Ethical Hacking Week 4 Assignment Answers

Course Link: https://onlinecourses.nptel.ac.in/noc23_cs44/course

Q1. Which of the following statement(s) is/are false?
a. Hypervisor allows one host system to support multiple virtual machines by sharing the resources.
b. Hypervisor allows one host system to support multiple virtual machines; however, it does not allow resource sharing.
c. Kali-linux is a Debian-based Linux distribution that has collection of tools that are useful for penetration testing.
d. Kali-linux is a hack-proof secured operating system.
e. None of these.

Q2. Which of the following statement(s) is/are true about “Active Reconnaissance”?
a. Information about the target is collected indirectly.
b. Information about the target is collected directly.
c. There is a chance of detection in active reconnaissance.
d. There is no chance of detection in active reconnaissance.

Q3. Which of the following is not an information source over the internet for an attackers?
a. Whois
b. YouTube
c. Archive.org
d. Netcraft
e. Hydra

Q4. Which of the following data cannot be retrieved about the target system/website using Whois database lookup?
a. Registration details.
b. Name servers.
c. IP address.
d. History of the website.
e. None of these.

Q5. Which of the following search operators can narrow down the search results to a site that has the targeted search term in the URL?
a. inurl
b. intitle
c. site
d. exclude
e. double quote (*)
f. filetype

Q6. Which of the following information can be retrieved using DNS/Mail server enumeration?
a. Usernames
b. Computer names
c. Operating system
d. Open ports
e. IP address of system
f. Size of the network

Q7. Which of the following statement(s) is/are true for host discovery using ICMP ECHO and ICMP non-ECHO sweep?

a. InICMP sweep, the attacker sends out an ICMP ECHO request packet to the target, and waits for an ICMP ECHO reply response.
b. In Non-Echo ICMP sweep, the attacker sends out an ICMP ECHO request packet to the target, and waits for an ICMP ECHO reply response.
c. InICMP sweep, if the attacker does not receive an ICMP ECHO reply then the host is considered as down.
d. InICMP sweep, if the attacker does not receive an ICMP ECHO reply then the host is considered as live.
e. In Non-Echo ICMP sweep, if the attacker dose not receive an ICMP ECHO reply then the host is considered as down.

Q8. Which of the following option(s) is/are used for host discovery using TCP and UDP sweep respectively?
a. PE PP
b. PE,PM
c. PS,PA
d. PS,PU
e. PA PU

Q9. Which of the following information is retrieved by port scanning?
a. Information about the operating system running on the target system.
b. The services running on the target system.
c. The IP address of the target system.
d. None of these.

Q10. What kind of packet is received if the target port is closed/filtered in TCP connect/SYN scan?
a. RST
b. ACK
c. SYN-ACK
d. SYN
e. RST/ACK

Q11. Which of the following option(s) is/are used for OS and Version detection respectively?
a. sn,PE
b. Pn,sP
c. 0,-sV
d. sT,PP
e. None of these.

Q12. How many ports are scanned in NMAP for a target system if we use -F option ________ ?

100

Q13. Which of the following NMAP scanning option(s) is/are correct with respect to port scanning?
a. —F
b. -p20
c. -p20-100
d. -p20:100
e. -p20, 22,28, 80
f. All of these.

Q14. If we want to disable host discovery in port scanning, then which of the following options can be used?
a. -F
b. -p-
c. -Pn
d. -sn
e. We cannot disable host discovery.

Q15. Which of the following can be used to reconnaissance countermeasures?
a. Do not release critical info in public.
b. Encrypt password and sensitive information.
c. Restrict zone transfer.
d. Examine logs periodically.
e. Use firewalls.
f. All of these.