Daffodil International University
Department of Software Engineering
Facil of Slence and Information Technslony (FST)
mn, Semester:
netration Testing
‘Seco: A, Course Teacher: Md. Msgr Rabman (SIS
Time: 2:00 Hours (Note: Answer all questions) Total Marks: 40
1
Cyber attacker try to attack the IT infrastructure using different ways to perform
information theft, tempering and disruption of information and services is kept low or
tolerable, Please explain different techniques of Firewall Bypass. 5
. There are different threat modeling systems in cyber security space and types of attack.
Please explain ACK Tunneling Method for Firewall B 5
. Every organization need to take measurement for the detection of Intrusions and Ensure
the Systems confidentiality and data security and availability. Explain the necessity of
Intrusion Detection Systems (IDS) and how to evade IDS. 5
Router uses to connect different network and its break the broadcast domain. Please
explain the penetration testing Steps for Router. 5
Web Application Security is very important for Penetration Tester during Security and
Risk Assessment Cyber-attack and hacking demand specialized investigation in digital
environment. Please explain: (2.5+2.5=5)
A. SQL Injection and Broken Authencation.
B. Misconfiguration of Web Application.
Network is the most critical part for any IT infrastructure, Organization need to ensure
the security of network infrastructure for ensuring security. Please explain intemal Vs.
External Network penetration testing: oe
External Traffic and external device vulnerability assessment is the most critical part in
Penetration Testing. Please lists the different PORT Scanning Methodologies and
explain 2 from them 5
. Wireless network also uses by different corporates. Wireless network is vulnerable to
hacking. Network security professionals need to configure, maintain and operate wireless.
network securely to protect them from hacking. (2.5+2.5=5)
A. Please Explain the wireless Network Discover Methodology
B. Please Explain the method to sniff traffic between AP and linked Devices