ADDITIONAL QUESTIONS AND ANSWERS
1. Why wouldn’t it be surprising to find Netcat on a Trojaned computer?
a) Netcat can be used to block any port from proper operation.
b) Netcat is used by system administrators to detect remote access Trojans.
c) Netcat can be used to perform port scanning.
d) Netcat encrypts all communications.
2. Why is tunneling-based Trojan software so useful for hackers if it is installed inside a corporate network?
a) Tunneling software uses ports that are not well known, e.g. 12345.
b) Stateful inspection firewalls can only filter server ports of 1-1023.
c) It makes network penetration trivial – the tunneling occurs using whichever port(s) the firewall is configured to allow.
d) Anti-Trojan software does not have signatures ...
Get Penetration Testing: Protecting Networks and Systems now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.