AMAN CYBERSECURITY
AMAN CYBERSECURITY
AMAN CYBERSECURITY
2 mks
Q.1. Explain any four Network Protocols and their Vulnerabilities.
Ans. Address Resolution Protocol (ARP): ARP is used to map IP addresses to MAC
addresses, enabling communication within a local network.
Vulnerability: ARP spoofing, where an attacker sends fake ARP messages to link their MAC
address with a legitimate IP address, enabling interception or modification of data.
Domain Name System (DNS): DNS translates human-readable domain names (like
www.example.com) into IP addresses that computers use to identify each other on the
network.
Vulnerability: DNS cache poisoning, where an attacker inserts false data into a DNS
resolver’s cache, redirecting users to malicious websites.
File Transfer Protocol (FTP): FTP is used to transfer files between a client and a server over a
network.
Vulnerability: FTP transmits data in plain text, making it susceptible to unauthorized access.
Hypertext Transfer Protocol Secure (HTTPS): HTTPS is used for secure communication over
a computer network, ensuring data integrity and confidentiality.
Vulnerability: HTTPS can be vulnerable to attacks like DROWN, which exploit weaknesses in
SSLv2 to decrypt traffic.
Improved Visibility and Control: NGFWs give detailed insight into network traffic,
allowing administrators to set up rules based on who the user is, what application they are
using, and the content involved.
Context-Aware Security: NGFWs can analyze network traffic by considering user identity,
location, and device type, which helps make better security decisions.
Integration with Other Security Tools: NGFWs can work alongside other security tools
like intrusion detection systems (IDS) and security information and event management
(SIEM) systems to enhance overall security.
Flexibility and Scalability: NGFWs can be used in different settings, including on-site,
cloud-based, or hybrid environments, and can be scaled up to handle the needs of growing
businesses.
Disadvantages:
• Reconnaissance is the initial phase in penetration testing where the tester gathers as
much information as possible about the target system.
• This can include details about network topology, operating systems, applications,
and user accounts.
• The goal is to collect data that will help in planning an effective attack strategy.
Reconnaissance can be either passive (using publicly available information) or active
(directly interacting with the target system) 1.
• This phase is crucial as it lays the groundwork for the subsequent steps by providing
a comprehensive understanding of the target environment.
Scanning:
Vulnerability Assessment:
• In the vulnerability assessment phase, the tester uses the data gathered during
reconnaissance and scanning to identify potential vulnerabilities.
• This involves a detailed analysis of the target system to determine if the identified
vulnerabilities can be exploited.
• The assessment can be done using automated tools and manual techniques to
ensure a thorough evaluation.
• The goal is to prioritize vulnerabilities based on their severity and the potential
impact on the system 1.
• This phase is critical as it helps in understanding the risk associated with each
vulnerability and in planning mitigation strategies.