Unit I

1.What do penetration testers do?

a)Fix vulernabilities b)only Identify vulernabilities c) Identify and exploit vulernabilities d)only exploit
vulnerabilities
SOLUTION:
C) Identify and exploit vulernabilities

2. What type of symmetric key algorithm using a streaming cipher to encrypt information?
A. RC4 B. Blowfish C. SHA D. MD5

SOLUTION:
a) RC4 uses streaming ciphers.

3. It is an __________- threat and is an action performed by an activity with the intention to violate security.

a) Unintentional b) active c) passive d)Active and passive

SOLUTION:
a) Unintentional

4.____________ is someone who uses their extensive knowledge of malicious purposes, and steal other data
without the owners knowledge.

a)Hackers b)Crackers c) Phisers d)Threat attackers

SOLUTION:
a)Hackers

5.The distuributed denial of service attack,which brought down hundreds of websites,caused by

a)Internet things of device b)VPNS c) ACLS d)DOS

SOLUTION:
a)Internet things of device

6. Which type of a hacker would be penetration tester be? ? (CO1), (RE), (DL-E), (IL-VI)
a)Black hat b)White hat c) Grey hat d)red hat

SOLUTION:
b) White hat

7. which of the following breaches has the potential for the greatest long lasting effect on customers?
a)Execullus bcbs b)Gmail c)yahoo d)bing
SOLUTION:
a)Execullus bcbs

8. what type of malware locks and encrypts computer?

SOLUTION:
Ramsomeware

9.which of these company breaches affected the most computers?

a)Target b)Myspace c)yahoo d)Linkedln

SOLUTION:
c)yahoo

10.The principles of least privilege applies to?

a)Integrity b)authentitaction c)authorization d)identification

SOLUTION:
c)authorization.
Unit-II

11. Comodo, Symantec, and GoDaddy are all examples of what?

a)Certificate Authorities
b)Symmetric Encryption
c)Digital Certificates
d)Algorithms
SOLUTION:
a)Certificate Authorities

12. What kind of algorithm is RSA?

a)Symmetric
b)Asymmetric
c)Hashing
d)cracking

SOLUTION:

b)Asymmetric

13. Which of the following is true regarding hashing algorithms?

a)Fixed length input, variable length output

b)Fixed length input, fixed length output
c)Variable length input, variable length output
d)Variable length input, fixed length output

SOLUTION:

d)Variable length input, fixed length output

14. When you download a file from the Internet, which of the following might appear next to the hyperlink for
the file?
a)Symmetric Key
b)Asymmetric Key
c)Both Symmetric and Asymmetric Keys
d)Hash

SOLUTION:
d)Hash

15. When plaintext is encrypted, which of the following describes what someone who intercepts the message
can do to the ciphertext?
a)See it
b)Store it
c)Understand it
d) See it and Store it

SOLUTION:
d) See it and Store it

16. A plaintext message, along with a key, are imputed into an algorithm to produce an output in _____________.

SOLUTION:

clpher text

17. Which of these represents a more realistic approach to security?

a)Kerckhoffs's Principle
b)Security through Obscurity
c)security
d)hashing

SOLUTION:
a)Kerckhoffs's Principle

18. Which of these should be kept secret?

a)Algorithm
b)Key
c)Encrypt
d)decrypt

SOLUTION:
b)Key

19. Which encryption method uses two keys?

a)Symmetric
b)Asymmetric
c)Algorithm
d)cracking

SOLUTION:
b)Asymmetric

20. Which of the following represents the most commonly used hashing algorithm today?

a)SHA-256
b)SHA-1
c)MD-5
d)MD-256

SOLUTION:

a)SHA-256
UNIT III

1. IP Addresses are :
a. Physical b. Logical c. 16 bits long d. 48 bits long

2 . Which Boolean operation does a host use to determine its network ID?
a. OR b. XOR c. AND d. NOT

3. If the source determines that the destination is on the same network, which of the following is not involved
in the communication?
a. A router b. A switch c. A MAC address d. An IP address

4. What does ARP do?

a. Resolve an IP address to a MAC address
b. Resolve a MAC address to an IP address

5. ARP Requests are _________.

a. Unicasts b. Broadcasts c. Multicasts d. Narrowcasts

6. When the source determines that the destination is on a different network, it requests a MAC address from:
a. The destination b. Its default gateway
c. Its DNS server d. It does not request a MAC address in this scenario

7. Routers are concerned with getting packets directly to:

a. The next router b. The next switch c. The actual destination

8. The final ARP Request in remote communication comes from:

a. The source as default gateway b. The destination as default gateway
c. The source d. The destination

9. What is removed and re-added each time traffic moves through a router?
a. Frame b. Packet c. IP Addresses

10. MAC addresses are ______.

a. Flat b. Hierarchical c. Routable d. Logical

When you send network communications from your laptop through your employer’s network and then
use it at home:
The IP address is the same.
The MAC address is the same.
Both the MAC and IP addresses are the same.
Both the MAC and IP addresses are the different.
Correct answer
The MAC address is the same.

UNIT IV

1.If an FTP server and a Web server are running on the same machine, how does network communication get
to each of those services?
a. They have different MAC addresses b. They have different IP addresses
c. They have different ports d. They have different logons

2. Common server services use:

a. Well Known Ports b. Ports c. Dynamic Portsd. IP Ports

3. Which of these does not use TCP?

a. Webpages b. FTP c. Simple DNS Queries d. E-mail

4. Which of these does not use UDP?

a. VoIP b. A service that requires flow control c. Live streaming video d. DHCP

5. What field does a switch use to forward a frame?

a. Destination IP address b. Destination MAC address c. Destination Port

6. What field does a switch use to learn where devices are?

a. Destination MAC address
b. Destination Port
c. Source MAC address
d. Source IP address
7. Which of the following devices is not connected directly to a router?
a. Another router b. A switch c. A PC

8. If a switch does not know the destination MAC address, what will the switch do with a frame?
a.Drop it
b. Forward it to the default gateway
c. Flood it
d. Send an ARP
Correct answer
Flood it

9. OSPF, EIGRP, and BGP are all:

a. Switching protocols
b. Routing protocols
c. DNS protocols
d. Port Protocols

10. Which of the following protocols is used for accuracy of data?

a. TCP
b. UDP
c. RTSP
d. VoIP

UNIT - V

1. When a firewall filters traffic, the firewall ____________ the traffic

a)Drops
b)Broadcasts
c)Re-routes
d)Reframes

SOLUTION:

a)Drops

2. Content snooping and censoring, through Deep Packet Inspection, are carried out by which of these?

a)Stateful packet firewall

b)Stateless packet firewall
c)Host-based firewall
d)Application Layer Gateway

SOLUTION:

d)Application Layer Gateway

3. _______________approaches used by an IDS and IPS uses a baseline measurement to help detect malicious
traffic?

SOLUTION:
Anamoly based

4. Dumpster diving is a concept most associated with

a)Firewalls
b)IDS/IPS
c)DPI/DCI
d)Social Engineering

SOLUTION:

Social Engineering

5. Which of these forms of malware can spread by itself across networks?

a)Virus
b)Worm
c)Trojan Horse
d)Backdoor

SOLUTION:
d)Backdoor

6. A weatherbug program that comes with other programs unknown to the user be classified as a:
a.Logic Bomb b. Trojan horse c. RAT d. Rootkite
7. Malware that purposely lets time elapse before executing is a:

a.Logic Bomb b. Trojan horse c. RAT d. Rootkite

8. Bundled software that users might not know about if they don’t read the EULA (End User License
Agreement) is most accurately called a:

a. Rootkit b. Backdoor c. Spyware d. PUP

9. Which of these does not involve email?

a. Phishing b. Pharming c. Whaling d. Spearphishing

10. Which of these activities occurs during all phases of a forensic investigation?

a. Acquisition b. Analysis c. Chain of Custody d. Reporting

SECTION B

UNIT I

DEFINING CYBER SECURITY

1.Cyber ethics are nothing but the code of the internet. When we practice these
cyber ethics there are good chances of us using the internet in a proper and safer
way. write down the following steps.
SOLUTION:
 DO use the Internet to communicate and interact with other people.
Email and instant messaging make it easy to stay in touch with friends and
family members, communicate with work colleagues, and share ideas and
information with people across town or halfway around the world
 Don’t be a bully on the Internet. Do not call people names, lie about
them, send embarrassing pictures of them, or do anything else to try to hurt
them.
 Internet is considered as world’s largest library with information on any
topic in any subject area, so using this information in a correct and legal
way is always essential.
 Do not operate others accounts using their passwords.
 Never try to send any kind of malware to other’s systems and make
them corrupt.
 Never share your personal information to anyone as there is a good
chance of others misusing it and finally you would end up in a trouble.
 When you’re online never pretend to the other person, and never try to
create fake accounts on someone else as it would land you as well as the
other person into trouble.
 Always adhere to copyrighted information and download games or
videos only if they are permissible.

PERSONAL SECURITY

2.The World Wide Web is a fantastic resource, but as with everything, it has its
risks. This guide will give you some hints and tips on staying safe while enjoying this
new online world. Follow these step-by-step instructions to help you stay safe
online.
SOLUTION:
Step 1: Make sure your antivirus software is up to date..
Step 2: Check that the Windows firewall is switched on. your screen should alert
you to any problems.
Click this flag to open the Action Center to check whether everything is working
properly.
Step 3: If you have an earlier version of Windows, a red shield-like icon in the
system tray will appear if the Windows firewall isn’t switched on. Click it to see
options for rectifying the problem.

RISING CYBER SECURITY THREATS

3.How to protect yourself from identity theft.List out some of these tips to help you
to avoid identity theft?

SOLUTION:

 Block unwanted ‘spam‘ email as this should also block most phishing
messages.
 Internet Explorer 8 warns you against known phishing websites via its
SmartScreen Filter. First, check that the filter is switched on.
 Open the Safety menu and place your mouse pointer over SmartScreen Filter
to open a sub-menu.
 If one of the menu options is Turn On SmartScreen Filter, you’ll need to click
that. (You can use the same menu to check a site you’re suspicious of or to
report an unsafe website.)
 Now, if you stumble on one of these phishing websites by mistake, the
address bar will turn red. If this happens, close the window or click Go to my
home page instead.
 Use strong passwords. To find out how, read our guide ‘How to choose a
password’.

 Be careful about the information you give about yourself online – for
example, when using blogs, forums and social networking sites. Identity
thieves may be able to piece together a lot about you just by using public
information.

4. Illustrate some of the steps you can take, and should keep your system safe from
almost all security threats.

SOLUTION:

1. Install or Update Antivirus Software.

2. Secure Your Home Network.
3. Update Your Software.
4. Download Only From Trusted Sources.
5. Be Vigilant With Email Attachments.
6. Never Visit Questionable Sites.
7. Maintain Your Passwords.
8. Try Not to Use Free WiFi.

Turn Off Your Computer

HACKING AND CRACKING

5. Determining whether you have been Hacked Give a short list of signs that could
mean your system has been penetrated.

SOLUTION:

 Antivirus Software Disabled

 Unfamiliar Software Has Been Installed..
 Random Pop-Ups. Internet Searches Are Redirected..
 Passwords Have Been Changed..
 Mouse Moves By Itself.

6. List out some of the Programming languages that are useful to hackers

SOLUTION:

Compute
r
S.
Description Platform Purpose
No.
Languag
es

Web hacking

Language used to *Cross

1 HTML Login forms and other data entry
write web pages. platform
methods on the web use HTML forms
to get data.

Web Hacking
Client side *Cross
2 JavaScript
scripting language platform JavaScript code is executed on the
client browse.

Web Hacking

Server side *Cross PHP is one of the most used web

3 PHP
scripting language platform programming languages. It is used to
process HTML forms and performs
other custom tasks

Web Hacking
Language used to
*Cross
4 SQL communicate with
platform Using SQL injection, to by-pass web
database
application login algorithms that are
weak, delete data from the database,
 etc

7. List of top 5 key finder software for cracking the system. SOLUTION:

 ProduKey Finder (for Windows)

 Magical Jelly Bean Keyfinder. (for windows).
 Belarc Advisor (for Windows)
 Mac Product Key Finder ( for Mac)
 License Crawler (for Windows)

GRIMPING AND PHYSICAL NETWORK SET UP

8. Enable communication, Use straight through Ethernet cable for the following
cabling:

 Switch to router
 Switch to PC or server
 Hub to PC or server

SOLUTION:

9. Enable communication, Use crossover cables for the following cabling: Switch to
switch

 Switch to hub
  Hub to hub
 Router to router
 Router Ethernet port to PC NIC
 PC to PC

SOLUTION:

10.Write down the steps for , how do you set a static IP address in Windows 7, 8.

SOLUTION:

1. Click Start Menu > Control Panel > Network and Sharing
Center or Network and Internet > Network and Sharing Center.
2. Click Change adapter settings.
3. Right-click on Wi-Fi or Local Area Connection.
4. Click Properties.
5. Select Internet Protocol Version 4 (TCP/IPv4).
6. Click Properties.
7. Select Use the following IP address.
8. Enter the IP address, Subnet mask, Default gateway, and DNS server.
9. Click OK.

UNIT II
 SECTION B

INTRODUCTION TO CRYPTOGRAPHY
11. Cryptography is a method of protecting information and communications.
Describe how this technique works, explain in detail. (CO3), (RE), (DL-E), (IL-I)
SOLUTION:

TYPES OF ENCRYPTION

12. Encrypt the message “HELLO MY DEAR,” using the appropriate key between the
sender and receiver.

13. Use the shift cipher with key = 15 to decrypt the message “WTAAD.” And
explain.
14. Use the shift cipher with key = 15 to encrypt the message “HELLO.”

15.Someone just sent me these 3 bytes:

10101001 01000110 11100001.He told me that the bytes are ASCII characters,
encrypted with the XOR cipher, using this key:
11111011 00001111 10110101SOLUTION:

The binary operation XOR (stands for eXclusive OR) is a binary operand (as are
AND, OR, etc) from Boole algebra. This operand will compare two bits and will
produce one bit in return. That bit will be equal to 1 if the two compared bits were
different, 0 if they were equal. Xor encryption is commonly used in several
symmetric ciphers (especially AES). A symetric cipher is simply a cipher in which the
key is used for encryption and decryption process. The XOR operand is so applied to
each bit between the text you want to encrypt and the key you'll choose. Examples
are better than words, let's take the word "xor". We want to encrypt it with the key
"cle". First we have to convert the input and the key in binary representation :

xor : 01111000 01101111 01110010

cle : 01100011 01101100 01100101

Then we compare each bit with the XOR operand. Which will give you this :

xor : 01111000 01101111 01110010

cle : 01100011 01101100 01100101
00011011 00000011 00010111

16.Write down the steps for how to set up the Windows 7 firewall to protect your
computer against malicious activity. :
SOLUTION:

1. From the Start menu, click Control Panel, then click System and Security
2. Under Windows Firewall, select either Check firewall status to determine
whether the firewall is turned on or off, or Allow a program through Windows
Firewall to allow a blocked program through the firewall
2. Select program features

 Click Turn Windows Firewall on or off from the left side menu
 Configure the settings for your home/work (private) or public network
 Click OK to save your changes

3. Choose firewall settings for different network location types

Turn on Windows Firewall for each network location you use - Home or work
(private) or Public
1. Click What are network locations? for more information on network types
2. Domain network locations are controlled by your network administrator and
can't be selected or changed
3. Select Turn on Windows Firewall under the applicable network location
type (in image below, both locations are selected)
4. Select Notify me when Windows Firewall blocks a new program for
each network type, if the box is not already checked
5. Click OK to save your changes

CERTIFICATE AUTHORITIES

17. List out of the different types of SSL certificate types that can be purchased.

SOLUTION:

 Extended Validation Certificates (EV SSL)

 Organization Validated Certificates (OV SSL)
 Domain Validated Certificates (DV SSL)
 Wildcard SSL Certificate
 Multi-Domain SSL Certificate (MDC)
 Unified Communications Certificate (UCC)

FIREWALL SETUP
18. Sketch out, how institution can be safer from internet attackers and set up
firewall. Use the below hint:

a)Client b)server c)Servers and databases

SOLUTION:

CONFIGURATION AND COMMUNICATION:

19. Turn on the Firewalls in both windows 7 and Windows 10 machines, Show the
ping result from Windows 7 machine to Windows 10 machine and vice versa.
SOLUTION:
Turn Windows Defender Firewall on
1. Select the Start button.
2. Select Settings > Update & Security > Windows
Security > Firewall & network protection.
3. Select a network profile.
4. Under Windows Defender Firewall, switch the setting to On. If your
device is connected to a network, network policy settings might prevent
you from completing these steps. For more info, contact your
administrator.

20.Turn off the firewalls in both Windows machines and then check the ping
results.

SOLUTION:
Turn Windows Defender Firewall off
 1. Select the Start button.
2. Select Settings > Update & Security > Windows
Security > Firewall & network protection.
3. Select a network profile.
4. Under Windows Defender Firewall, switch the setting to Off. Turning off
Windows Defender Firewall could make your device (and network, if you
have one) more vulnerable to unauthorized access. If there's an app you
need to use that's being blocked, you can allow it through the firewall,
instead of turning the firewall off.

UNIT III

21. Differentiate the features of MAC addresses and IP addresses.

Solution:

COMPARISON CHART

BASIS FOR
MAC IP
COMPARISON

Full Form Media Access Control Address. Internet Protocol Address.

Purpose It identifies the physical address of a It identifies connection of a computer on the

computer on the internet. internet.

Bits It is 48 bits (6 bytes) hexadecimal IPv4 is a 32-bit (4 bytes) address, and IPv6 is

address. a 128-bits (16 bytes) address.

Address MAC address is assigned by the IP address is assigned by the network

 BASIS FOR
MAC IP
COMPARISON

manufacturer of NIC card. administrator or Internet Service Provider.

Retrieve Address ARP protocol can retrieve MAC RARP protocol can retrieve IP address of a

address of a device. device.

22. Without knowledge of a destination network or a default route, what will a router do to a packet with
an unknown destination network?
Solution:
Write about:
 Drop the packet
 Send a message back to the source

23. What changes with each hop that a packet takes towards a destination?
Solution:
Write about MAC Address

24. With a subnet mask of 255.255.0.0, what are the IP addresses would be on the same network?
Solution:
Write from mac address
10.0.0.10
10.0.1.1

25. What would be the subnet mask on a network that has five host bits? How?
Solution:
Write from 255.255.255.224

26. When you send network communications from your laptop through your employer’s network and
then use it at home, what difference you feel?
Solution:
 27. What identifies which portion of an IP address is the Network ID and which portion is the host ID?
Solution:
Write from Subnet mask

28. Given an IP address of 10.10.10.10, and a subnet mask of 255.0.0.0, what is the network ID?
Solution:

Write from Ip address and Mac address 10.0.0.0

29. How the data delivered in the same network using subnet mask?
Solution:

The source doesn't actually need the destination's mask because if they are on the same
network their subnet masks will be the same anyway. After logically ending the destination IP
address of 10.10.1.2 with the source mask of 255.255.255.0, the resultant network ID matches the
network ID of the source 10.10.1.0.

This lets the source know that the destination is on the same network and traffic can be delivered
directly.

30. why the packets are discarded while routing a packet? Solution:

Now, host A's default gateway has the actual traffic meant for the destination. Routers maintain tables called,
get this, routing tables that contain destination networks and directions for the router, who to send the traffic
to next.

If the routers routing table doesn't have knowledge of the destination network, it can have a default route
which means a specific router interface on a different router to send traffic to. That other router interface will
have a better idea of how to get to the destination. Without knowledge of the destination network or a default
route, a router will drop a packet and send an error message back to the source through a protocol known as
ICMP, Internet control message protocol.

UNIT IV

TCP AND UDP

31. If an FTP server and a Web server are running on the same machine, how does network
communication get to each of those services?
Solution:
 32. What field does a switch use to learn where devices are?
Solution:

33. When a DHCP server is on a different network than the DHCP client, how does the DHCP server know
from which scope to give the client an address?
Solution:

34. How Clients learn who their DNS servers are?

Solution:

How Switches work?

35. How the switches identify the destination MAC Address?

Solution:

DYNAMIC ROUTING:

36. Why would we want the overhead of exchanging routes?

Solution:
37. Differentiate Static Versus Dynamic Routing.
Solution:

38. Explain how the Interior Gateway Protocol is differ from Exterior Gateway Protocol?
Solution:

DHCP’s AND DORA

39. What is the process of DORA in DHCP?
Solution:

40. How DHCP server assigns IP address to a host?

Solution:

UNIT V

Unit-V

FIREWALL
1. Write down some of the firewall programs that can help improve your computer's
security.

SOLUTION:

 ZoneAlarm Free Firewall 2017. ZoneAlarm is a well-known name in the world of

computer security.
 Tinywall.
 Anti NetCut3.
 Comodo Free Firewall.
 PeerBlock.
 Little Snitch [Mac] .
 Private Eye [Mac] .

2.Write down the list of firewall rules that apply to incoming traffic in networks.

SOLUTION:

 Accept new and established incoming traffic to the public network interface
on port 80 and 443 (HTTP and HTTPS web traffic)
 Drop incoming traffic from IP addresses of the non-technical employees in
your office to port 22 (SSH)
 Accept new and established incoming traffic from your office IP range to the
private network interface on port 22 (SSH)
 Accept means to allow the traffic through,

 reject means to block the traffic but reply with an "unreachable" error, and

 drop means to block the traffic and send no reply.

 The rest of each rule consists of the condition that each packet is matched
against.

3. Write down the several firewall techniques and each firewall may use two or
more than two techniques in concert.

SOLUTION:
 Packet filters: – This firewall technique is observed the entering and
discharging the network of each packet. Packets filters admit or discard it
 depend on user-defined rules. Packet filtering is quite efficient and
transparent to users, but it is hard to build up. Packets filter used to liable
to IP spoofing.
 Application gateway: – Application gateway used to apply safety method
to definite applications, such as Telnet and FTP servers. Application
gateways are very effective, but can inflict presentation poverty.
 Circuit-level gateway: – Circuit-level gateway is concerned to security
device especially when UDP or TCP connection is going to establish. When
connection comes visible then packets can run among the hosts without
additional checking.
 Proxy server:-Proxy server interrupts all messages incoming and outgoing
the network. The proxy server successfully hides the true network
addresses.

DNS AND DHCP SERVER CONFIGURATION

4. How does DNS work and list out their steps.

SOLUTION:
 Step 1: Request information. ...
 Step 2: Ask the recursive DNS servers.
 Step 3: Ask the root name servers.
 Step 4: Ask the TLD name servers.
 Step 5: Ask the authoritative DNS servers.
 Step 6: Retrieve the record.
 Step 7: Receive the answer.

SOCIAL ENGINEERING

5. By using RAT tool how the attacker can attack the sytem,for that give the cycle
process of the system.

SOLUTION:
46. What is Trojanhorse? How it differs from Logic bombs?
47. Which Remote Access Trojan affects the Administrative Access?
ROOTKIT BACKDOOR SPYWARE ADWARE AND PUP:

48. What is the main purpose of a backdoor?

DIGITAL FORENSICS:
49. What is Digital Forensics and Digital Evidence?
FORENSIC INVESTIGATION:
50. Write the steps to investigate the forensic?

SECTION C

DEFINING CYBER SECURITY

1. Describe about COMPUTER SECURITY in that how CIA model helps to secure the
data?
2. An unauthorized party gains access to an asset of other users using threads.
Define a various types of threads and show it using neat diagram.

3. DOS is Prevention of legitimate access to systems. How it’s possible in cyber

security?
PERSONAL SECURITY

4.Assume that an asset of an application might be a list of clients and their

personal information; this is a physical asset. An abstract asset might be the
reputation of an organization. Assets are documented in the threat model as follows

 ID - A unique ID is assigned to identify each asset. This will be used to

cross reference the asset with any threats or vulnerabilities that are
identified.
 Name - A descriptive name that clearly identifies the asset.
 Description - A textual description of what the asset is and why it
needs to be protected.
 Trust Levels - The level of access required to access the entry point is
documented here. These will be cross referenced with the trust levels
defined in the next step.

SOLUTION:

Assets
ID Name Description Trust Levels
1 Library Assets relating to students, faculty
Users and members, and librarians.
Librarian
1. User The login credentials that a student or a (2) User with Valid
1 Login faculty member will use to log into the Login Credentials
Details College Library website. (4) Librarian
(5) Database
Server
Administrator
(7) Web Server
User Process
(8) Database
Read User
(9) Database
Read/Write User
1. Personal The College Library website will store (4) Librarian
2 Data personal information relating to the (5) Database
students, faculty members, and librarians. Server
Administrator
(6) Website
Administrator
 (7) Web Server
User Process
(8) Database
Read User
(9) Database
Read/Write User

DENIAL-OF-SERVICE

5. Illustrate about Denial of service attack,in given below particulars,

 Short note on DOS
 Causes of DOS
 Note on DDOS and examples.

SOLUTION:

A Denial-of-Service (DoS) attack is an explicit attempt by attackers to deny service

to intended users of that service.

It involves flooding a computer resource with more requests than it can handle
consuming its available bandwidth which results in server overload.

This causes the resource (e.g. a web server) to crash or slow down significantly so
that no one can access it.

Using this technique, the attacker can render a web site inoperable by sending
massive amounts of traffic to the targeted site.

A site may temporarily malfunction or crash completely, in any case resulting in

inability of the system to communicate adequately.

DoS attacks violate the acceptable use policies of virtually all internet service
providers.

Another variation to a denial-of-service attack is known as a “Distributed Denial of

Service” (DDoS) attack wherein a number of geographically widespread
perpetrators flood the network traffic.

Denial-of-Service attacks typically target high profile web site servers belonging to
banks and credit card payment gateways.

Websites of companies such as Amazon, CNN, Yahoo, Twitter and eBay.

RISING CYBER SECURITY THREATS

6.By given details draw a pictorial chart representation for motivation on attacker.

a) Opportunistic b) Industrial espionage, c)Disstatification with job, d)social

activisim,e)other

SOLUTION:

7. Draw out the human threat network access with the help of following
components
a) Asset b) Vector c) Actor d) Motive e) Impact

(CO2), (U), (DL-E), (IL-I)

SOLUTION:
THE AAA MODEL

8. The client establishes a connection with the router. Analyzes the given
statement and clarifythe AAA local authentication with suitable diagram.

GRIMPING AND PHYSICAL NETWORK SET UP

9. How do I assign a static IP address to my phone?DHCP IP reservation

SOLUTION:

 Open the Google Wifi app.

 Tap the tab, then Network & general.
 Under the 'Network' section, tap Advanced networking.
 Tap DHCP IP Reservations.
 Press the add button in the lower-right corner.
 Choose the device for which you'd like to assign a static IP.
 Tap the text field and enter a static IP address, then Save.
10.To create a crossover cable with cat-5 cable. Draw down the CAT-5
wiring cable.Use the following instructions.

SOLUTION:

UNIT II

INTRODUCTION TO CRYPTOGRAPHY
11. Use the shift cipher with key = 15 to encrypt the message “CLASSROOM.” &
explain.
12. Use the shift cipher with key = 4 to encrypt the message “RVSCAS” & explain.
INTRODUCTION TO CRYPTOGRAPHY
13. Illustrate symmetric-key cryptography and write down the classifications of
symmetric-key cryptography
HASHING
14. Estimate below diagram and explain the terms which is used in this hash
function.

15. Draw a diagram for good and bad function in hashing. (CO2), (AP), (DL-E), (IL-I)

CERTIFICATE AUTHORITY

16. List out the best SSL certificate providers of 2019 and write down the role of
certificate authority.

SOLUTION:

 Comodo SSL.
 DigiCert.
 Entrust Datacard.
 GeoTrust.
 GlobalSign.
 GoDaddy.
  Network Solutions.
 RapidSSL.

 A certificate authority (CA) is a trusted entity that issues

digital certificate that verify a digital entity's identity on the Internet.

 Certificates given by CAs build trust between the users and the providers
because they can ensure the validity of each other's identities
and authorities.

WEBSITE DEMO

17. Create a webpage for “Kannan Department” and illustrate various types of table
within it. & explain why we need to do testing?

18. Create a webpage for “Pragathi Stores” and illustrate inner & outer table within
it. & explain the importance of testing in web page creation?

19.Write down the system configuration for windows 7

SOLUTION:

1. Start the System Configuration utility by clicking on Start » Run.

2. In the Run window, type msconfig and then click OK
3. The System Configuration Utility window should now appear. Click on
the Startup tab.
4. You should now see a window similar to the one below.

CONFIGURATION AND COMMUNICATION

20. We have to set the two IP addresses in the same network since we have
connected the PCs using a switch. After assigning IP address successfully, we have
to check the two PCs are able to communicate with each other.

SOLUTION:

Static IP configuration
 Go to the Start window, and open the “Network and Sharing Center” .
 After opening the “Network and Sharing Center”. Then click the Change
Adapter Settings
  After Select the Local Area Connection

 After Selecting the Local Area Connection click mouse right button to select
the properties

 Open Command Prompt and type ipconfig to check the IP address and Subnet
mask.

 Press the Winkey and select the Windows Firewall

 Go to Advance Settings.

 Click the Inbound Rules

 Select the four type of file sharing methods and enable that one by one.

 Open the command Prompt to ping the Client IP Address to check the File
sharings if that Succcess or Lost.

UNIT III

MAC AND IP ADDRESS:

21. In widows system How to identify system MAC address? (CO4)()(DL-)(IL-)

MAC addresses are usually written in the form of 12 hexadecimal digits. For example, consider the
following MAC address:
D8-D3-85-EB-12-E3
Every hexadecimal character represents 4 bits, so the first six hexadecimal characters represent the
vendor (Hewlett Packard in this case).
How to find out your own MAC address?
If you are using Windows, start the Command Prompt (Start – Programs – Accessories – Command
Prompt). Type the ipconfig/all command and you should see a field called Physical Address under
 the Ethernet adapter settings:

In Linux system How to identify system MAC address? (CO4)()(DL-)(IL-)

Define the Classful addressing(CO4)()(DL-)(IL-)

LOCAL COMMUNICATION:
22. How to view the network Activity using wireshark? Demonstrate for local Communication. (CO4)()
(DL-)(IL-)

Wireshark is a network protocol analyzer that can be installed on Windows, Linux and Mac. It provides a
comprehensive capture and is more informative than Fiddler.
To use:

1. Install Wireshark.

 Open your Internet browser.

 Clear your browser cache.
 Open Wireshark
 Click on "Capture > Interfaces". A pop up window will show up.
  You probably want to capture traffic that goes through your ethernet driver. Click on the Start button
to start capturing traffic via this interface.
 Visit the URL that you wanted to capture the traffic from.
 Go back to your Wireshark screen and press Ctrl + E to stop capturing.
 After the traffic capture is stopped, please save the captured traffic into a *.pcap format file and attach
it to your support ticket.

REMOTE COMMUNICATION:
23. How to view the network Activity using wireshark? Demonstrate for remote Communication.

You have to set the following parameters in this dialog:

Host
Enter the IP address or host name of the target platform where the Remote Packet Capture Protocol
service is listening. The drop down list contains the hosts that have previously been successfully
contacted. The list can be emptied by choosing “Clear list” from the drop down list.

Port
Set the port number where the Remote Packet Capture Protocol service is listening on. Leave open to
use the default port (2002).

Null authentication
Select this if you don’t need authentication to take place for a remote capture to be started. This
depends on the target platform. Configuring the target platform like this makes it insecure.

Password authentication
This is the normal way of connecting to a target platform. Set the credentials needed to connect to the
Remote Packet Capture Protocol service.

24. Demonstrate the name resolution Query in DNS through Wireshark. (CO4)()(DL-)(IL-)
Name Resolution

Name resolution tries to convert some of the numerical address values into a human readable format. There are
two possible ways to do these conversions, depending on the resolution to be done: calling system/network
services (like the gethostname() function) and/or resolve from Wireshark specific configuration files. For
details about the configuration files Wireshark uses for name resolution and alike, see Appendix B, Files and
Folders.

The name resolution feature can be enabled individually for the protocol layers listed in the following sections.

25. Demonstrate the DORA process of DHCP through Wireshark.

1) Discover:
Client makes a UDP Broadcast to the server about the DHCP discovery. Asit doesn't know
where the DHCP server is reachable in the network it sends UDP broadcast with the source
ip address as 0.0.0.0 and destination ip address as 255.255.255.255 with its own MAC
address .Unless, we have a DHCP Relay agent in the same subnet, IP helper address, etc.
configured on your router. Then the broadcast is forwarded to a specific destination.
2) Offer:
DHCP Server offers to the client with available ip address,lease time sunbnetmask,gateway
and DNS information .communication will be established based on the mac-address of client.

3) Request:
In response to the offer Client requests the server . Note that still client is not having the ip
address. Now client makes request to the server for the IP information being offerd by the
DHCP server .
A client can receive DHCP offers from multiple servers, but it will accept only one DHCP offer
and broadcast a DHCP request message. Based on Transaction ID field in the request, servers
are informed whose offer the client has accepted. When other DHCP servers receive this
message, they withdraw any offers that they might have made to the client and return the
offered address to the pool of available addresses.
4) Acknowledge:
Server responds all the Ip Add/mask/gateway/dns/wins info along with the
acknowledgement packet.
Last but not least, if none of the DHCP server is availble in your network or the connection is
broken to your DHCP server APIPA would automatically assign a unique class B IP address to
each machine in the range of 169.254.x.x range.
BINDING MAC ADDRESS TO IP ADDRESS:
26. How to bind MAC address to IP Address. (CO4)()(DL-)(IL-)
 27. When the Source determines that the destination is on different network, how to request their MAC
address? (CO4)()(DL-)(IL-)
28. Compare Local and Remote communications and identify which is best for sending packets ? (CO4)()
(DL-)(IL-)

UNIT IV

TCP AND UDP

41. If an FTP server and a Web server are running on the same machine, how does network
communication get to each of those services? [CO5][RE][DL-E][IL-I]
42. What field does a switch use to learn where devices are? [CO5][RE][DL-M][IL-V.I]

43. When a DHCP server is on a different network than the DHCP client, how does the DHCP server know
from which scope to give the client an address? [CO5][RE][DL-E][IL-I]
44. How Clients learn who their DNS servers are? [CO5][RE][DL-C][IL-I]
HOW SWITCHES WORK:

45. How the switches identify the destination MAC Address? [CO5][RE][DL-E][IL-V.I]
DYNAMIC ROUTING:

46. Why would we want the overhead of exchanging routes? [CO5][RE][DL-E][IL-M]

47. Differentiate Static Versus Dynamic Routing. [CO5][A][DL-E][IL-I]
48. Explain how the Interior Gateway Protocol is differ from Exterior Gateway Protocol?
[CO5][A][DL-M][IL-V.I]
DHCP’s AND DORA
49. What is the process of DORA in DHCP? [CO5][RE][DL-E][IL-V.I]
50. How DHCP server assigns IP address to a host? [CO5][RE][DL-M][IL-I]
UNIT V

FIREWALL

41.Write down some of firewall programs that can help improve your computer's security. [CO3][RE][DL-E]
[IL-I]

42.Write down the list of firewall rules that apply to incoming traffic in networks.

[CO3][RE][DL-E][IL-I]

43.Write down the several firewall techniques and each firewall may use two or more than two techniques
in concert. [CO3][RE][DL-E][IL-I]

SOCIAL ENGINEERING

44. By using RAT tool how the attacker can attack the system, for that give the cycle process of the system.
[CO3][RE][DL-E][IL-I]
DNS AND DHCP SERVER CONFIGURATION

45. How does DNS work and list out their steps. [CO3][RE][DL-E][IL-I]

LOGIC BOMB, TROJANHORSE AND RAT:

46. What is Trojanhorse? How it differs from Logic bombs? [CO6][RE][DL-M][IL-I]
47. Which Remote Access Trojan affects the Administrative Access? [CO6][RE][DL-E][IL-I]
ROOTKIT BACKDOOR SPYWARE ADWARE AND PUP:

48. What is the main purpose of a backdoor? [CO6][U][DL-C][IL-V.I]

DIGITAL FORENSICS:
49. What is Digital Forensics and Digital Evidence? [CO6][RE][DL-E][IL-I]
FORENSIC INVESTIGATION:
50. Write the steps to investigate the forensic? [CO6][U][DL-M][IL-I]

SECTION C

UNIT III

MAC AND IP ADDRESS:

21. In widows system How to identify system MAC address?

MAC addresses are usually written in the form of 12 hexadecimal digits. For example, consider the
following MAC address:
D8-D3-85-EB-12-E3
Every hexadecimal character represents 4 bits, so the first six hexadecimal characters represent the
vendor (Hewlett Packard in this case).
How to find out your own MAC address?
If you are using Windows, start the Command Prompt (Start – Programs – Accessories – Command
Prompt). Type the ipconfig/all command and you should see a field called Physical Address under
 the Ethernet adapter settings:

22. In Linux system How to identify system MAC address?

MAC addresses are usually written in the form of 12 hexadecimal digits. For example, consider the
following MAC address:
D8-D3-85-EB-12-E3
Every hexadecimal character represents 4 bits, so the first six hexadecimal characters represent the
vendor (Hewlett Packard in this case).
How to find out your own MAC address?

If you are using Linux, type the ifconfig command. You should see your
 23. Define the Classful addressing.

LOCAL COMMUNICATION:
24. How to view the network Activity using wireshark? Demonstrate for local Communication.

REMOTE COMMUNICATION:
25. How to view the network Activity using wireshark? Demonstrate for remote Communication.

26. Demonstrate the name resolution Query in DNS through Wireshark.

27. Demonstrate the DORA process of DHCP through Wireshark.

BINDING MAC ADDRESS TO IP ADDRESS:
28. How to bind MAC address to IP Address.
29. When the Source determines that the destination is on different network, how to request their MAC
address?
30. Compare Local and Remote communications and identify which is best for sending packets ?

UNIT IV

WINDOWS POWERSHELL SCRIPTING:

31. Write a PowerShell script that asks users to choose between these four items:

i. See a list of processes on the system

ii. See a list of services on the system
iii. Send a ping
iv. Double a number

Write the script to implement each choice:

 o If the user picks the first option, display a list of processes on the system.
o If the user picks the second option, display a list of services on the system.
o If the user picks the third option, ask the user for an IP address or FQDN (fully qualified
domain name) to ping, and then send a ping using the appropriate PowerShell cmdlet (not
the ping utility).
o If the user picks the fourth option, ask the user for a number, and then display the output
like this: Your original number was 5, but now it’s 10.

LINUX BASE SHELL SCRIPTING:

32. Write a Bash shell script that includes:

i. Conditional statement
ii. Loop
iii. Reading in a value from the user
iv. Displaying output based on the value read in.

33. Write a Bash shell script for creating the user accounts [User names & Passwords] and

displaying the account details.

34. Write a bash shell script for getting input from user as domain names & IP addresses and construct the
mapping table.

35. Ping using Power shell scripting.

PORTS:

36. How does network communication go in and out of a program or service?

TCP AND UDP:

37. If an acknowledgement specifically referencing byte numbers of the data sent doesn't come back TCP
resends the unacknowledged bytes; UDP doesn't do this. So which one is better?

HOW SWITCHES WORK:

38. How does the switch learn where MAC addresses are in the first place?

AUTONOMOUS SYSTEM:

39. Why would a bunch of networks be preferred to a single network?

STATIC ADDRESSING RARP BOOTP DHCP:

40. What that meant was that each and every network needed its own Reverse ARP server. Costs and
resources were obvious issues, that called for a new protocol. Then along came BootP, Bootstrap particle. The
advantage BootP afforded over Reverse ARP was that the BootP messages were encapsulated in UVP data
grams at layer 4, which were encapsulated in IP packets at layer 3. What good is that?

UNIT V

1.How To Avoid Pretexting Social Engineering Attack?

SOLUTION:

 Educate the entire organization regarding the security threats and policies
of organization to avoid mistakes
 Offer a safe-harbour for subordinates
 Establish communication & delegation
 Consider bluffing through the stating of false details
 Exercise useful caution
 Use negotiation when interrogating a caller
 Rely only on trusted sources
 Create a policy to manage protesters
 Make your trash unappealing for Dumpster drives

DNS AND DHCP SERVER CONFIGURATION

2.Write down the steps for Installing and Configuring a DHCP Server.

SOLUTION:

 Choose Start→Administrative Tools→Server Manager. ...

 Click the Roles link and then click Add a Role. ...
 Click Next to get the wizard started. ...
 Select DHCP Server from the list of roles and then click Next. ...
 Click Next. ...
 Select the static IP addresses you want to use for the DHCP server. ...
 Enter the domain name and DNS servers.
 click Next.
Either way, the next screen lets you configure scopes.
 To create a new scope, click the Add Scope button.
 Enter the information for the new scope.
 Select the Activate This Scope check box and then Click OK.
The scope is created, as shown below.

 If you want to create additional scopes, repeat steps 10–12.

You can create as many scopes as you want for your DHCP server.
 When you finish creating scopes, click Next.
The wizard asks whether you want to enable stateless mode, which is used for IPv6.
Disable this mode unless dealing with IPv6 clients is important to your network.
 Click Next.
The wizard asks for the credentials to use when creating this DHCP server. The
default is to use your current login credentials.
 Click Next.
The wizard displays a confirmation screen that summarizes the settings you’ve
entered for the DHCP server.
 Click Install.
The DHCP server is created. This might take a few minutes. When the server is
finished, a final results page is displayed to confirm that the server was properly
installed.
 Click Close.
You’re done!

1. How do you report a suspicious phising a email to Google?

SOLUTION:

 After Select the Local Area Connection

 After Selecting the Local Area Connection click mouse right button to select
the properties

 Open Command Prompt and type ipconfig to check the IP address and Subnet
mask.

 Press the Winkey and select the Windows Firewall

 Go to Advance Settings.

 Click the Inbound Rules

 Select the four type of file sharing methods and enable that one by one.
  Open the command Prompt to ping the Client IP Address to check the File
sharings if that succcess or Lost.
 On a computer, go to Gmail.
 Open the message.
 Next to Reply , click More . Note: If you're using classic Gmail, click the Down
arrow .
 Click Report phishing.

INTRUSION DETECTION AND INTRUSION PREVENTION

4. Draw the network intrusion detection system and intrusion prevention system.

SOLUTION:

.
5. Configure and sketch out Social Engineering Attack Lifecycle? .

6. SOLUTION:
SOCIAL ENGINEERING
32. How To Avoid Pretexting Social Engineering Attack?
33. Configure and sketch out Social Engineering Attack Lifecycle? .

DNS AND DHCP SERVER CONFIGURATION

34. Write down the steps for Installing and Configuring a DHCP Server.

MALWARE AND FORENSICS

35. How do you report a suspicious phisinga email to Google?

INTRUSION DETECTION AND INTRUSION PREVENTION
36. Draw the network intrusion detection system and intrusion prevention system.

VIRUS Vs WORM

46.Worms and viruses how to spread and replicate themselves?

47. Explain the malware and their types.
DNS AND DHCP SERVER CONFIGURATION
48.Configure DHCP and DNS Services in different servers and enable the communication.

49. Configure primary and Secondary DHCP Servers in the same network and analyze the communication.
50. Determine the events that are transpired and identify which systems and networks were affected?