Bugnosis
C) SamSpade
D) FOCA
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
9
Which HTTP method requests that the entity is stored under the Request-URI?
A) GET
B) PUT
C) POST
D) HEAD
A) GET
B) PUT
C) POST
D) HEAD
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
10
What area of a network is a major area of potential vulnerability because of the use of URLs?
A) DNS
B) SOA
C) DHCP
D) POST
A) DNS
B) SOA
C) DHCP
D) POST
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
11
Namedroppers is a tool that can be used to capture Web server information and vulnerabilities in a Web site's pages that could allow exploits such as SQL injection and buffer overflows.
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
12
Network attacks can often begin by gathering information from a company's Web site.
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
13
Walking is an automated way to discover pages of a Web site by following links.
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
14
Which HTTP error informs you the server understands the request but refuses to comply?
A) 401 Unauthorized
B) 404 Not Found
C) 403 Forbidden
D) 409 Conflict
A) 401 Unauthorized
B) 404 Not Found
C) 403 Forbidden
D) 409 Conflict
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
15
Which tool can be used to gather competitive intelligence from Web sites?
A) Whois
B) Netcat
C) Metis
D) Dig
A) Whois
B) Netcat
C) Metis
D) Dig
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
16
What tool can be used to read and write data to ports over a network?
A) Whois
B) Netcat
C) Metis
D) Dig
A) Whois
B) Netcat
C) Metis
D) Dig
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
17
What utility can be used to intercept detailed information from a company's Web site?
A) JavaAttack
B) Zed Attack Proxy
C) Trace
D) WebAnalysis
A) JavaAttack
B) Zed Attack Proxy
C) Trace
D) WebAnalysis
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
18
Which utility is used to gather IP and domain information?
A) Whois
B) Netcat
C) Metis
D) Dig
A) Whois
B) Netcat
C) Metis
D) Dig
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
19
To see additional parameters that can be used with the Netcat command,what should you type at the command prompt?
A) nc -lookup
B) nc -z
C) nc -h
D) nc -up
A) nc -lookup
B) nc -z
C) nc -h
D) nc -up
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
20
What is the passive process of finding information on a company's network called?
A) footprinting
B) searching
C) calling
D) digging
A) footprinting
B) searching
C) calling
D) digging
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
21
Explain why a simple process like "dumpster diving" can be so effective when gathering information utilizing social engineering?
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
22
How can a computer criminal use HTTP methods before running an exploit on a server?
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
23
How can computer criminals use the Whois utility for their purposes?
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
24
How can DNS be used for footprinting?
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
25
Which HTTP method is used with a proxy that can dynamically switch to a tunnel connection,such as Secure Socket Layer (SSL)?
A) HEAD
B) CONNECT
C) PUT
D) GET
A) HEAD
B) CONNECT
C) PUT
D) GET
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
26
Which technique can be used to read PINs entered at ATMs or at other areas when a pin code is entered?
A) shoulder surfing
B) footprinting
C) zone transferring
D) piggybacking
A) shoulder surfing
B) footprinting
C) zone transferring
D) piggybacking
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
27
Match each item with a statement below.a.HTTP 400 Bad Request
b.HTTP 403 Forbidden
c.HTTP 404 Not Found
d.HTTP 405 Method Not Allowed
e.HTTP 408 Request Timeout
f.HTTP 500 Internal Server Error
g.HTTP 502 Bad Gateway
h.HTTP 503 Service Unavailable
i.HTTP 504 Gateway Timeout
j.HTTP 409 Conflict
Server understands the request but refuses to comply
b.HTTP 403 Forbidden
c.HTTP 404 Not Found
d.HTTP 405 Method Not Allowed
e.HTTP 408 Request Timeout
f.HTTP 500 Internal Server Error
g.HTTP 502 Bad Gateway
h.HTTP 503 Service Unavailable
i.HTTP 504 Gateway Timeout
j.HTTP 409 Conflict
Server understands the request but refuses to comply
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
28
What type of information is usually gathered by social engineering?
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
29
When an attacker chooses to combine social engineering with exploiting vulnerabilities carried out by e-mail,what type of attack is being performed?
A) spear phishing
B) email surfing
C) personal
D) email phishing
A) spear phishing
B) email surfing
C) personal
D) email phishing
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
30
What is "competitive intelligence"?
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
31
Match each item with a statement below.a.HTTP 400 Bad Request
b.HTTP 403 Forbidden
c.HTTP 404 Not Found
d.HTTP 405 Method Not Allowed
e.HTTP 408 Request Timeout
f.HTTP 500 Internal Server Error
g.HTTP 502 Bad Gateway
h.HTTP 503 Service Unavailable
i.HTTP 504 Gateway Timeout
j.HTTP 409 Conflict
Request not understood by server
b.HTTP 403 Forbidden
c.HTTP 404 Not Found
d.HTTP 405 Method Not Allowed
e.HTTP 408 Request Timeout
f.HTTP 500 Internal Server Error
g.HTTP 502 Bad Gateway
h.HTTP 503 Service Unavailable
i.HTTP 504 Gateway Timeout
j.HTTP 409 Conflict
Request not understood by server
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
32
List at least five tools available for footprinting.
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
33
What social engineering tactic can be utilized to acquire old notes that may contain written passwords or other items that document important information?
A) shoulder-surfing
B) dumpster diving
C) piggybacking
D) desk surfing
A) shoulder-surfing
B) dumpster diving
C) piggybacking
D) desk surfing
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
34
What tactic is being used when an attacker trailing closely behind an employee enters a restricted area without any security credentials by utilizing their proximity to another employee with security clearance?
A) Shoulder surfing
B) Footprinting
C) Piggybacking
D) Dumpster diving
A) Shoulder surfing
B) Footprinting
C) Piggybacking
D) Dumpster diving
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
35
Which process utilizes the knowledge of human nature to get information from people to use for executing an attack on a computer network?
A) fingerprinting
B) footprinting
C) zone transferring
D) social engineering
A) fingerprinting
B) footprinting
C) zone transferring
D) social engineering
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
36
Explain the process of "footprinting," and why it is important to a security professional?
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
37
Which of the following is a text file generated by a Web server and stored on a user's browser?
A) index
B) cookie
C) server index
D) web file
A) index
B) cookie
C) server index
D) web file
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
38
What type of general commands allow a security tester to pull information from a Web server using a web browser?
A) TFTP
B) DNS
C) HTTP
D) ARP
A) TFTP
B) DNS
C) HTTP
D) ARP
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
39
Which type of social engineering attack attempts to discover personal information through the use of email?
A) email surfing
B) footprinting
C) spamming
D) phishing
A) email surfing
B) footprinting
C) spamming
D) phishing
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
40
List and explain the five techniques used by social engineers in their attempts to gain information from unsuspecting people.
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
41
Match each item with a statement below.a.HTTP 400 Bad Request
b.HTTP 403 Forbidden
c.HTTP 404 Not Found
d.HTTP 405 Method Not Allowed
e.HTTP 408 Request Timeout
f.HTTP 500 Internal Server Error
g.HTTP 502 Bad Gateway
h.HTTP 503 Service Unavailable
i.HTTP 504 Gateway Timeout
j.HTTP 409 Conflict
Request couldn't be fulfilled by the server
b.HTTP 403 Forbidden
c.HTTP 404 Not Found
d.HTTP 405 Method Not Allowed
e.HTTP 408 Request Timeout
f.HTTP 500 Internal Server Error
g.HTTP 502 Bad Gateway
h.HTTP 503 Service Unavailable
i.HTTP 504 Gateway Timeout
j.HTTP 409 Conflict
Request couldn't be fulfilled by the server
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
42
Match each item with a statement below.a.HTTP 400 Bad Request
b.HTTP 403 Forbidden
c.HTTP 404 Not Found
d.HTTP 405 Method Not Allowed
e.HTTP 408 Request Timeout
f.HTTP 500 Internal Server Error
g.HTTP 502 Bad Gateway
h.HTTP 503 Service Unavailable
i.HTTP 504 Gateway Timeout
j.HTTP 409 Conflict
Server didn't receive a timely response
b.HTTP 403 Forbidden
c.HTTP 404 Not Found
d.HTTP 405 Method Not Allowed
e.HTTP 408 Request Timeout
f.HTTP 500 Internal Server Error
g.HTTP 502 Bad Gateway
h.HTTP 503 Service Unavailable
i.HTTP 504 Gateway Timeout
j.HTTP 409 Conflict
Server didn't receive a timely response
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
43
Match each item with a statement below.a.HTTP 400 Bad Request
b.HTTP 403 Forbidden
c.HTTP 404 Not Found
d.HTTP 405 Method Not Allowed
e.HTTP 408 Request Timeout
f.HTTP 500 Internal Server Error
g.HTTP 502 Bad Gateway
h.HTTP 503 Service Unavailable
i.HTTP 504 Gateway Timeout
j.HTTP 409 Conflict
Unable to match request
b.HTTP 403 Forbidden
c.HTTP 404 Not Found
d.HTTP 405 Method Not Allowed
e.HTTP 408 Request Timeout
f.HTTP 500 Internal Server Error
g.HTTP 502 Bad Gateway
h.HTTP 503 Service Unavailable
i.HTTP 504 Gateway Timeout
j.HTTP 409 Conflict
Unable to match request
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
44
Match each item with a statement below.a.HTTP 400 Bad Request
b.HTTP 403 Forbidden
c.HTTP 404 Not Found
d.HTTP 405 Method Not Allowed
e.HTTP 408 Request Timeout
f.HTTP 500 Internal Server Error
g.HTTP 502 Bad Gateway
h.HTTP 503 Service Unavailable
i.HTTP 504 Gateway Timeout
j.HTTP 409 Conflict
Server is unavailable because of maintenance or overload
b.HTTP 403 Forbidden
c.HTTP 404 Not Found
d.HTTP 405 Method Not Allowed
e.HTTP 408 Request Timeout
f.HTTP 500 Internal Server Error
g.HTTP 502 Bad Gateway
h.HTTP 503 Service Unavailable
i.HTTP 504 Gateway Timeout
j.HTTP 409 Conflict
Server is unavailable because of maintenance or overload
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
45
Match each item with a statement below.a.HTTP 400 Bad Request
b.HTTP 403 Forbidden
c.HTTP 404 Not Found
d.HTTP 405 Method Not Allowed
e.HTTP 408 Request Timeout
f.HTTP 500 Internal Server Error
g.HTTP 502 Bad Gateway
h.HTTP 503 Service Unavailable
i.HTTP 504 Gateway Timeout
j.HTTP 409 Conflict
Server received invalid response from the upstream server
b.HTTP 403 Forbidden
c.HTTP 404 Not Found
d.HTTP 405 Method Not Allowed
e.HTTP 408 Request Timeout
f.HTTP 500 Internal Server Error
g.HTTP 502 Bad Gateway
h.HTTP 503 Service Unavailable
i.HTTP 504 Gateway Timeout
j.HTTP 409 Conflict
Server received invalid response from the upstream server
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
46
Match each item with a statement below.a.HTTP 400 Bad Request
b.HTTP 403 Forbidden
c.HTTP 404 Not Found
d.HTTP 405 Method Not Allowed
e.HTTP 408 Request Timeout
f.HTTP 500 Internal Server Error
g.HTTP 502 Bad Gateway
h.HTTP 503 Service Unavailable
i.HTTP 504 Gateway Timeout
j.HTTP 409 Conflict
Request not allowed for the resource
b.HTTP 403 Forbidden
c.HTTP 404 Not Found
d.HTTP 405 Method Not Allowed
e.HTTP 408 Request Timeout
f.HTTP 500 Internal Server Error
g.HTTP 502 Bad Gateway
h.HTTP 503 Service Unavailable
i.HTTP 504 Gateway Timeout
j.HTTP 409 Conflict
Request not allowed for the resource
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
47
Match each item with a statement below.a.HTTP 400 Bad Request
b.HTTP 403 Forbidden
c.HTTP 404 Not Found
d.HTTP 405 Method Not Allowed
e.HTTP 408 Request Timeout
f.HTTP 500 Internal Server Error
g.HTTP 502 Bad Gateway
h.HTTP 503 Service Unavailable
i.HTTP 504 Gateway Timeout
j.HTTP 409 Conflict
Request couldn't be completed because of an inconsistency
b.HTTP 403 Forbidden
c.HTTP 404 Not Found
d.HTTP 405 Method Not Allowed
e.HTTP 408 Request Timeout
f.HTTP 500 Internal Server Error
g.HTTP 502 Bad Gateway
h.HTTP 503 Service Unavailable
i.HTTP 504 Gateway Timeout
j.HTTP 409 Conflict
Request couldn't be completed because of an inconsistency
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
48
Match each item with a statement below.a.HTTP 400 Bad Request
b.HTTP 403 Forbidden
c.HTTP 404 Not Found
d.HTTP 405 Method Not Allowed
e.HTTP 408 Request Timeout
f.HTTP 500 Internal Server Error
g.HTTP 502 Bad Gateway
h.HTTP 503 Service Unavailable
i.HTTP 504 Gateway Timeout
j.HTTP 409 Conflict
Request not made by client in allotted time
b.HTTP 403 Forbidden
c.HTTP 404 Not Found
d.HTTP 405 Method Not Allowed
e.HTTP 408 Request Timeout
f.HTTP 500 Internal Server Error
g.HTTP 502 Bad Gateway
h.HTTP 503 Service Unavailable
i.HTTP 504 Gateway Timeout
j.HTTP 409 Conflict
Request not made by client in allotted time
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 48 flashcards in this deck.
