afech 1 question bank
01> Imagine a scenario where you send a FIN data packet to a particular port on the tarrget system. If the target system sends back an error message, what does it mean?
ansewr:- 5. Can't say without know the Operating system information.
02> While trying to chage the signature of torjan you endes increasing few bytes in the hex file. what will be the result?
answer:- 1. the torjan file will crash altogether
03> you have norton antivirus installed on your system. you scanned a torjan file and aftare altering the signatures found that it is not being detectd by norton. now you sent it to the victim where it was caught by the antivirus. what could be the possible explanation?
answer:- 3. the victim is using some other antivirus.
04> which social engineering technique is most likely to work again a senior male executive working in a bank?
answer:- 2. smooth talking.
05> what is the exact street address (physical address) of the system 203.94.11.12? you should use web based tools to answer this question.
answer:- 2. can't say
06> if you create a data packet with an infinite TTL value and send it to your friend's computer. what will happen to the data packet?
answer:- 4. the data packet will reach the target computer.
07> data is always broken down into smaller fragments at the sender's end. what will happen it you send the first fragment and third fragment of some data to the target system without sending the second fragment?
answer:- 3. ICMP fragment reassembly time exceeded error message.
08> the TCP connect port scan is often referred to as the most reliable technique of port scanning. why?
answer:- 4. it cannot be blocked without affecting normal traffic.
09> why do you think the Tracerout tool was originally developed?
answer:- 3. to pinpoint the exact position in network where there was a problem.
10> how do you bypass the BIOS password on a laptop(not a desktop)?
answer:- 1. default passwords.
11> what are the stepsfollowed by a system Awhen it wants to establish a new connection with a remote comuter B?
answer:- 1. A sends SYN packet to B. B sends back SYN/ACK. A replies with ACK.
12> are switching networks vulnerable to sniffers?
answer:- 2. yes
13> which operating system has a TTL value of 128, DF set to YES, TOS= 0 and a window size of 7000?
answer:- 4. windows NT
14> imagine that all instant messenger traffic has been blocked on your office or college network. how can you access your instant messenger and chat with your colleagues?
answer:- 2. www.meebo.com
15> can you name a major vulnerability that exists on the website htto://www.iscr.org?
answre:- 1. SQL injection
16> How can you detect sql injection loopholes on the internet?
answer:- 5. all the above.
17> what does a data packet with the RST flag turned ON represent?
answer:- 3. want to reset connection.
18> what is a good countermeasure against Land attacks?
answer:- 1. patch your operating system.
19> in which country is the website www.abc.kh located?
answer:- 5. can't say
20> why do you think array bound checking on input is an important aspect of secure programming?
answer:- 1. protects again inter overflows.
21> if the initial sequence number of a system is 1000, what will it become after 10 FIN packets, 10 SYN packets, 10 SYN packets, 10 SYN/ACK packets, 10 FIN/ACK packets, 10 seconds and 1234 ACK packets?
answer:- 3. 129040
22> which error message does the ICMP data packet with Type = 3 and code = 8 represent?
answer:- 3. source host isolated
23> what are phising attacks?
answer:- 1.the art of sending a fake login screen to the victim.
24> what is the difference between Active and Passive fringerprinting?
answer:- 1. active is not anonymous,passive is anonymous.
25> what would you recommend to somebody who wants to protect their identity on the internet?
answer:- 5. all the above.
26> if you created a data packet with a TTL value of 1 and send it to your friend's computer. what will happen to the data packet?
answer:- 1. there will be an error message and the data packet will be discared.
27> what makes the stacheldraht attack tool so difficult to counter?
answer:- 5. all the above.
28> if you ping a particular IP address on the Internet multiple times, will the TTL values displayed in the output always remain the same?
answer:- 1. no.
29> how many ports are open on the website www.hackingmobilephones.com between port 1 and 200?
answer:- 1. 3-5 ports.
30> what kind of honeypot would you recommend a university should use?
answer:- 4. high involved Honeypot
31> what vulnerability is the following programming code vulmerable against? (printf ("&d",input_decimal);) ?
answer:- 2. format string overflow
32> if you port scan your own computer and detect port 456 as open, what does it mean?
answer:- 3. any modified torjan could be installed on your system.
33> which of the following is a strong password yet easy to remember?
answer:- 4. A.n.k.i.t25
34> what do you need to do to ensure that an antivirus tool does not detect the presence of a torjan on the victim's computer?
answer:- 5. modify the signature of the trojan to avoid detection.
35> analyze the below email headers and determine the source IP address of the system that was used to send this email:
x-Appartly....................
answer:- 2. 202.158.41.55
36> usually when you port scan your home computer, you will find that some ports are open? why?
answer:- 3. the applications running on your system are your system are using these open ports.
37> why are dial up internet connections usually considered to be more secure than broadband internet connections?
answer:- 3. most dial up connections provide a dynamic IP address.
38> what is the octal version of the IP address 198.54.11.15?
answer:- . 0306.066.013.017
39> which social engineering technique is most likely to work against a young, female call center employee working in a bank?
answer:- 1. intimidation
40> using information gathering techiques determine the web hosting company of the DBS bank of singapore website (www.dbs.com.sg).?
answer:- 4. pacific net
41> whats is HTTP tunneling?
answer:- 2. working with any protocol transmitting it through http
42> how can you perform DSN poisoning?
answer:- 2. DNS zone transfer
43> what kind of honeypot would you recommend a bank should use?
answer:- 3. low involved honeypot.
44> perform a WHOIS query on the DBS bank of singapore website (www.dbs.com.sg) and determine the registered address of the website?
answer:- 2. 6,shenton way,singapore
45> what class does the IP address 198.54.11.0 belong to?
answer:- 3. class C
46> if you tracerout a partcular IP address on the Internet multiple times, do you always see the same results?
answer:- 1. No
47> in what step or command of email forging do you need to include any file attachments?
answer:- 4. DATA
48> on google search you type the search string "failure". then you press the button "i'm feeling lucky". you land on the page of "biography of president George W. Bush". what does it means?
answer:- 2. the search string has placed the page on the top of the search list.
49> what is the advantage of using ping utility?
answer:- 2. ping sweeping is faster and can be used to ping a large number of system
50> determine the web server running on the website www.hackingmobilephones.com (you may use the daemon banner grabbing techique)?
answer:- 3. apache