Drew University

IS MISC

Quiz 5

Question1)A key characteristic of footprinting is that it gathers information about a victim without directly interacting and potentially providing advance notice of the attack.

Question 2

Traceroute identifies the path to a targeted website.

Question 3

Automated methods for obtaining registrar network range information for a company .

Question 4

Nick is attempting to find the owner of a domain name. Which of the following would best assist him with this task?

Question 5

Which of the following is NOT considered a readily available source of financial information on publicly traded U.S. companies?

Question 6

Which of the following is created for the sole purpose of posting unflattering content about a company?

Question 7

                         refers to the software designed to query databases to look up and identify the registrant of a domain name.

Question 8

The inurl string is a Google keyword used to search within a site's uniform resource locator (URL).

Question 9

Google Hacking Database (GHDB) is a database of queries that can be used to conduct a Google web search to identify sensitive data and content.

Question 10

Which of the following is NOT one of the Internet sources that hackers use to gather information about a company's employees?

Question 11

An effective countermeasure an organization can take to protect domain information is to         .

Question 12

The Root Zone Database page of Internet Assigned Numbers Authority (IANA)

                        .

Question 13

The manual method of obtaining network range information requires the attacker to visit at least one or more of the Regional Internet Registries (RIRs), which are responsible for           .

Question 14

Some organizations inadvertently put information from insecure applications on the Web.

Question 15

Which of the following is NOT considered a source from which valuable information can be gleaned about an intended target?

Question 16

Google hacking is effective because Google indexes small amounts of information in just a few, focused types of formats.

Question 17

Which of the following statements is NOT true regarding information in a public company?

Most users of social networking sites are diligent about protecting their personal information through privacy settings and similar configuration options available on these sites.

Question 19

A countermeasure for protecting domain information is to keep registration data as generic as possible.

Question 20

The Internet Assigned Numbers Authority (IANA) delegates Internet resources to the Regional Internet Registries (RIRs), which then                                                                                                .

Question 21

Question 22

Obtaining financial information on companies operating in the United States is difficult because financial records on publicly traded companies are not available to the public.

Question 23

Sanitizing a web posting refers to a company deleting information that others may find offensive.

Question 24

Network range data from a registrar is useful to the associated company but not an attacker.

Question 25

The Nslookup tool lists Domain Name System (DNS) nameservers.

Question 26

File Transfer Protocol (FTP) is considered an insecure application.

Question 27

Larry is attempting to identify the network route between two Windows systems. What command can he use on one system to identify the network path to the second system?

Question 28

The Whois tool is primarily used to verify whether a domain name is available or whether it has been registered.

Question 29

                         refers to a program to query Internet domain name servers?

Question 30

Carl is analyzing the Hypertext Markup Language (HTML) code of a company's website. He would like to identify any comments written in the code. What HTML tag should he search for?

Question 31

A site administrator can block the Internet Archive from making snapshots of the site.

Question 32

Countermeasures to thwart footprinting of an organization's website include all of the following except              .

Question 33

The Internet Assigned Numbers Authority (IANA) is responsible for the global coordination of the Domain Name System (DNS) root, IP addressing, and other Internet protocol resources.

Question 34

Tonya is conducting reconnaissance of a company that is the target of a penetration test. She would like to search for the company's financial filings with the SEC. What database should she use?

Question 35

Facebook, LinkedIn, and Twitter are                                            sites.