Ethical Hacking SET 1 Answer Key

Part A (5 X 2 = 10 Marks)

1. Define malware and its importance in cyber attacks.

o Malware: Malicious software designed to harm or exploit devices, services, or networks.

o Importance: Used to gain unauthorized access, steal data, disrupt operations, and can
be part of larger cyberattacks like ransomware or spyware.

2. Identify the main components of the TCP/IP transport layer.

o Main Components: Transmission Control Protocol (TCP) and User Datagram Protocol
(UDP).

o Functions: TCP provides reliable, connection-oriented communication, while UDP is

connectionless and faster for applications that can handle some loss.

3. Summarize the concept of competitive intelligence in footprinting.

o Competitive Intelligence: Gathering publicly available information on competitors to

understand their strengths, weaknesses, and market positioning.

o In footprinting: Involves collecting details on target systems for a strategic advantage in

cybersecurity contexts.

4. What is network scanning?

o Definition: The process of identifying active hosts, IP addresses, open ports, and services
within a network.

o Purpose: To assess network vulnerabilities, identify potential targets, and prepare for
further analysis or attacks.

5. State the purpose of DNS enumeration in cybersecurity.

o Purpose: To gather information on domain names, IP addresses, and servers in a target's

network.

o Importance: Helps attackers find subdomains, email servers, and zone transfers,
providing insight into a network's infrastructure.

Part B (2 X 16 = 32 Marks)

6. Examine the legal framework surrounding ethical hacking in various regions.

o U.S. Legal Framework:

  Computer Fraud and Abuse Act (CFAA): Defines unauthorized access and
provides penalties for cyber offenses.

 Digital Millennium Copyright Act (DMCA): Protects intellectual property and

regulates access to copyrighted materials.

o European Union (EU):

 General Data Protection Regulation (GDPR): Governs data protection and

privacy, impacting ethical hacking regarding consent and data handling.

 Network and Information Security (NIS) Directive: Establishes security

requirements for digital service providers.

o India:

 Information Technology Act (2000): Covers cybercrimes, data protection, and

hacking activities; amended to address new cyber threats.

 CERT-In: India's national agency for responding to cyber incidents.

o Ethics and Compliance:

 Importance of obtaining explicit permission from clients to avoid legal

repercussions.

 ISO/IEC 27001 and 27002: Provide international standards for information

security, guiding ethical hackers.

o Global Ethical Hacking Certifications:

 Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP)

– certifications that emphasize legality and ethical guidelines.

o Challenges:

 Differences in laws across jurisdictions make compliance complex for cross-

border operations.

OR

7. Illustrate how network and computer attacks are performed with relevant examples.

o Network Attacks:

 Distributed Denial of Service (DDoS): Overloads a server with traffic, causing

downtime; example: Mirai botnet attack on Dyn in 2016.

 Man-in-the-Middle (MitM): Interception of communication between two

parties; example: Using ARP spoofing to intercept data in a LAN.

o Computer Attacks:
  Phishing: Social engineering tactic where attackers trick users into revealing
sensitive information; example: Credential harvesting through fake login pages.

 SQL Injection: Attack on database-driven websites, injecting malicious code into

SQL queries; example: Exposing sensitive user data by manipulating login forms.

o Advanced Persistent Threats (APTs):

 Definition: Prolonged, targeted attacks to steal sensitive information; example:

Stuxnet targeting Iranian nuclear facilities.

o Impact and Consequences:

 Data Breaches: Exposure of sensitive information leading to financial and

reputational damage.

 Service Disruption: Loss of business continuity due to system unavailability.

 Example Tools: Nmap for scanning, Metasploit for exploiting vulnerabilities, and
Wireshark for packet analysis.

8. Assess the influence of social engineering in footprinting.

o Types of Social Engineering:

 Phishing: Trick users via emails to click on malicious links.

 Pretexting: Using a fabricated scenario to extract information from a target, e.g.,

impersonating a tech support agent.

 Tailgating: Gaining physical access by following someone into a restricted area.

o Psychological Manipulation:

 Fear and Authority: Attackers pretend to be authority figures to lower

resistance.

 Trust and Curiosity: Victims are often manipulated through personalized

messages.

o Impact on Footprinting:

 Information Gathering: Social engineering allows attackers to gather details

without technical intrusions.

 Insider Threats: Employees can unintentionally reveal sensitive information.

o Preventive Measures:

 User Awareness Training: Educating employees to recognize social engineering

tactics.

 Security Policies: Enforcing strict access controls and multi-factor

authentication.
OR

9. Explore the different scanning techniques that can bypass IDS and Firewalls.

o Stealth Scanning Techniques:

 FIN, NULL, and XMAS Scans: Exploit TCP protocol characteristics to evade
detection.

 Fragmented Packet Scanning: Splits packet headers to confuse IDS systems.

o Advanced Techniques:

 Decoy Scanning: Uses multiple IP addresses to hide the true source of scanning.

 Idle Scanning: Leverages third-party machines as proxies to avoid direct

exposure.

o Firewall Evasion:

 Spoofed Source IPs: Makes it difficult for firewalls to filter out malicious traffic.

 Port Knocking: Sends packets to predetermined ports to signal the opening of

specific ports.

o Tools:

 Nmap: Supports various scanning techniques including decoy, idle, and

fragmented scanning.

 Hping: Custom packet crafting for advanced scanning and testing firewall rules.

10. Analyze how attackers exploit SNMP enumeration techniques.

o SNMP Basics:

 Simple Network Management Protocol (SNMP): Used for network monitoring;

communicates through "community strings."

o Common Exploitation Techniques:

 Default Community Strings: Attackers exploit weak community strings like

"public" and "private."

 System Information Retrieval: Allows access to device details, running

processes, and system configuration.

 Device Configuration Manipulation: Attackers may change settings, creating

backdoors.

o Impact:

 Network Mapping: SNMP data helps attackers create a detailed map of network
devices.
  Data Exfiltration and Network Control: Can lead to unauthorized control over
network resources.

o Preventive Measures:

 Change Default Community Strings: Use strong, unique strings.

 Limit SNMP Access: Restrict SNMP to essential devices and trusted IP addresses.

o Tools Used:

 SolarWinds, Nmap, and SNMPwalk: These tools help exploit SNMP for
enumeration.

OR

11. Investigate the methods of LDAP and DNS enumeration and their consequences on network
security.

o LDAP Enumeration:

 LDAP Basics: Directory access protocol used for storing and retrieving
information, often user-related.

 Attack Techniques: Query for user accounts, system roles, and network structure
using LDAP queries.

o DNS Enumeration:

 DNS Basics: Manages domain name translations to IP addresses.

 Attack Techniques: Zone transfers reveal internal network details, subdomains,

and services.

o Consequences on Network Security:

 Exposure of Sensitive Information: LDAP and DNS data can help attackers target
specific systems.

 Entry Points for Further Exploitation: Knowing internal structure aids in

designing targeted attacks.

o Mitigation Strategies:

 Disable Anonymous LDAP Binds: Restrict access to authorized users only.

 Limit Zone Transfers in DNS: Configure DNS servers to allow zone transfers only
to trusted servers.

o Tools:

 Nslookup, Dig (for DNS) and LDAPsearch: Common tools for LDAP and DNS
enumeration.