DOWNLOAD
QUESTION 1
• Discuss the role of security and penetration testers by defining concepts such as hacker, cracker, ethical hacker, and script kiddies. Include in your discussion the classifications of ethical hackers and do you think that hacking can be an ethical occupation?
• There have been several major cyber-attacks in the United States in the past few years. Choose one attack and explain two countermeasures that would have helped prevent or deter those attacks. Support your answer with references.
QUESTION 2
• Explain what a Null Session is and how it can be exploited. Also, include in your answer countermeasures for preventing null session’s vulnerabilities. What operating systems does this attack work on? When was the null session disabled by default by Microsoft?
• Describe the various password cracking techniques and at least one tool that can be used for each technique (some tools can be used for all techniques). Also include countermeasures for password cracking in the discussion.
QUESTION C
• Describe different types of session hijacking. Also research session hijacking on internet and see if you can find a case where session hijacking was successfully used to perform an attack against a system. Include references in your answer.
• In your own words why do you think session hijacking is still a valid attack? What makes session hijacking possible and what technical control or controls would you put in place to prevent session hijacking from being successful? What would you implement to stop session hijacking?
QUESTION D
• Describe and discuss three of the Web Application Threats discussed in the text book. Use the internet to research one the threats find a case that one these attacks was successfully used to attack a system. Give details about the attack. Included reference links.
• Discuss and explain how to hack the most common Web browser. Also include methods for securing Web browsers. Include at least two different Web browsers in your discussion.
Комментариев нет:
Отправить комментарий