Module Code & Module Title

CC5004NI Security in Computing

Assessment Weightage & Type
Weekly Assignment

Year and Semester

2021 -22 autumn

Student Name: Nischita Paudel

London Met ID: 20049186
College ID: NP01NT4S210092
Assignment Due Date: 9th March 2022
Assignment Submission Date: 11th March 2022
Word Count (Where required): 2119

I confirm that I understand my coursework needs to be submitted online via Google Classroom under the
relevant module page before the deadline for my assignment to be accepted and marked. I am fully
aware that late submissions will be treated as non-submission and a mark of zero will be awarded.
 Tutorial 10 – Introduction to VAPT

Question 01. Define the term penetration testing. What other name can be given to that
process?

ANS: Penetration testing is a term that refers to Ethical hacking. It refers to the process
of replicated cyberattacks to find exploitable flaws in computer systems, networks,
websites, and applications. Pen testing tools can be used to assess the strength of an
organization's security policy, regulatory compliance, employee security knowledge, and
the organization's capacity to notice and respond to security issues as they occur, in
addition to identifying loopholes. We can also say penetration testing as investing,
uncovering, attacking, and reporting based on the vulnerabilities of a target system.

Question 02. Why do organizations carry out penetration testing on a scheduled interval,
even if they have logical and physical control measures applied to protect their data and
information assets?

ANS: Despite of having the logical and physical control measures applied to protect their
data and information assets organization carry out penetration testing because we are
never 100% secure. To assess the potential of a specific set of securing holes, to detect
the higher-risk vulnerability because of a series of lower-risk vulnerabilities being
exploited in a specific order, to see the ability of network defenders to identify and respond
to threats, to give evidence to C-level management, investors, and customers to support
higher security people and technology investments.

Question 03. List out some generic cybercrime scenarios.

ANS: The list of some generic cybercrime scenarios is:
Phishing: obtaining personal information from internet users using phony email
messages.
Abusing personal information (identity theft).
Hacking: It entails taking down or misusing websites or computer networks, as well as
promoting hate and instigating terrorism, as well as sharing child pornography.
Data Breach: A data breach occurs when harmful insiders or external attackers get
unauthorized access to confidential data or sensitive information.

Question 04. List out the different types of hackers and their general characteristics.

ANS: The different types of hackers and their general characteristics are:

• Script Kiddies: These hackers have had little or no training and are just familiar
with basic tactics and tools. Even yet, they may be clueless to some or all of what
they are doing.
• White-Hat Hackers: These hackers operate in the same way as the attacking party,
but they work for the good guys. They are usually distinguished by a code of ethics
that states, in essence, that they will not injure others. Ethical hackers or pen
testers are two terms for this group.
• Gray-Hat Hackers: These hackers are on the border of good and evil and have
opted to reform and join the good side. Even if they are changed, they may not be
completely trusted.
• Black-Hat: Hackers who work on the dark side of the law are referred to as black
hat hackers. They might or might not have a plan. In the vast majority of situations,
black hat hacking and actual criminal conduct are inextricably linked.
• Suicide Hackers: These hackers attempt to kill a target in order to make a point.
They aren't subtle because they don't care about being caught or serving time in
prison.

Question 05. Critically analyse the differences between ethical hackers and black-hat
hackers.
ANS: The difference between ethical hackers (White Hack) and Black Hackers are
listed below:
White Hackers Black Hackers

1. Their motives are noble, and they 1. Their motives are either selfish or
frequently seek to benefit or dangerous.
protect others.
 2. It is legal for white hat hackers to 2. Hacking by black hat hackers is
hack. prohibited.
3. They look for security flaws and 3. Look for security flaws in order to
offer suggestions and solutions for how to exploit them.
fix them.
4. They look for security flaws and 4. Look for security flaws in order to
offer suggestions and solutions for how to exploit them.
fix them.

Question 06. Open Lecture 10 and thoroughly go through the Code of Conducts that a
penetration tester must abide by.

ANS: The Code of Conducts that a penetration tester must abide by are listed below:

• Keep private and confidential, the information gained in your professional work (as
it pertains to client lists and client personal information). Not collect, give, sell, or
transfer any personal information (such as name, email address, Social Security
number, or other unique identifier) to a third party without client prior consent.
• Protect the intellectual property of others by relying on your own innovation and
efforts, thus ensuring that all benefits vest with its originator.
• Disclose to appropriate persons or authorities' potential dangers to any e‐
commerce clients, the Internet community, or the public that you reasonably
believe to be associated with a set or type of electronic transactions or related
software or hardware.
• Provide service in your areas of competence, being honest and forthright about
any limitations of your experience and education. Ensure that you are qualified for
any project on which you work or propose to work by an appropriate combination
of education, training, and experience.
• Never knowingly use software or a process that is obtained or retained either
illegally or unethically.
• Not engage in deceptive financial practices such as bribery, double billing, or other
improper financial practices.
• Use the property of a client or employer only in ways properly authorized and with
the owner’s knowledge and consent.
 • Ensure good management for any project you lead, including effective procedures
for promotion of quality and full disclosure of risk.
• Always ensure ethical conduct and professional care on all professional
assignments without prejudice.
• Not associate with malicious hackers nor engage in any malicious activities.
• Ensure all penetration testing activities are authorized and within legal limits.
• Not take part in any black-hat activity or be associated with any black-hat
community that serves to endanger networks.
• Not be in violation of any law of the land or have any previous conviction.

Question 07. In your own words, define the following Penetration Testing terminologies:
a. Vulnerability: This is a flaw in a system that can be exploited and used to get access
to a place.
b. Exploit: This is a specific method of compromising a system's security.
c. Zero-day exploit: This term refers to a threat or vulnerability that has yet to be
addressed by developers.
d. Hack value: This word refers to a target that is likely to attract more than average
attention from an attacker. Because of what it may contain, and possibly because it is
appealing, this target has added value to an attacker.
e. Target of Evaluation: A system or resource that is being analysed for vulnerabilities is
referred to as a target of evaluation (TOE).

Question 08. Differentiate between Black Box, White Box and Grey Box pen-testing
techniques.
ANS: The differentiate between Black Box, White Box and Grey Box pent-testing
techniques are:
White Box Black Box Grey Box
1. Structural testing, clear 1. Functional testing, data- 1. Because the tester has
box testing, code-based driven testing, and closed insufficient coding skills,
testing, and transparent box testing are all terms grey box testing is also
testing are all terms used used to describe black box known as transparent
to describe white box testing. testing.
testing.
 2. It's ideal for algorithm
testing and comes highly
recommended.
3. Only the tester and the
developer are allowed to
participate in testing; the
end user is not permitted.
4. Among all the testing
processes, the overall
testing process takes the
most time.
2. It isn't considered when
testing algorithms.
3. Testing might involve
the tester, the developer,
and the final user.
4. Among all the testing
steps, it takes the least
amount of time.
2. It isn't considered when
testing algorithms.
3. Testing might involve
the tester, the developer,
and the final user.
4. It takes less time than
White Box testing.

Question 09. Serially list out and provide small descriptions to the seven steps of pen-
testing/hacking methodology.
ANS: The list to the seven steps of pen-testing/hacking methodology are:
• Foot Printing: Foot printing is an ethical hacking approach that collects as much
information as possible about a targeted computer system, infrastructure, and
networks to find ways to break into them.
• Scanning: Scanning is a logical extension (and overlap) of appear to move those
aids attackers in identifying specific flaws.
• Enumeration: Enumeration is an element of the information collection step of
ethical hacking. It's a technique in which the attacker establishes a live
connection with the target and searches for as many factors as possible that
could be used to carry out the assault.
• System Hacking: To find a target's weaknesses, this step employs web
application assaults such as cross-site scripting, SQL injection, and backdoors.
To understand the damage that these vulnerabilities might inflict, testers try to
exploit them by increasing privileges, stealing data, intercepting traffic, and so on.
• Escalation of Privilege: The purpose of this stage is to assess if the vulnerability
can be exploited to establish a long-term presence in the compromised system,
allowing a malicious user to get in-depth access.
• Covering Tracks: Its purpose is to remove any digital signals that the pen tester
may have missed during the initial stages of the exam. The presence of the pen
tester in the targeted computer system is demonstrated by these digital
indicators.
• Planting Backdoors: A backdoor is a means to get unauthorised access to
important and sensitive information from a system. By gaining remote access to
a machine, by planting backdoor we can use it retrieve our data form hackers.

Question 10. Why is requirement analysis an important step of penetration testing

process?
ANS: When a verification of possible vulnerabilities is required, this step must be
completed. Before performing essential clean-up processes on systems with extremely
high integrity requirements, the possibility for vulnerability and danger must be carefully
assessed.
Question 11. Proxy operates on which layer of the OSI internetworking model?
ANS: Proxy operates on the transport layer (layer 4) or above of the OSI
internetworking model.
Question 12. What layer of the OSI model is a device, which is using MAC addresses to
funnel traffic working in?
ANS: A network device that uses MAC addresses for directing traffic resides on layer
2 of the OSI model.
Question 13. SSL uses which port to secure web traffic that is inbound and outbound?
ANS: Before data transfer, Port 443 encrypts network data packets. The SSL protocol
employs security over port 443. (Secure socket layer).
Question 14. A single switch port has what type of domain residing on it?
ANS: Each port on a switch represents a collision domain.
Question 15. Token based access methodology is used in which network topology?
ANS: Ring Topology is used to token based access methodology.
Question 16. Hubs operate at which layer of the OSI model?
ANS: Hubs operate at layer 1 of the OSI model.
Question 17. In a TCP three-way handshake process, what is the proper sequence?
ANS: In a three-way handshake process, the proper sequence is:
SYN, SYN-ACK, ACK.
Question 18. Port 24 seems to be open which is verified using a network scan. What
protocol is this aligned with?
ANS: Port 24 is open, so it doesn’t align.
Question 19. What port range is a third part application most likely to use?
ANS: Ports 49152 to 65535 are known as the dynamic ports and are used by
applications that are neither well known nor registered.
Question 20. Which category of firewall is based on analyzing the packet header
information data?
ANS: Firewalls that filter packets at the Network layer of the OSI networking model.
They evaluate the packet headers, which contain IP addresses and packet options, and
use that information to block or allow traffic over the firewall.
Question 21. Which topology has redundancy because of its many end device
connections?
ANS: Mesh topology provides a connection from each node to every other node on the
network. This provides a fully redundant network and is the most reliable of all networks.
Question 22. What appliance acts as an intermediator between an end client device and
a webserver on a public network?
ANS: Proxy Servers acts as an intermediator between an end client device and a
webserver on a public network.