1. a) What information can be collected using footprinting?

Also, explain
types and steps required to perform footprinting.

Answer:

●​ Information Collected Through Footprinting:

1.​ Domain names: Company-related domain details.
2.​ IP addresses: Identifying active IP ranges.
3.​ Network structure: Network architecture and devices.
4.​ Employee details: Information from LinkedIn, social platforms.
5.​ Open ports and services: For attack planning.
6.​ DNS details: Zones, server addresses.
7.​ System information: OS and version details.
8.​ Security configurations: Firewalls and policies.
●​ Types of Footprinting:
1.​ Active Footprinting: Interacting directly with the target (e.g., using ping,
traceroute).
2.​ Passive Footprinting: Collecting information indirectly (e.g., Google searches,
WHOIS lookup).
●​ Steps for Footprinting:
1.​ Gather domain information: Use WHOIS and DNS lookups.
2.​ Collect network details: Perform traceroutes and ping sweeps.
3.​ Identify open ports: Use tools like Nmap.
4.​ Research employees: Use LinkedIn, social media.
5.​ Analyze web presence: Explore subdomains, directories.
6.​ Document findings: Summarize all collected data.

1. b) Explain Security Architecture in Detail.

Answer:

●​ Definition: Security architecture is a framework for ensuring the security of an

organization’s IT infrastructure, addressing risks and vulnerabilities.
●​ Components:
1.​ Authentication: Validating user identities.
2.​ Authorization: Ensuring access control based on roles.
3.​ Encryption: Protecting data through cryptography.
4.​ Firewalls: Monitoring and controlling network traffic.
5.​ Intrusion Detection/Prevention Systems (IDS/IPS): Identifying and stopping
threats.
6.​ Incident Management: Processes to respond to security incidents.
●​ Steps to Build Security Architecture:
 1.​ Define security requirements.
2.​ Identify risks and vulnerabilities.
3.​ Design controls and policies.
4.​ Implement security measures.
5.​ Monitor and update systems.

2. a) What is Malware? What are the Different Types of Malware (any 6)?

Answer:

●​ Definition: Malware (malicious software) is a program designed to harm, disrupt, or

exploit systems.
●​ Types:
1.​ Virus: Self-replicates and infects files.
2.​ Worm: Spreads across networks without user action.
3.​ Trojan Horse: Disguised as legitimate software.
4.​ Spyware: Collects user data secretly.
5.​ Ransomware: Encrypts files, demanding a ransom.
6.​ Adware: Displays intrusive ads.
7.​ Rootkits: Grants unauthorized access to systems.

2. b) Explain Packet Sniffing Process, Types, and Advantages of

Performing Packet Sniffing.

Answer:

●​ Definition: Packet sniffing involves capturing and analyzing network traffic.

●​ Process:
1.​ Identify the network to monitor.
2.​ Use tools like Wireshark or Tcpdump.
3.​ Capture packets and analyze headers/data.
●​ Types of Packet Sniffing:
1.​ Promiscuous Mode: Captures all packets on a network.
2.​ Non-Promiscuous Mode: Captures packets only meant for the host device.
●​ Advantages:
1.​ Troubleshooting: Identifies network issues.
2.​ Monitoring: Ensures security by detecting suspicious activity.
3.​ Performance Analysis: Optimizes network performance.
4.​ Education: Aids in understanding network protocols.
1.​