Fill In the Blank
Application
Vocabulary
100

This command line tool is built into Windows and Linux and is used to search DNS records to map names to IP addresses.

nslookup and dig

100

The Nmap option that would be used to find out the specific version of the web server software running on a target host.

-sV

100

An attacker who is performing reconnaissance techniques from inside the target network is operating at this layer.

Layer 3 - local access to the target

200

Google Dorking is the usage of _____ in a Google search to find OSINT information that is hard to find with a simple search.

Advanced search operators

200

What is site:cyber.org filetype:pdf before:2024-01-01 (or ext:pdf)?

To find only PDF files published on the cyber.org website that were posted before the start of 2024, you would use this specific Google Dork string.

200

The _____ file is used to let web-crawling bots know which files and folders on a website should be identified with the Disallow: field.

Robots.txt

300

A Google Dork (aka Google Hack) is a search string that uses ________ ______ _________to find _____  info that is hard to find with a simple search.

Advanced Search Operators & OSINT

300

What will this return?

Site:.gov “climate action plan” intitle:report filetype:pdf -draft

final (non-draft) government reports related to “climate action plans”

300

Identifying the specific OS or application running on a system.

Fingerprinting

400

Refer back to Layer 2 of the recon process. At this layer, the attack interacts with the system ____ and the techniques are initiated from outside the ________.

externally, target network

400

You are a cybersecurity analyst, brought in to investigate unusual activity on a startup’s internal network. Before diving deeper, you need to verify which machines are actually powered on and reachable, and then determine whether any suspicious services are running on the main application server. You suspect outdated software might be exposed, but you aren’t sure what operating system the server is running. What type of Nmap scan should you perform at each step? (Hint: order the 4 types of scans accordingly)

You should run a Host Discovery Scan to verify which machines are live. You should then use a Port Scan to find open ports. Then, use a Service/Version Scan to identify the specific software and versions. Finally, use the OS Detection Scan to determine which operating system the server is running.

400

What is one common characteristic between A and AAAA records and what is one significant difference?

Both map domain (human-readable) names to IP addresses. However, A record is used for IPv4 and AAAA record is used for IPv6.

M
e
n
u