[go: up one dir, main page]
Scribd
Upload
12 views5 pages

Unit 3 Question Answer

Uploaded by

anshul ranjan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
12 views5 pages

Unit 3 Question Answer

Uploaded by

anshul ranjan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

What is Enumeration?

Enumeration in ethical hacking refers to actively connecting to a target


system or network to extract information such as usernames, system details,
shared resources, and other critical data. It involves direct interaction with
the target and is a deeper phase compared to reconnaissance, focusing on
exploiting protocols and services to gather actionable data.

What is NetBIOS Enumeration?

NetBIOS Enumeration is a specific form of enumeration that targets the


Network Basic Input/Output System (NetBIOS) protocol. NetBIOS
enables communication between applications over local area networks
(LANs) and facilitates sharing of resources like files and printers.

NetBIOS enumeration involves querying the network for information about


hosts and shared resources. Attackers or ethical hackers use it to map
networks and identify potential weaknesses.

Advantages for Ethical Hackers:

 Helps map the network structure.

 Reveals potential entry points, like poorly secured shares or weak user
credentials.

What is Metasploit?

Metasploit is a widely used open-source framework for penetration testing,


vulnerability research, and security auditing. It provides a suite of tools that
allows security professionals and ethical hackers to identify, exploit, and
validate vulnerabilities in networks, systems, and applications.

Metasploit includes a variety of pre-built exploits, payloads, and auxiliary


modules, which can be used to simulate attacks, test the effectiveness of
security measures, and assess vulnerabilities.

What is Privilege Escalation?

Is process of gaining elevated access or higher-level permissions within a


system or network during a penetration test. Ethical hackers use privilege
escalation techniques to identify vulnerabilities and weaknesses in a
system’s access controls and security measures. The goal is to demonstrate
how attackers can move from having limited access (e.g., as a standard user)
to obtaining administrative or root-level access, which could allow them to
compromise sensitive data or perform unauthorized actions.

Types of Privilege Escalation:

1. Vertical Privilege Escalation (Elevation of Privileges):

o This is when an attacker with limited privileges (e.g., a standard


user) is able to elevate their access to a higher privilege level
(e.g., administrator or root).

o Example: Exploiting a vulnerability to gain administrative control


of a system.

2. Horizontal Privilege Escalation:

o This occurs when an attacker gains access to the resources or


data of other users with the same level of privileges, rather than
escalating to a higher level.

o Example: Accessing another user’s account or files without


proper authorization.

What is Spyware? and Types of Spyware

Spyware is a type of malicious software (malware) that is installed on a


device without the user's knowledge or consent. Its primary purpose is to
secretly monitor the user's activities and collect personal information, which
may include browsing habits, login credentials, passwords, or sensitive data.
Spyware often operates in the background, making it difficult for users to
detect, and can lead to privacy violations, identity theft, and data breaches.

1. Desktop Spyware:

o Tracks what you do on your computer, like which programs you


use or files you open.

2. Email Spyware:
o Monitors your email activity, such as reading or sending emails,
and may capture sensitive information.

3. Internet Spyware:

o Follows your online behavior, including websites visited and


search queries.

4. Child-Monitoring Spyware:

o Allows parents to monitor their children's online activities, like


what they browse or who they talk to.

5. Screen-Capturing Spyware:

o Takes screenshots of your computer screen without you knowing,


capturing what you're doing.

6. USB Spyware:

o Installed on a USB drive and collects data when plugged into a


computer.

What are four common techniques for evading Intrusion Detection


Systems (IDS)?

Packet Fragmentation: Splitting malicious payloads into smaller fragments


to confuse or bypass IDS analysis.

1. Traffic Obfuscation: Encrypting or encoding traffic to hide malicious


content from detection.

2. Session Splicing: Dividing the payload across multiple sessions to


avoid detection by signature-based IDS.

3. Anomaly Exploitation: Crafting traffic to resemble normal behavior,


avoiding anomaly-based detection.

What are four methods attackers use to evade firewalls?

1. Port Scanning: Identifying open ports to find ones not blocked by the
firewall.
2. Protocol Manipulation: Using tunneling techniques like HTTP or
HTTPS to bypass port-based rules.

3. Source Spoofing: Altering source IP addresses to bypass IP-based


filtering.

4. Using Trusted Ports: Sending malicious traffic over ports commonly


allowed, such as port 80 (HTTP) or 443 (HTTPS).

What are four techniques attackers use to evade honeypots?

1. Fingerprinting Honeypots: Using tools to detect honeypot-specific


characteristics or configurations.

2. Suspicious Behavior Analysis: Avoiding systems with unusual or


isolated activity, which are likely honeypots.

3. Engagement Limitation: Minimizing interaction with targets that


could log or trace activities.

4. Detecting Response Latency: Identifying high response times that


indicate logging or analysis in honeypots.

What is a keylogger, and how does it function on Windows systems?


Provide examples of keylogger software.

A keylogger is a software or hardware tool that records keystrokes made on a


keyboard. It is often used for surveillance or malicious purposes, such as
capturing sensitive information. On Windows systems, keyloggers operate
by:

1. Monitoring Keystrokes: Logging all user inputs, including passwords,


messages, and searches.

2. Running Stealthily: Operating in the background without user


awareness to avoid detection.

3. Data Transmission: Storing logs locally or transmitting them


remotely via email or other means.

4. Bypassing Security: Advanced keyloggers employ techniques to


evade antivirus and security tools.
Examples of Keylogger Software:

1. Spyrix Keylogger: Free software for remote monitoring.

2. REFOG Personal Monitor: Used for tracking personal computer


activity.

3. All in One Keylogger: Offers comprehensive monitoring features.

4. Elite Keylogger: A stealthy tool for recording keystrokes and user


activities.

5. StaffCop Standard: Designed for employee monitoring in workplaces.

6. Spytector: A stealth keylogger known for avoiding detection by


security tools.

You might also like