Ethical Hacking 面试题与答案

问题 21. What is footprinting?

Footprinting is a technique used for collecting as much information as possible about the targeted network/system/victim to execute a successful cyber attack. It also finds out the security posture of the target. During this phase, a hacker can collect data about a domain name, IP address, namespace, employee information, phone numbers, emails, and job information.

Footprinting is divided into two types:

Passive footprinting: It collects data of the target system located at a remote distance from the attacker.

Active footprinting: It is performed directly by getting in touch with the target machine.

问题 22. What do you mean by fingerprinting in ethical hacking?

Fingerprinting is a technique used for determining which operating system is running on a remote computer.

Active fingerprinting: In this, we send the specially crafted packets to the target machine, and based on its response and gathered data, we determine the target OS.

Passive fingerprinting: In this, based on the sniffer traces of the packets, we can find out the OS of the remote host.

问题 23. What is sniffing and what are its types?

Sniffing is referred to as a process of monitoring and capturing the data packets passing through a given network. It is mostly used by system/network administrators to monitor and troubleshoot network traffic. Sniffing allows you to see all sorts of traffic, both protected and unprotected. Attackers use this to capture data packets having sensitive information such as email traffic, FTP password, web traffic, router configuration, DNS traffic, and more.

Sniffing is divided into two types:

Active sniffing:

In this, traffic is not only locked and monitored but it may be altered in some way determined by the attack. It is used to sniff a switch-based network. It involves injecting the address resolution packets into a target network to switch on the content addressable memory table.

Passive sniffing:

In this, traffic is locked but not at all altered in any way. It works with hub devices, and traffic is sent to all the ports. Any traffic that is passing through the unbridged or non-switched network segment can be seen by all the machines on the segment.

问题 24. What are the best sniffing tools?

The best sniffing tools are listed below:

• Tcpdump
• Wireshark
• Fiddler
• EtherApe 
• Packet Capture
• NetworkMiner
• WinDump
• EtterCap
• dSniff

问题 25. What is ARP poisoning?

ARP (Address Resolution Protocol) poisoning is also known as ARP spoofing or ARP Poison routing. It is a form of attack where the attacker changes the MAC (Media Access Control) address and attacks the ethernet LAN network by changing the target computer’s ARP cache with forged requests and reply packets.