TOPIC 6

1. You are the IT manager of a company that provides laptop PCs to its sales
employees. You are concerned about the security implications. This is because
the sales staff can store sensitive data on their laptop PCs and then use them for
email. Identify TWO (2) risks to data on a laptop PC and briefly explain how each
risk can compromise the confidentiality, integrity or availability of the data.

 Malware can get and send information about a company's private

data, contacts, and more.
 Can change data on a PC.
 stealing or carelessness can make it hard for the PC to be available
and to keep its data safe.
 Weakness in the OS or an app

2. You decide to address these security issues. State THREE (3) methods that you
can use to secure data on the PC and explain how each of your measures can
reduce the risk of a security breach.

 Anti-malware software should be installed on the computer. Make

sure it is always up to date and set a time for it to run scans.
 Using Bit locker, which encrypts the volume with AES, you can keep
your data safe even if your PC is stolen.
 Use file encryption or file passwords to reduce the risk that
confidentiality or integrity will be lost.
 Make sure that Windows and other programs get automatic updates
so that they can fix problems when they're fixed.
3. Explain what is meant by vulnerability in the context of network security and
provide THREE (3) examples of vulnerabilities in a network.

Vulnerability is defined by ISO27000 as a weakness in an asset or control

that can be exploited by one or more threats.
 Ports that should not be open.
 Sensitive traffic that isn't safe.
 Network architecture that is not safe
 Using too many passwords.
 Lack of back-ups.
 Password tables that aren't safe.

4. Explain what is meant by the term password audit and briefly discuss why it is
important.

An organization frequently attempts to break users' passwords using

dictionary attack techniques. Passwords remain the most commonly used
authentication mechanism, and users frequently use weak passwords.

5. Explain what is meant by the term port scan and describe its role in a
vulnerability assessment and how the results should be used.

 A port scan or port scanner connects to all 65536 ports on a server

in order to identify if any services are listening on them.
 A port scan is used to analyze network computers for possible
vulnerabilities or exploits. Open ports can be used by attackers to
exploit known vulnerabilities in apps that make use of them.
 Ports that are not in use should always be closed.
6. State if the following are vulnerabilities of a system. You should provide ONE (1)
reason to support your answer.

 A hacker attempting a brute force attack to login to a system

No – it is an attack.

 An unencrypted password files

Yes, it is vulnerable to exfiltration

 A requirement for passwords to be at least 15 characters long, containing

upper- and lower-case characters and non-alphabetic characters.

No – it is a policy – a control.

7. Vulnerability assessments are connected with system security. Why is it

important to undertake a vulnerability assessment?

It is important to identify vulnerabilities before to attackers using them. A

vulnerability assessment is a search/scan for these vulnerabilities with the
objective of applying a solution or fix to prevent a vulnerability.

8. Penetration Testing aims to locate vulnerabilities in systems. One of the first

activities is to locate open ports. Explain what is meant by the term port and why
an open port can indicate a vulnerability

 Computer connections use TCP or UDP.

 An open port is a TCP or UDP port set to allow packets.
 Leaving a port open allows for a computer connection to be created,
so they should be minimized.

9. Explain how you would detect open ports and provide ONE (1) example of a tool
that can be used.
 A port scan connects to all 65536 ports on a server to see if services
are listening on them.
 You may need to examine what port scanning software enters. nmap
is a popular free tool.
10. A further aspect of penetration testing is to use brute force attacks and dictionary
attacks. State THREE (3) similarities and TWO (2) differences between brute
force attacks and dictionary attacks.
Similarities:
 Passwords can be obtained using any method.
 Neither a dictionary attack nor a brute force attack is seeking for a
weakness or bypass; they are guessing attacks.
 Both local and internet attacks are possible.
Differences:
 Brute force tries every combination.
 A dictionary attack is a guessing attack that uses a pre-compiled list.
Rather than attempting every possibility, only try the most likely
ones.
 Faster but can't guarantee a solution.

11. The 3rd Annual Underground Hacker Markets Report (2016) from Dell shows
that ‘Hacking as a Service’ is now a major industry, with underground forums
offering hacked social media accounts for around US$60-100, Credit cards for
US$ 7-50 and DDoS attack for US$5 per hour, including a free 5–10-minute trial.

Spell out the term DDoS

Distributed Denial of Service.

12. Explain how a DDoS attack occurs and briefly discuss its impact.

 A server/website is overloaded.
 Because of this, the machine becomes overworked.
 Sent from a network of PCs that have been infected.
 Denying access to valid service users.

13. Verizon suggest that one important way of dealing with DDoS is to “Have a solid
understanding of your DDoS mitigation service-level agreements”. Explain what
is meant by a “DDos mitigation service level agreement?”

 With a third party, there was a deal.

 If you have an ISP, that's most likely the case.
 Which can detect and stop DDoS attacks.
14. Define the term vulnerability in the context of network security
  Defining vulnerability as a weakness in an asset or control is part of
the SO27000 standard.
 It is vulnerable to attack from multiple directions.

15. Provide FOUR (4) examples of vulnerabilities in a network.

 Ports that should not be open.
 Sensitive data is at risk because the system isn't properly protected.
 Architecture of the network that is not secure.
 Poor password security.
 Password lists that aren't encrypted.

16. Explain what is meant by the term port scan.

A port scan or port scanner connects to all ports on a server in order to

identify whether any services are listening on those ports.

17. What is the role of a port scan in a vulnerability assessment? Explain how the
results of a port scan should be used.

 A port scan looks for security flaws or exploits on network systems.

 Unused ports should always be closed.
 It is possible for hackers to use open ports as a way to exploit
known vulnerabilities in applications that use the ports.

18. Penetration Testing aims to locate vulnerabilities in systems. One of the first
activities is to locate open ports. Explain what is meant by the term port and why
an open port can indicate a vulnerability.

 Computer connections use TCP or UDP.

 An open port is a TCP or UDP port configured to allow packets.
 As a result, a closed port is one that rejects or ignores any packets
sent to it.
 Because an open port permits communication with the computer,
they should be minimized.
19. A security vulnerability is a flaw or a weakness in a system or network that allows
an attack to harm the system or network in some way. State THREE (3) ways a
system or network can be attacked or harmed.

 Unauthorized access to the system or network

 Impacting the system or network's performance.
 Damaging data held by a system or network.

20. There are many ways in which a system or network can be vulnerable. State the
FIVE (5) elements that can cause a vulnerability.

 Software -Flaws in new software that hasn't been properly tested

before it's put into use.
 Hardware-Dusty hardware
 Organization procedures- Poor password policy, no audits.
 Personnel – poor training.
 Physical environment – no access limitations.

21. State TWO (2) tools that can be used by a system administrator to test for
vulnerabilities

 Penetration testing
 Vulnerability scanners.

22. Port scanners are used to report the status of ports. There are three possible
statuses. State TWO (2) tools that can be used by a system administrator to test
for vulnerabilities.
 Nmap
 Zenmap

23. A penetration test mimics the actions of a malicious attack on a network. The aim
is to discover the vulnerabilities that exist and that could be discovered by an
attacker. State the FOUR (4) pieces of information penetration testing can
provide.

 Threats to the system.

 Effectiveness of defensive actions.
 Possible consequences of a successful attack.
 Boost and improve security in areas that need it.
24. All networks will contain vulnerabilities. Therefore, managing these vulnerabilities
and the risks associated with them is a key task of network management. State
the FOUR (4) tasks involved in managing vulnerabilities.

 Vulnerabilities are given top priority.

 Fixing vulnerabilities.
 Reducing the impact of possible breeches.
 Monitoring for new or unknown vulnerabilities.

25. Networks are vulnerable to many threats. Unauthorized access is the biggest
threat. Explain THREE (3) common causes of unauthorized access.

 Software flaws.
 Hardware failure.
 Organization procedures.
 Poor staff training.
 No access controls.

26. Operating systems such as Windows, IOS and Linux are commonly used in most
industries and businesses. State TWO (2) reasons why using a common
operating system may make your network vulnerable.

 Attackers will know how to get into your computer.

 If users leave the default settings, their computer could be open to
attack.
 The network administrator does not apply appropriate permissions.

27. As part of vulnerability prevention port scanning can be carried out to ensure that
ports are not left open, and therefore vulnerable to attack. There are many types
of port scanning. Most use TCP, however, UDP (User Datagram Protocol) Scans
are also used. Explain how a UDP Scan is carried out.

A UDP packet is sent to the target port. If it receives a ICMP port

unreachable’ message the port is closed. If not, message is
received it is assumed that the port is open.
28. Explain what is meant by the term Penetration testing.

A penetration test looks like an attack on a network. The goal is to find out
what weaknesses there are and how an attacker could find them.

29. Identify FOUR (4) pieces of information produced by a penetration test.

 Systematic threats.
 The effectiveness of the defensive systems in place.
 Consequences of successful attacks.
 Upgrade in security-related areas.

30. Briefly explain FOUR (4) types of vulnerability scanners used in penetration
testing.
 Ports.
 Networks.
 Databases.
 Web application.
 Individual computers.