Scribd
Upload
10 views3 pages

Ccs340iat2 Key

Uploaded by

subhashinidinakaran17
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
10 views3 pages

Ccs340iat2 Key

Uploaded by

subhashinidinakaran17
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Internal Assement Test -II

CCS340-Cybersecurity- Key:
Part-A
1. Define Bannergrabbing.

Banner grabbing is a method used by attackers and security teams to


obtain information about network computer systems and services running on open ports. A
banner is a text displayed by a host that provides details such as the type and version of
software running on the system or server.

2. Give examples of social engineering attacks .

Human based:
Impersonating an employee
Posing as an important user
Using a third person
Calling as technical support
Shoulder surfing
Dumpster diving
Computer Based:
Fake email
Email attachment
Pop-up-windows
3. What is common attack vector?
An attack vector is a path or means by which an attacker gain access to the largest
(machine) to deliver payload.
Deliver payload means the attacker has to dump the malicious code.

4. What is the need for port scanning?


A port scan is a common technique hackers use to discover open doors or weak points in
a network.

5. State some attack tools.


Kali linux
Metaspolit
John the Ripper
Wireshark
Nikto

Part-B
6. Explain the concept of Web application attacks and their countermeasures.
Definition of web application attack:
web application attacks are malicious activities that target web applications by exploiting
vulnerabilities in their design or implementation. These attacks can result in unauthorized
access, data theft, or other harmful consequences.
Common Types of Web Application Attacks
1. Cross-Site Scripting (XSS)
Cross-site scripting (XSS) is a type of web application attack that involves injecting malicious scripts
into web pages that are viewed by other users. This is typically accomplished by injecting the script
into a form input field or URL parameter that is then stored in the web application’s database.

When another user views the page that contains the malicious script, the script is executed in their
browser, allowing the attacker to steal data or perform other malicious actions on the user’s behalf.
XSS attacks can be prevented by properly sanitizing user input, using content security policy (CSP)
headers, and escaping untrusted data.

2. Cross-Site Request Forgery (CSRF)


Cross-site request forgery (CSRF) is a type of web application attack that tricks a user into executing
an unwanted action on a web application that they are already authenticated with. This is typically
accomplished by sending a specially crafted link or script to the user, which then performs the
unwanted action when clicked.

For example, a CSRF attack could be used to make unauthorized purchases or change account
settings. CSRF attacks can be prevented by using anti-CSRF tokens, which are unique tokens that are
generated by the web application for each user session and must be included in every request to the
application.

3. XML External Entity (XXE)


XML External Entity (XXE) is a type of web application attack that involves exploiting
vulnerabilities in XML parsers used by a web application. This can allow an attacker to read sensitive
data or execute unauthorized actions on the web application’s server.

XXE attacks typically involve injecting specially crafted XML payloads that exploit the XML
parser’s ability to read external entities. XXE attacks can be prevented by disabling external entity
parsing or using secure XML parsers that properly sanitize input data.

4. Injection Attacks
Injection attacks involve inserting malicious code into a web application, typically in the form of
input data such as SQL queries, commands, or scripts. Injection attacks are successful when an
application fails to properly validate and sanitize input data. These attacks can be prevented by
properly validating and sanitizing input data and using parameterized queries to access databases.

5. DDoS (Distributed Denial-of-Service)


A Distributed Denial-of-Service (DDoS) attack is a type of web application attack that involves
overwhelming a web application with a large volume of traffic from multiple sources, such as botnets
or compromised devices. This can cause the web application to become unavailable to legitimate
users.

DDoS attacks can be prevented by using network security devices, such as firewalls and intrusion
prevention systems, that can detect and block malicious traffic. Additionally, web application
developers can use content delivery networks (CDNs) and load balancers to distribute traffic across
multiple servers to help mitigate the effects of DDoS attacks.
6. Brute Force Attack
A brute force attack is an automated method of guessing a username and password combination to
gain unauthorized access to a web application. Attackers use software tools to try different
combinations of usernames and passwords until they successfully guess the correct one.

To prevent brute force attacks, web applications can implement rate-limiting and account lockout
policies. Rate-limiting limits the number of login attempts from a single IP address, while account
lockout temporarily blocks access to an account after a certain number of failed login attempts.

7 Path Traversal
Path traversal is a type of web application attack that involves manipulating file paths in a web
application in order to access unauthorized files or directories on the server. Path traversal attacks
typically occur when a web application does not properly validate user input, allowing an attacker to
traverse up and down directory structures to access sensitive files.

Path traversal attacks can be prevented by properly validating user input and sanitizing file paths, as
well as using secure file access methods that restrict access to sensitive files and directories.

7.What are the steps involved in Reconnaissance? Explain in detail about port scanning.

Reconnaissance generally follows seven steps:


Collect initial information.
Determine the network range.
Identify active machines.
Find access points and open ports.
Fingerprint the operating system.
Discover services on ports.
Map the network.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy