KGISL Institute of technology

Course Code & Course Name : CCS344 & Ethical Hacking

Year/Sem : III/VI

Unit-III : ENUMERATION AND VULNERABILITY ANALYSIS

Part-A (2 Marks)
1. What is enumeration?
2. Define LDAP enumeration.

3. What are null sessions

4. Define Port Scanning Tools.

5. Define NetBIOS Enumeration.

6. Define vulnerability assessment and its importance in cyber security.
7. Name two categories of vulnerabilities commonly found in desktop and server operating systems
8. Name two common types of vulnerabilities affecting Windows operating systems.
9. Name two common objectives of enumeration during a security assessment.

Part-B (16 Marks)

1. Explain the tools used in NetBIOS enumeration in detail.
2. Describe enumeration. What information can be enumerated by intruders? Explain the different
enumeration techniques

3. What vulnerabilities are found in embedded systems, how do they differ from traditional IT
vulnerabilities? Identify the complete vulnerability assessment procedure in detail.

4. Construct the complete SNMP model in finding suspicious network activities with neat
architecture.
5. Explain the role of NetBIOS in network communication.
6. Name two methods used for enumerating information from SNMP, LDAP, NTP, SMTP, and DNS
services.

Unit-IV: SYSTEM HACKING

Part-A (2 Marks)
1. List four wireless devices used by people in their day to day life.
2. What are ActiveX Data objects?
3. Describe access points and service set identifiers of wireless network.
4. Define wardriving and list the hardware and software components used in it.
5. Name any four common vulnerabilities that attackers exploit in web servers
6. Provide two examples of tools used by web attackers for reconnaissance.
7. List the essential components of a wireless network infrastructure.
8. What is wardriving? (16)
9. Name two types of attacks commonly performed against wireless networks.
10. Provide two examples of tools commonly used by attackers for wireless network penetration
testing.

Part-B (16 Marks)

1. Explain about the tools adopted by web hackers for system hacking and write the measures carried out by
security testers to identify the same.
2. Enumerate OWASP Top ten web application vulnerabilities and describe which among them plays crucial
role in disrupting regular business activities.
3. Evaluate the impact of common web application vulnerabilities such as SQL injection, cross-site scripting (XSS),
and remote code execution. Discuss effective techniques for identifying and remediating these vulnerabilities in
web applications.
4. Compare and contrast the tools used by attackers and security testers during web application assessments. Discuss
the features and functionalities of tools such as Burp Suite, OWASP ZAP, and Nikto, and their roles in identifying
and exploiting vulnerabilities.
5. Discuss the techniques commonly used by attackers to exploit vulnerabilities in web servers. Include examples of
prominent attacks and their impact.

Unit-V: NETWORK PROTECTION

SYSTEMS Part-A (2 Marks)
1. Classify the main hardware components of router.

2. List the criteria used by extended IP access lists to restrict incoming/outgoing IP traffic at router’s
interface.

3. Difference between network based and host based intrusion detection systems.

4. Define honeypots and its usage.

5. Define network-based and host-based IDS/IPS.

6. What is web filtering and why is it important for network security?
7. What is a Security Incident Response Team (SIRT)?
8. What are the key features of Cisco ASA firewall?
9. Name some popular configuration and risk analysis tools used for firewalls and routers.
10. How do configuration and risk analysis tools help in identifying security vulnerabilities?

Part-B (16 Marks)

1.
i) Discuss with a neat diagram the procedure of setting up a demilitarized zone(DMZ) with two firewalls
ii) Explain the technologies used by firewalls to reduce attacks in a network.
2.
Summarize the host based and network based intrusion detection system and intrusion prevention systems.
3.
Differentiate between signature-based and anomaly-based detection methods in IDS/IPS.
4.
Analyze the concept of honeypots as deceptive security mechanisms designed to lure attackers. Discuss the
different types of honeypots, including low-interaction and high-interaction honeypots, and their respective use
cases
5.
Define the role and responsibilities of Security Incident Response Teams (SIRT) in cyber security incident
management
6.
Compare and contrast Network-Based Intrusion Detection Systems (NIDS) and Host-Based Intrusion Detection
Systems (HIDS) in terms of architecture, deployment, and capabilities.

Course Faculty HoD