Scribd Logo
Upload

Welcome to Scribd!

  • Ethical Hacking & Countermeasures CS 334

    Uploaded by

    Sakib Khan
    8 views2 pages
    Department of Software Engineer Midterm Exam Fall-2021

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Department of Software Engineer Midterm Exam Fall-2021

    Copyright:

    © All Rights Reserved
    Download as PDF or read online from Scribd
    Flag for inappropriate content
    8 views2 pages

    Ethical Hacking & Countermeasures CS 334

    Uploaded by

    Sakib Khan
    Department of Software Engineer Midterm Exam Fall-2021

    Copyright:

    © All Rights Reserved
    Download as PDF or read online from Scribd
    Flag for inappropriate content
    of 2
    & Daffodil International University Department of Software Engineering Faculty of Science & Information Technology Midterm Exam Examination, Fall-2021 Course Code: C8334, Course Title: Ethical Hacking and Countermeasures with Lab Level: 3 Term: 3 Section: A ‘Course Instructor: SB ‘Thursday 19 November, 2021 Time: 12:30pm-2:00pm ‘One hour and thirty mins (1:30) assessment; Total Marks: 25 James and Mike works in two reputed IT companies. James works as a senior software developer and Mike is a penetration tester. For the last Thursday night they own two thickets for a resort and travelled on the effective day. At the morning they entered into the mail hall building confirmed their reservation for the hotel room. Suddenly Mike noticed that their reservation confirmation was sent to their mobile phone using a web portal which was publicly available to all. As Mike knows the web security mechanisms very well, he tried to get access on the portal. After some advance google searching and social engineering methods he got the users name of a administrator. And, sequentially after doing a massive brute-force he also cracked the password for that user. Now, they can modify any kind of changes into that web portal, but as they didn’t had any bad intentions they disclosed their findings to the authorities. The management welcomed their observations and gift them with a free trip to their intended places and a grand dinner for that night. SEC 1: J Define reconnaissance and classify the types of reconnaissance with example, (2#3)=5 [CLO1, Level 1&4] (143 % Explain DNS and How does it work? [CLO1, Level 6] SEC 2: Username from google. 4. Austrate Xmas Scan and how does it work? From the above scenario discover the possible ways that Mike can use for enumerating the (3) [CLO2, Level 3] (142}=3 [CLO2, Level 3] SEC 3: (2) (CLO3, Level 1) A. Show how does (intitle:"Index of" | intitle:"Directory Listing For") AND site:example.com dorking will. Work. the types of DNS zone transfer. (1+3)=4 {CLOI, Level 4] 4, Define DNS zone transfer, and cla: Asa hacker sometimes you may need to do firewall bypass. Explain a method which you can use to bypass firewall using nmap. (4) (CLO2, Level 2}

    You might also like