Scribd Logo
Upload

Welcome to Scribd!

  • Class Test - Marking Scheme Ethical Hacking Answer ALL Questions (Total Marks: 50)

    Uploaded by

    Pranav Haran Harichandran
    21 views2 pages
    The document is a test paper for an ethical hacking class. It provides a scenario about CVS Union Banking expanding its operations and upgrading its technology infrastructure. As part of a penetration test, the student is asked to [1] discuss the attack methodology they would follow from outside and within the company's network, [2] justify their answer with relevant examples and tools, and [3] include ethical issues around attacking the public server. The student is instructed to answer in detail and will be marked out of 50 points.

    Original Description:

    EHAC Alternative Assessment (2008, 2021)

    Original Title

    EHAC_Alternative_Assessment_2008_QP

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document is a test paper for an ethical hacking class. It provides a scenario about CVS Union Banking expanding its operations and upgrading its technology infrastructure. As part of a penetration test, the student is asked to [1] discuss the attack methodology they would follow from outside and within the company's network, [2] justify their answer with relevant examples and tools, and [3] include ethical issues around attacking the public server. The student is instructed to answer in detail and will be marked out of 50 points.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    21 views2 pages

    Class Test - Marking Scheme Ethical Hacking Answer ALL Questions (Total Marks: 50)

    Uploaded by

    Pranav Haran Harichandran
    The document is a test paper for an ethical hacking class. It provides a scenario about CVS Union Banking expanding its operations and upgrading its technology infrastructure. As part of a penetration test, the student is asked to [1] discuss the attack methodology they would follow from outside and within the company's network, [2] justify their answer with relevant examples and tools, and [3] include ethical issues around attacking the public server. The student is instructed to answer in detail and will be marked out of 50 points.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    ETHICAL HACKING Page 1

    Class Test – Marking Scheme


    ETHICAL HACKING

    Answer ALL questions


    (Total marks: 50)

    PLO1 -Explain the process involved to successfully compromise a system, including ethical
    issues relating to the performance of penetration testing. (C5, PLO1)

    Question

    CVS Union Banking is a well-established banking institution originated from Singapore and
    have since expanded their business to various countries in South East Asia. In Malaysia
    alone, they have 20 branches nationwide. With the expansion of operations now moving
    towards Europe, the company has expanded and upgraded its technology infrastructure. As a
    banking institution, the company deals will transactions daily which comprises sensitive
    information such as customer records, transactional records, payment records as well as profit
    and loss of individuals and corporate organizations. In light of the increasing cases of the
    Covid-19 pandemic bringing about the birth of the “Cyber Pandemic”, the CTO of the
    company Mr John Neumann is worried about the upgrade and the rise of cyber threat on
    corporate financial institutions. Mr Neumann has consulted your expertise in this matter.

    Below are the infrastructure details furnished by their company to you:


     A total of 90 internal private servers
     The use of a public server from a cloud service provider
     An internal local network connecting 86 hosts and IPs
     Firewall and DMZs
     A total of 20000 clientele database, 300 staffs comprising software developers each
    possesses their access to their server.
     The client database consists of personal details such as credit card number,
    authentication details, transaction details, loan and banking credits, etc.

    Level 2 Asia Pacific Institute of Information Technology 2021 05


    ETHICAL HACKING Page 2

    Answer the following question:

    I) Discuss the attack methodology that you would follow in launching ethical
    hacking as part of your job as a penetration tester attacking the company’s
    infrastructure from outside and within the company’s network. Justify your
    answer relevant to the given cases, cite and reference if needed.

     Include possible examples of attack justified with the appropriate tools


    used for this testing.
     Include the type of ethical issue that you will be facing in launching the
    attack on the public server used by the company.

    (50 marks)

    Level 2 Asia Pacific Institute of Information Technology 2021 05

    You might also like