422 Appendix A ■ Answers to Review Questions
- D. A banner can be changed on many services keeping them from being easily identified.
However, if this is not done it is possible to use tools such as telnet to gain information
about a service and use that information to fine-tune an attack. - A. Nmap is designed to perform scans against ports on a system or group of systems, but it
is by far the most popular tool in many categories.
Chapter 6: Enumeration of Services
- D. Usernames are especially useful in the system hacking process because they allow you to
target accounts for password cracking. - C. Ports are usually uncovered during the scanning phase and not the enumeration phase.
- B. Privilege escalation is intended to increase access on a system.
- A. System hacking involves exploiting services on a system.
- A. VRFY validates an e-mail address in SMTP.
- B. The EXPN command will display the recipients of an e-mail list.
- A. NetBIOS can be used to enumerate the users on a system.
- A. A NULL session can be used to connect to a remote system via the ipc$ share.
- B. NTP (Network Time Protocol) is used to synchronize clocks on a network.
- A. Port 25 is for SMTP.
- A. Port 53 TCP is used by DNS for zone transfers.
- C. nbtstat lets you view information about NetBIOS.
- C. SNScan is designed to access and display information for SMNP.
- C. SMTP is primarily intended to transfer e-mail messages from e-mail servers and clients.
- D. Ports 161 and 162 are used by SNMP.
- B. LDAP is used to query and structure databases; this database could be a directory ser-
vice but it is not necessarily one. - C. SNMP is used to monitor and send messages to network devices.
- A. SNMP is designed to aid in the management of devices.
- C. A SID is used to identify a user.
- C. A zone transfer is used to synchronize information, namely records, between two or
more DNS servers.
bapp01.indd 422 22-07-2014 10:56:36