Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Examination Question Paper: May 2016: Module Code: Component: Module Title: Module Leader

    Încărcat de

    Roman Puri
    61 vizualizări3 pagini
    MCQ

    Titlu original

    Ethical Hacking

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    MCQ

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    61 vizualizări3 pagini

    Examination Question Paper: May 2016: Module Code: Component: Module Title: Module Leader

    Încărcat de

    Roman Puri
    MCQ

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 3

    Examination question paper: May 2016

    Module code: CC6051

    Component: 002

    Module title: Ethical Hacking

    Module leader: Michael Ghebru

    Date: 10 May 2016

    Start time: 14:00

    Duration: 2 hours

    Exam type: Unseen, Closed

    Materials supplied: Exam question paper and answer booklets.

    Materials permitted: Writing instruments.

    Warning: Candidates are warned that possession of


    unauthorised materials in an examination is a serious
    assessment offence.

    Instructions to Candidates should answer ANY 5 questions.


    candidates:

    For each question 10 marks are available.

    DO NOT TURN PAGE OVER UNTIL INSTRUCTED

    © London Metropolitan University

    Page 1 of 3
    [Attempt ANY 5 questions ONLY]

    1 (a) List four attributes which a security tester should possess. (4 marks)

    (b) Define the following terms:

    i. Hacker (3 marks)
    ii. Penetration Tester (3 marks)

    2 (a) What are TCP flags and why are they used? (3 marks)

    (b) What is session hijacking and how is it achieved? (3 marks)

    (c) How is Internet Control Protocol (ICMP) used by security professional? Give an
    example. (4 marks)

    3 (a) What is the difference between spyware and adware? (4 marks)

    (b) Describe the following terms:

    i. Denial of Service (DoS) (3 marks)


    ii. Botnet (or Zombies) (3 marks)

    4 (a) Social engineers use many different tactics in their attempt to gain information from
    unsuspected people. Using suitable examples describe each of the following common
    tactics:
    i. Urgency (2 marks)
    ii. Quid pro quo (2 marks)
    iii. Status quo (2 marks)
    iv. Kindness (2 marks)
    v. Position (2 marks)

    5 (a) Using suitable examples distinguish between open ports, closed ports and filtered ports,
    which are reported by scanning programs. (6 marks)

    (b) What is the best method of preventing NetBIOS attacks? (2 marks)

    (c) Give one reason why security testers conduct enumeration. (2 marks)

    Page 2 of 3
    6 (a) Why are rootkits that infect a device’s firmware considered the biggest threat to any OS
    (embedded or general-purpose)? (6 marks)

    (b) Specify two best practices for password protection. (4 marks)

    7 (a) What type of information can be gathered by wardriving? Provide three examples.
    (6 marks)

    (b) Describe two main purposes of a firewall. (4 marks)

    8 (a) Give three reasons why embedded OSs are more likely to have unpatched security
    vulnerabilities than general-purpose OSs? (6 marks)

    (b) Describe two common Web application vulnerabilities. (4 marks)

    [End of Paper]

    Page 3 of 3

    S-ar putea să vă placă și