DHIRAJLAL GANDHI COLLEGE OF TECHNOLOGY, SALEM

(Autonomous)

Department of Information Technology

Year/Sem III/VI Time 3 hours

Marks 100 Date 21.04.2025 AN

ICT EXAM
CCS340-Cybersecurity
PART-A(10X2=20) BL COs
1 What is the function of OWASP? L4 2

OWASP's primary goal is to empower individuals and organizations to build and maintain
trustworthy and secure web applications. OWASP (Open Web Application Security Project) is a
non-profit foundation dedicated to improving software security, specifically web applications.
2 What are the two types of pharming attack? L1 2

1. DNS Server Pharming: This involves compromising DNS servers to redirect users to
malicious websites even if they type the correct URL. 2. Local Host Pharming: This type of
attack targets individual computers by modifying their local host file, which maps domain
names to IP addresses.
3 What do you mean by replay attack and what are its consequences? L1 2
A replay attack is a cyberattack where an attacker intercepts and retransmits valid data, such
as login credentials or session tokens, to gain unauthorized access or manipulate actions.
Consequences include unauthorized access to accounts, data theft, and service disruptions.
4 What is cross site scripting /XSS scripting? L1 2
Cross-site scripting (XSS) is a web security vulnerability that allows an attacker to inject
malicious code into a website, which is then executed by the victim's browser. This code can
be used to steal user data, manipulate website content, or redirect users to malicious sites.
5 What are the security measures to be considered for preventing and combating L1 3
malware in a multi-layered approach?
A multi-layered approach to malware prevention involves a combination of technical and
behavioral security measures, including robust antivirus/anti-malware software, firewalls,
regular updates, strong passwords, email filtering, and user awareness training.
6 What is the purpose of HOST command? L1 3
The host command is a command-line tool that performs DNS (Domain Name System) lookups.
The tool can find a hostname when provided with an IP address. However, the command
returns an IP address when given a hostname.
7 What is whois footprinting and os fingerprinting? L1 3
Whois footprinting and OS fingerprinting are techniques used in cybersecurity to gather
information about a target system or network.
8 Brief about BurpSuite and various types of reconnaissance tools. L1 3

Burp Suite is a comprehensive web application penetration testing tool, offering various
features for web application security testing and vulnerability analysis. Reconnaissance tools,
on the other hand, are used for gathering information about a target system, including
websites, networks, and people.
9 Shortly explain Pingsweep and NMAP L1 3
A ping sweep is a network scanning technique that uses ICMP echo requests (pings) to
discover active hosts on a network. It sends pings to a range of IP addresses and identifies
those that respond. Nmap, a free network scanning tool, can be used to perform ping sweeps.
10 What is stealth scan and xmas scan L2 3
Stealth scans, also known as SYN scans, are a type of network scan that avoids completing the
full TCP handshake, making them harder to detect by intrusion detection systems (IDS).
PART-B(5X16=80)

11 Explain in detail about various phase of scanning with suitable sketches. (16) L2 3
Scanning in security contexts, like penetration testing or network monitoring, involves
various phases to identify potential vulnerabilities and weaknesses in a system or network.
These phases can be broadly categorized into reconnaissance, scanning, and vulnerability
 assessment. Scanning itself often includes phases like host discovery, port scanning, service
detection, and OS fingerprinting.
1. Reconnaissance
2. Scanning
 Host Discovery
 Port Scanning
 Service Detection
 OS Fingerprinting
 Vulnerability Scanning
3. Vulnerability Assessment
4. Reporting
OR
i. Explain the information gathering methodologies of the hackers (10)
Hackers employ various methods to gather information, broadly categorized as
passive and active techniques.
Passive Information Gathering:
Search Engines
Social Networks
Domain Research
Open Source Intelligence (OSINT)
Active Information Gathering:
Social Engineering
Network Scanning
Foot printing
Vulnerability Scanning
Specific Tools and Techniques
Nmap, TheHarvester, WhatWeb, Network Mappers and Packet Sniffers.
ii. Explain Drone attack in detail (6)
Drone cyberattacks pose a significant threat to various systems and infrastructure
due to their vulnerability to hacking and manipulation.
Types of Drone Cyberattacks:
Hijacking
GPS Spoofing
Data Interception
Payload Delivery
Jamming Signals
L2 3
12 Explain in detail about OS Finger printing. (16)

OS fingerprinting is the process of identifying an operating system by analyzing its unique

characteristics within network communication.

Active OS Fingerprinting

Method: Sends specially crafted packets to the target, analyzes the responses, and compares
them against a known database of OS fingerprints.

Tools: Nmap, which uses various probes (TCP, UDP, ICMP) to exploit ambiguities in protocol
RFCs, is a popular tool. OR

i. Explain in detail about DNS lookup with example (6)

A DNS (Domain Name System) lookup is the process of translating a human-readable

domain name (like "www.example.com") into an IP address (like "192.168.1.1") that
computers use to communicate on the internet. This process is essential for accessing
websites, email servers, and other online resources. DNS lookups can be either
forward (resolving a domain name to an IP address) or reverse (finding the domain
name associated with an IP address).
How DNS Lookup Works:
1. User Input:
When you type a website address into your browser, the browser initiates a DNS
lookup.
2. Local DNS Cache:
 The browser first checks its local DNS cache to see if it already knows the IP address
for the domain.
3. Recursive DNS Resolver:
If not found in the cache, the request is sent to a DNS recursive resolver, which is
typically your ISP's DNS server.
4. Recursive Queries:
The resolver then makes a series of queries to different DNS servers in a hierarchical
structure.

ii. Illustrate about vulnerability assessment with Nmap and its features (10)

Nmap can be used for vulnerability assessment by identifying open ports, running
services, and their versions, which can reveal potential security weaknesses. It
employs NSE (Nmap Scripting Engine) scripts to automate vulnerability detection and
assess misconfigurations. These scripts send probes that mimic attack scenarios,
analyzing responses to identify vulnerabilities that could be exploited.
Nmap's features for vulnerability assessment:
Port Scanning:
Nmap scans ports to identify which are open and which services are running on them.
This is crucial because attackers often exploit vulnerabilities in specific versions of
services.
Service and Version Detection:
Nmap identifies the specific service and version running on open ports. Knowing the
version is vital because older versions of services often have known vulnerabilities.
OS Detection:
Nmap can also detect the operating system of the target, which can provide further
clues about potential vulnerabilities.
NSE Scripts:
Nmap's scripting engine (NSE) allows for running custom scripts to automate
vulnerability scanning and assessment. NSE scripts can detect misconfigurations and
check for vulnerabilities in services like HTTP, FTP, and SSH.
Vulscan:
A popular CVE (Common Vulnerabilities and Exposures) detection script within Nmap
that identifies known vulnerabilities.
L2 3
13 i. Explain in detail metagoofil and DIG command (10)
Metagoofil is an open-source OSINT tool used for extracting metadata from public
documents (like PDFs, DOCs, etc.) found on websites. It searches Google for specific
file types hosted on a target domain and then downloads these files to your local
machine. It uses libraries like Hachoir and PdfMiner to parse the metadata and
generate a report containing usernames, software versions, and other potentially
useful information. The dig command is a versatile network administration tool used
for querying Domain Name System (DNS) servers to obtain domain name to IP address
mappings and other DNS records. It's commonly used for troubleshooting DNS-related
problems, performing DNS lookups, and tracing DNS resolution paths.
ii. Explore about theHarvesterTool with example (6)
theHarvester is an open-source reconnaissance tool used to gather information about
domains, including email addresses, subdomains, IPs, and employee details, by
leveraging multiple public data sources. It’s particularly useful in the early stages of
penetration testing and OSINT (Open Source Intelligence) investigations. In the early
stages of penetration testing, gathering as much public information as possible is
crucial to identifying potential entry points and understanding the attack surface of a
target. theHarvester simplifies this process by automating data collection from
numerous public sources, including search engines, DNS, and various APIs. This saves
time and increases the scope of data collected, helping testers identify vulnerable or
forgotten assets like subdomains or public IP addresses.

OR
i. Explain about Banner grabbing technique in detail. (8)
Banner grabbing is a method used by attackers and security teams to obtain
information about network computer systems and services running on open ports. A
banner is a text displayed by a host that provides details such as the type and version
of software running on the system or server. The screen displays the software version
number on the network server and other system information, giving cybercriminals an
advantage in cyber attacks. Active Banner Grabbing: In this method, Hackers send
packets to a remote server and analyze the response data. Passive Banner Capture:
 This method allows hackers and security analysts to get the same information while
avoiding disclosing the original connection.

ii. Illustrate diverse cyberattacks with a clear diagram. (8)

A cyberattack – also known as a cybersecurity attack – is any form of malicious activity
targeting IT systems and/or the attackers or threat actors using them to gain
unauthorized access to systems and data they contain. Criminals typically are looking
to exploit an attack for financial gain, but in other cases the aim is to disrupt
operations by disabling access to IT systems. Threat actors can be anyone from a
single person attempting to obtain stolen credentials and hold them for ransom to a
state-sponsored contingent looking to disrupt operations on foreign soil.
Common types of cyberattacks
 Malware
 Ransomware
 Adware
 Crypto-jacking
 Phishing
 Spear phishing
 SQL injection attack
 Cross-site scripting (XSS)
 Botnets
 Denial-of-service (DoS)
 Man in the middle attacks
14 Explain in detail about various data protection measures comprehensively. (16) L2 2
OR
Explain in detail about netcraft,pingsweep and Metasploit. (16)
Explain in detail about ARP Spoofing with suitable example.16)
OR
Explain in detail about different methodologies of Email server. (16) L2 2

15

Course Coordinator Module Coordinator HOD/Program Coordinator