Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks
Uploaded by cookie

Quiz 2

advertisement 
My Sites

My Library
IT Support
Support Services
Mahara

 Jameela Farveen Mohamedansari
CSCI369 (SP323) Ethical Hacking
Dashboard / Subject / CSCI369_SP323 / Sections / Quiz / CSCI369-T10 (Fri, 11 August 2023 08:30-11:30) Quiz 2 [Week 5]
Started on Friday, 11 August 2023, 10:33 AM
State Finished
Completed on Friday, 11 August 2023, 10:38 AM
Time taken 5 mins 26 secs
Grade 8.00 out of 10.00 (80%)
Question 1
q2-1v1
What is the difference between the possible outcomes of SYN scan and those of FIN Scan? (1 mark)
Complete
Mark 1.00 out
of 1.00
a. SYN scan: open or closed. FIN scan: (open or filtered) or closed
Flag
question
b. SYN scan: closed. FIN scan: used
c. SYN scan: used. FIN scan: closed
d. SYN scan: unknown. FIN scan: filtered or closed
Question 2
q2-2v1
What is the nmap command used to perform Xmas scan on the target IP = 10.0.2.7? (1 mark)
Complete
Mark 0.00 out
of 1.00
a. nmap –sS 10.0.2.7
Flag
question
b. nmap –sX 10.0.2.6
c. nmap –sF 10.0.2.7
d. nmap –sX 10.0.2.7
Question 3
q2-3v1
What is the information entropy H of a binary password of length 12? (1 mark)
Complete
Mark 1.00 out
of 1.00
a. 3
Flag
question
b. 6
c. 1
d. 12
Question 4
q2-4v1
What is a problem (disadvantage) of having a static ARP table to prevent ARP poisoning? (1 mark)
Complete
Mark 0.00 out
of 1.00
a. Static ARP tables provide real-time protection against all types of network attacks.
Flag
question
b. Static ARP tables can only prevent ARP poisoning attacks on one specific network, but not on others.
c. Static ARP tables make it easier for devices to communicate across different networks.
d. Static ARP table does not scale well.
Question 5
q2-5v1
What is common between the SSL strip attack and the ARP poisoning attack? (1 mark)
Complete
Mark 1.00 out
of 1.00
a. Both attacks exploit vulnerabilities in the web browser's cache to gain control of the victim's computer.
Flag
question
b. Both attacks can only be executed on wired networks, not on wireless networks.
c. Both are MITM attack.
d. Both SSL strip attack and ARP poisoning attack are used to bypass firewalls and gain unauthorized access to the
network.
Question 6
q2-6v1
How is DNS amplication attack is different from the DNS flood attack in terms of which party (client or server) is attacked? (1
mark)
Complete
Mark 1.00 out
of 1.00
a. In a DNS amplification attack, the client sends a large number of DNS queries to the server, while in a DNS flood attack,
the server sends a large number of DNS responses to the client.
Flag
question
b. In a DNS amplification attack, the server initiates the attack on the client by sending forged DNS response packets,
while in a DNS flood attack, the client initiates the attack on the server by flooding it with DNS queries.
c. In a DNS amplification attack, the client is attacked by overwhelming it with DNS response packets, while in a DNS flood
attack, the server is attacked by sending a large number of DNS queries.
d. In the DNS amplication attack, client is attacked while (DNS) server is attacked in the DNS flood attack.
Question 7
q2-7v1
Assume that the flags in a TCP packet are set in the order of [ cwr | ece | urg | ack | psh | rst | syn | fin ]. Write a Scapy command
to perform "SYN" scan two ports 5000 and 5050 of the destination with IP address, "121.10.3.11". You should use a hexadecimal
flag. (2 marks)
Complete
Mark 2.00 out
of 2.00
Flag
question
a. sr1(IP(dst=“121.10.3.11")/TCP(dport=[5000,5050],flags=0x02))
b. sr1(IP(dst=“121.10.3.11")/TCP(dport=[5000,5005],flags=0x02))
c. sr1(IP(dst=“121.10.3.12")/TCP(dport=[5000,5050],flags=0x02))
d. sr1(IP(dst=“121.10.3.11")/TCP(dport=[5000,5050],flags=0x01))
Question 8
q2-8v1
Assume that you are the admin of a server. Write (a sequence of) Unix commands to allow only the HTTPS service while
blocking all other services through turning on the firewall. (2 marks)
Complete
Mark 2.00 out
of 2.00
Flag
question
a. sudo ufw default ALLOW
sudo ufw enable
sudo ufw allow 443
b. sudo ufw default DENY
sudo ufw enable
sudo ufw allow 80
c. sudo ufw default DENY
sudo ufw enable
sudo ufw allow 443
d. sudo ufw default DENY
sudo ufw enable
sudo ufw allow 445
Finish review
Quiz navigation
1
2
3
4
5
6
7
8
Show one page at a time
Finish review
You are logged in as Jameela Farveen Mohamedansari (Log out)
CSCI369_SP323
University of Wollongong
 
 
 
 
 
 


Related documents
LAP GUEST SURVEY
LAP GUEST SURVEY
Cybersecurity.incident.report.network.traffic.analysis
Cybersecurity.incident.report.network.traffic.analysis
CNT3004: Computer Network Concepts (Spring 2011) Homework 3: Chapter 15,19,20,21,25
CNT3004: Computer Network Concepts (Spring 2011) Homework 3: Chapter 15,19,20,21,25
Download
advertisement