SI110 Homework Alpha: ________ Name: ______________ Page 1 of 2
Collaboration Policy: Default
MIDN Last, F.
choose one: □ None □ XS110 □ EI with:
(or more)
□ MGSP
□ Discussed with: ________________
Homework:
/SI110/Cyber Operations/Cyber Attack Lab
Note: You did not perform all attacks personally, but you are nonetheless expected to be familiar
with the attacks, tools, and vulnerabilities. Consult team members and the lab notes as needed to
answer these questions.
1. [ 35 / 25 / 15 / 0 ] In the Cyber Attack Lab, write the best choice for the tool or command from
the choices in the table below (not all will be used, only one per line) that was used to:
nslookup
ssh
netcat
ping
RSA
netstat
Tools / Commands / Technology
cat
adduser
metasploit
hashdump
loic
AES with MD5
nmap
rdesktop
ifconfig
John-the-Ripper
type
HTML/JavaScript
Action or Goal
Tool / Command /
Technology Used
A. View the token found in email
B. View the token file stored on the DNS server
C. View the token on the target index.html page
D. Inject code into the <FORM> on the target web page
E. Remotely logon (i.e., not using an exploit) to a target
Windows host (web server, workstation)
F. Crack password hashes for user and Administrator/root
accounts
G. Exploit the Workstation’s web, SMB, or RPC server allowing
remote code execution
H. Remotely logon to a target UNIX host (DNS)
I. Launch a DDOS attack on the DNS server
2. [ 10 / 8 / 5 / 0 ] What Pillar of Cyber Security was violated when your team read the target’s
emails?
3. [ 5 / 2 / 0 ] What Pillar of Cyber Security was violated when your team used an exploit to get a
meterpreter shell on the Workstation without entering credentials?
SI110 Homework
Alpha: ________
Name: __________________Page 2 of 2
4. [ 5 / 2 / 0 ] When you attacked the Workstation’s vulnerable web, SMB, or RPC server was
that a remote exploit or a local exploit?
5. [ 5 / 2 / 0 ] What Pillar of Cyber Security was violated when you found a token (ASCII art)?
6. [ 5 / 2 / 0 ] What Pillar of Cyber Security was violated during the DDoS attack?
7. [ 5 / 2 / 0 ] When your team escalated privileges on the DNS server, was that a remote exploit
or a local exploit?
8. [ 15 / 10 / 5 / 0 ] As we saw in the Cyber Attack Lab, although hashing was used to store user
passwords for the hosts you attacked, your team was still able to crack passwords because the
passwords were not complex or long. List at least two other tools or methods that you learned
about in the Cyber Security Tools portion of the course that could be used to prevent some of the
successful attacks on your team’s network? List or briefly explain what attacks could be stopped.
Cyber Security Tool
Cyber Attack(s) that Could be Stopped
Example: Stronger
ssh, remote desktop infiltration (online attacks of password
passwords
guessing)
9. [ 5 / 2 / 0 ] What is the best choice for the type of validation client side or server side (circle
one) validation that your team should use to protect the index.html page message board feature
from injection attacks? Explain why that type of validation is the best choice; use complete
sentences, spelling and grammar count.
[ 10 / 8 / 5 / 0 ]