This set of Cyber Security Multiple Choice Questions & Answers (MCQs) focuses on “Scanning Phase for Security – 2”.
1. In port scanning, a port is always associated with the _____________ (typically of host system) & the type of ____________ employed for communication.
a) IP address, protocol
b) MAC address, protocol
c) IP address, IMEI number
d) MAC address, network model
View Answer
Explanation: In port scanning, a port is always associated with an IP address (typically of host system) & the type of protocol (UDP or TCP) employed for communication.
2. ________________ is a tool which uses traceroute-like techniques for analyzing IP packet responses.
a) Firewalk
b) Firesweep
c) PingSweeper
d) ICMPwalker
View Answer
Explanation: Firewalk is a tool which is used traceroute-like techniques for analysing IP packet responses. It determines gateway ACL and filters & map networks. Specifically, it determines filter rules in place on all packet forwarding devices.
3. In port scanning, a _________ is always associated with an IP address (usually of the host system) & the type of protocol (UDP or TCP) employed for communication.
a) address
b) port
c) system
d) network
View Answer
Explanation: In port scanning, a port is always associated with an IP address (typically of the host system) & the type of protocol (UDP or TCP) employed for communication.
4. Firewalk tool employs a technique to determine the ___________ rules in place on the ___________ forwarding device.
a) filter, packet
b) filter, port
c) routing, packet
d) routing, port
View Answer
Explanation: Firewalk is a tool which uses traceroute-like techniques for analyzing IP packet responses. It determines gateway ACL and filters & map networks. Specifically, it determines filter rules in place on all packet forwarding devices.
5. Firewalk works by sending ________ & ________ packets.
a) UDP, HTTP
b) TCP, HTTP
c) ICMP, TCP
d) UDP, TCP
View Answer
Explanation: Firewalk is a tool which uses traceroute-like techniques for analyzing IP packet responses. Firewalk works by sending UDP & TCP packets. It determines filter rules in place on all packet forwarding devices.
6. Using 3-way handshake, it is possible to check for open ports.
a) True
b) False
View Answer
Explanation: Open ports can be checked where a computer initiates a connection to the server with SYN flag set. The server replies with both SYN & ACK flag set. Finally, the client responds back to the server with the ACK packet.
7. Which of them is not a standard flag used in TCP communication between client and server?
a) Synchronize
b) Acknowledgment
c) Finish
d) Start
View Answer
Explanation: Start is not a standard and valid flag of TCP communication in a client-server connection. These standard flags are: Synchronize Acknowledgement, Push, Urgent, Finish and Reset.
8. How many standard flags are used in TCP communication?
a) 4
b) 5
c) 6
d) 7
View Answer
Explanation: There are 6 standard flags are used in a TCP communication between client and server. These standard flags are: Synchronize, Acknowledgement, Push, Urgent, Finish and Reset.
9. Which of the following is not a valid scanning method?
a) Xmas Tree scan
b) SYN Stealth scan
c) Null Scan
d) Cloud scan
View Answer
Explanation: Some popular scanning methods used for scanning connections and ports are – Xmas Tree scan, SYN Stealth Scan, Null Scan, Window Scan, ACK scan, UDP scan etc.
10. ___________ is a command-line TCP/IP packet assembler and analyzer tool.
a) IGMP Ping
b) Hping2
c) Nmap
d) Maltego
View Answer
Explanation: Hping2 is a command-line TCP/IP packet assembler and analyzer tool. Also, it has a trace-route mode. It has the ability to send files between covered channels & also supports ICMP echo requests.
11. Which of the following is not a feature of Hping2 tool?
a) Firewall testing
b) Port scanning
c) Network testing
d) Server malware scanning
View Answer
Explanation: Hping2 is a command-line TCP/IP packet assembler and analyzer tool. Also, it has a trace-route mode. It has the ability to send files between covered channels & also supports ICMP echo requests. Server malware scanning is not a valid feature of Hping2 tool.
12. _________________ is quite an esoteric process for preventing session creation through a particular port.
a) Port knocking
b) Port cracking
c) Port hacking
d) Port-jacking
View Answer
Explanation: Port knocking is quite an esoteric process for preventing session creation through a particular port. Port knocking is not presently used by default in any stack, but soon patches will come to allow the use of knocking protocols.
13. Which one of them is not a network scanner?
a) NMAP
b) Qualys
c) SoftPerfect
d) Netcat
View Answer
Explanation: NMAP, Qualys, and SoftPerfect are all network scanning tools. Network scanning is used for a computer network to gather information about the computing systems.
14. Which of them is not a port scanning tool?
a) Netcat
b) Unicornscan
c) Maltego
d) Angry IP Scanner
View Answer
Explanation: Netcat, Unicornscan, Angry IP scanners are some of the popular tools used for port scanning. These types of tools are a special type of application designed for probing a server or host for open ports.
15. Which of them is not a vulnerability scanning tool?
a) Nexpose
b) Nessus Professional
c) Snort
d) Nikto Web scanner
View Answer
Explanation: Nexpose, Nikto Web scanner, and Nessus Professional are some of the popular vulnerability scanning tools. Vulnerability scanners are inspection tools used to check for potential points of exploit on a system or network for identifying security holes.
Sanfoundry Global Education & Learning Series – Cyber Security.
To practice all areas of Cyber Security, here is complete set of 1000+ Multiple Choice Questions and Answers.
- Check Programming Books
- Practice Programming MCQs
- Check Computer Science Books
- Apply for Computer Science Internship
- Practice Cryptography & Network Security MCQ
