Attackers Techniques

Julie has been hired to perform a penetration test on xyz.com. She begins by looking at IP address ranges owned by the company and details of domain name registration. She then goes to news groups and financial websites to see whether any of the company’s sensitive information or technical details are online. What is Julie doing?

Passive Information Gathering

Which of the following is the most reliable type of scan?

Connect

If you send a SYN to an open port what is the correct response?

SYN/ACK

Trying to identify machines on a target network is called?

Enumeration

From a port scanning you identified that port 88 is open. What does this tell you?

The target system uses Kerberos authentication