Define network scanning and state two key reasons why it is performed.
Network scanning is the process of identifying live systems, open ports, services, and vulnerabilities on a network. It is performed to assess security weaknesses and to map the network for monitoring or penetration testing.
Differentiate between port scanning, network scanning, and vulnerability scanning.
Port scanning: identifies open ports/services. Network scanning: identifies active hosts and their IPs. Vulnerability scanning: detects known weaknesses or security flaws.
Explain how an attacker can use network mapping tools during a penetration test
Attackers use network mapping tools to discover devices, locate weak points, identify running services, and build diagrams of targets to plan attack paths.
What is the main purpose of IDS evasion, and give one example of how it can be achieved.
IDS evasion aims to avoid or bypass intrusion detection systems. Example: slowing scan speeds to appear as normal traffic (low-and-slow scanning).
Why is FastResolver effective for footprinting a network?
Because it resolves multiple hostnames to IPs (and vice versa) and can scan entire IP ranges to identify active hosts and MAC addresses.
Describe two scenarios where remote desktop operations are essential in enterprise environments.
(1) Remote troubleshooting by technicians.
(2) Accessing workplace computers from home for administrative or work purposes.
TeamViewer is commonly used in IT support. What risk does this introduce if misconfigured?
Unauthorized remote access, which can allow attackers full control of systems if credentials are weak or exposed.
Explain how the tool Dude assists network administrators.
Dude scans entire subnets, maps devices visually, monitors services, and alerts administrators of device failures.
What advantage does LANState offer that makes it suitable for corporate environments?
It provides network mapping, monitoring, and can export diagrams to formats like Visio, supporting documentation and compliance requirements.
Why is Friendly Pinger useful for continuous monitoring?
It provides visual availability status, parallel pinging, notifications when devices go up/down, and tracks software/hardware inventory.
Describe the purpose of Ipsoner in enterprise networks.
It discovers managed and unmanaged network assets, identifying unknown or rogue devices across the network perimeter.
What key benefit does WhatsUpGold provide for IT auditing?
It automatically discovers, maps, inventories, and documents network devices, supporting regulatory compliance and network transparency.
What capabilities make NetMaster effective for mobile network diagnostics?
LAN scanning, TCP connect scanning, ARP scanning, Bonjour discovery, and cellular/Wi-Fi speed testing.
Explain how proxies help attackers hide their identity during an attack.
Proxies mask the attacker’s real IP, forward requests on their behalf, and can be chained to prevent tracing back to the source.
