JECRC University, Jaipur

School of Computer Applications

MCA-III Sem
Course Name: Information Security and Hacking
Course Code: MCA314B
Assignment III
Course Objectives

CO3: Identify the different network and perimeter attacks and understand the concept of
network security.

SECTION A (2 × 5 = 10 Marks)

Answer the following questions. Each question carries 2 marks.

1. List the different techniques used for password hacking.

2. What is the purpose of gaining access in system hacking?
3. What is password cracking, and why is it used in system hacking?
4. why might a hacker clear system logs after gaining unauthorized access?
5. What is file hiding in the context of system hacking, and why do hackers use this technique?

SECTION B (7 × 3 = 21 Marks)

Answer the following questions. Each question has two parts and carries 7 marks.

1. Explain how botnets are used in Distributed Denial of Service (DDoS) attacks. What
challenges do organizations face in defending against such attacks?

2. Explain Vulnerability Exploitation and provide examples of tools used for it.
3. Discuss the concepts of log analysis and log clearing in detail.

SECTION C (11 × 3 = 33 Marks)

Answer the following questions. Each question has two parts and carries 11 marks.

1. Define SQL injection and outline a basic method for carrying out this attack. What are some
security measures that can prevent SQL injection vulnerabilities in web applications?
2. A system administrator notices suspicious activity on their server. Describe how they could
use password-cracking tools to test the security of their systems. What measures could they
implement to mitigate the risks associated with weak passwords?
3. Explain the process and purpose of privilege escalation in system hacking. Evaluate different
privilege escalation techniques an attacker might use in a Windows environment. Discuss
how an organization can assess and mitigate these techniques to strengthen its security
posture.