|
Unit 1: Introduction to Ethical Hacking |
|
|
1. |
Explain the following terms with respect to Ethical Hacking a) Hack Value b) Exploit c) Vulnerability d) Target Evaluation e) Zero day attack f) Daisy Chaining |
|
2. |
Explain in detail the elements/principles of information security. |
|
3. |
Explain the security, functionality and usability triangle |
|
Click here to join us on Social Media for getting instant update on every notice
4. |
What are the different attack vectors through which the attacker can attack information system? Explain. |
|
5. |
Discuss the motives, goal and objectives of information security attack. |
|
6. |
Classify the categories of information security threat. Explain each category in detail |
|
7. |
What is information warfare? What are its type? Explain. |
|
8. |
Discuss the different IPV6 security threats |
|
9. |
What is hacking? What is ethical hacking? What are the effects of hacking on business? |
|
10. |
Who is an Hacker? What motivates the hacker? Discuss the different classes of hacker |
|
11. |
Compare hacking and ethical hacking. What are the effects of hacking on business? |
|
12. |
What is Hactivism? Explain. |
|
13. |
Enumerate different phases of hacking? Explain each in detail. |
|
14. |
What are the different types of attack on a system? Explain each in detail. |
|
15. |
Why is ethical hacking necessary? Explain the scope and limitation of ethical hacking |
|
16. |
What are the skills that an ethical hacker should possess? |
|
17. |
What is defence in depth? Explain. |
|
18. |
What is incident management? What is the purpose of incident management process? |
|
19. |
What is information security policies? What are its goal? |
|
20. |
Classify the information security policies. Explain the structure and contents of security policies. |
|
21. |
Explain the different types of security policies. |
|
22. |
What are the steps to create and implement security policies? Explain with example. |
|
23. |
What is vulnerability research? Why does the administrator need it? |
|
24. |
What is penetration testing? Explain. Why is it required? |
|
25. |
Explain the penetration testing methodology. |
|
Unit 1: Footprinting and Reconnaissance |
|
|
26. |
What is footprinting? Explain the following terminologies: a) Open source or passive information gathering b) Anonymous footprinting c) Organizational or private footprinting d) Active information gathering e) Pseudonymous footprinting f) Internet foorprinting |
|
27. |
Why do attacker need footprinting? What are the objectives of footprinting? |
|
28. |
What are the different types of threats due to footprinting? Explain. |
|
29. |
Enumerate the different methodology used for footprinting. Explain the footprinting through search engine. |
|
30. |
Explain website footprinting. |
|
31. |
Explain email footprinting. |
|
32. |
What is competitive intelligence? What are the sources of competitive intelligence? What type of information can be gathered using it? |
|
33. |
Explain footprinting using google. |
|
34. |
How “Whois” can be used for footprinting? |
|
35. |
Explain DNS footprinting. |
|
36. |
Explain network footprinting. |
|
37. |
How is footprinting done through social engineering? Explain. |
|
38. |
How footprinting is done using social networking site? |
|
39. |
Explain any 5 footprinting tools. |
|
40. |
What countermeasures can be taken against footprinting? |
|
41. |
Explain footprinting pentesting. |
|
Unit 1: Scanning Networks |
|
|
42. |
What is network scanning? What are different types of scanning? What are objectives of network scanning? |
|
43. |
What is ICMP scanning? How is it carried out? What is ping sweep explain? |
|
44. |
Explain the TCP connection establishment and connection termination process. |
|
45. |
What are the different TCP communication flags? How can they may use to create custom packet? |
|
46. |
Compare IPV4 and IPV6 network scanning. |
|
47. |
Compare Nmap and Hping2/3. |
|
48. |
Enumerate different scaling techniques. Explain each. |
|
49. |
Explain TCP connect / full open scan. |
|
50. |
Explain XMS Scan, Null Scan and IDLE Scan. Also explain FIN Scan, ICMP EchoScan, UDP Scanning? |
|
51. |
Explain ACK flag scanning. |
|
52. |
What are the counter measures against the port scanning? |
|
53. |
Explain the scanning methodology in detail. |
|
54. |
What is banner grabbing? What are its types? Explain. What are the uses of banner grabbing? |
|
55. |
What are the counter measures against banner grabbing? |
|
56. |
What are the uses of hiding file extension from web pages? |
|
57. |
What is vulnerability scanning? What can it detect? What is the benefit of drawing network diagrams? |
|
58. |
What is a proxy server? How does it work? Why do attackers user proxy servers? |
|
59. |
How can proxy server be used for attacks? What is proxy chaining? |
|
60. |
What is HTTP tunnelling? Why do attackers need it? |
|
61. |
What is SSH tunnelling? How many machines are required for it? How is SSH tunnel created? |
|
62. |
What are anonymizers? Why are they used? What are different types of annonymizers? |
|
63. |
What is IP spoofing? What are the different techniques to detect IP spoofing? Explain. |
|
64. |
What are countermeasures against IP spoofing? Explain. |
|
65. |
Explain Scanning Pen Testing. |
|
Unit 1: Enumeration |
|
|
66. |
What is enumeration? What information can be enumerated by intruders? Explain the |
|
|
different enumeration techniques. |
|
67. |
Explain the different services with their port numbers to enumerate. |
|
68. |
What is NETBIOS? What is NetBIOS enumeration? Explain. |
|
69. |
How can systems be enumerated using default passwords? What is SNMP enumeration? Explain. |
|
70. |
Explain the different commands used for Unix/Linux enumeration. |
|
71. |
What is LDAP? What is LDAP enumeration? Explain. |
|
72. |
What is NTP enumeration? What are the commands used for NTP enumeration? Explain. |
|
73. |
What is SMTP enumeration? What are the commands used for NTP enumeration? |
|
74. |
What is DNS enumeration?? How is DNS zone transfer enumeration done using nslookup? |
|
75. |
What are the countermeasures against SNMP and DNS enumeration? Explain. |
|
76. |
What are the countermeasures against SMTP, LDAP and SMB enumeration? Explain. |
|
77. |
Explain the enumeration Pen Testing. |
|
Unit 2: System Hacking |
|
|
78. |
What are the pre-requisites for system hacking? What are the steps for hacking a system? Explain. |
|
79. |
What are the different techniques to crack passwords? Explain. |
|
80. |
What are the different types of password attacks? Explain. |
|
81. |
What is Rainbow attack? How is it carried out? Explain. |
|
82. |
What is a distributed network attack? What are its features? What are its two modules? Explain. |
|
83. |
Explain the different non-electronic attacks. |
|
84. |
Write and explain the automatic password cracking algorithm. |
|
85. |
How can password be stolen using USB drive? Explain. |
|
86. |
How are keyloggers used to steal passwords? Explain |
|
87. |
How does Microsoft authentication take place? Explain. How are hash passwords stored in Microsoft security accounts manager? |
|
88. |
What is LAN manager hash? How is LAN Manager hash generated? |
|
89. |
Explain the NTLM authentication process. |
|
90. |
Explain the Kerberos authentication process. |
|
91. |
What is salting? Explain. |
|
92. |
How can we defend against password cracking? Explain. |
|
93. |
What is privilege escalation? What are its types? Explain. How can system be protected against privilege escalation? |
|
94. |
What are the malicious programs that an attacker can execute on victim’s machine? Explain in brief. |
|
95. |
What are keyloggers? What are different types of keyloggers? Explain. |
|
96. |
How do attackers use remote keyloggers? Explain. |
|
97. |
Explain acoustic and CAM keyloggers. |
|
98. |
What is spyware? How can it be propagated? What does it do? |
|
99. |
What are different types of spywares? Explain Desktop spyware. |
|
100. |
What are different types of spywares? Explain Email and Internet spyware. |
|
101. |
What are different types of spywares? Explain child monitoring spyware. |
|
102. |
What are different types of spywares? Explain screen capturing spyware. |
|
103. |
What are different types of spywares? Explain USB spyware and GPS spyware. |
|
104. |
What are different types of spywares? Explain audio and video spyware. |
|
105. |
What are different types of spywares? Explain print spyware and telephone/cellphone |
|
|
spyware. |
|
106. |
What are the countermeasures against different types of keyloggers? |
|
107. |
How can system be protected from spyware? Explain. |
|
108. |
What are rootkits? What are its objectives? How does an attacker place rootkit? What are different types of rootkits? |
|
109. |
How does rootkit work? Explain. How can the system be protected against rootkit? |
|
110. |
What are the different ways to detect rootkits? Enumerate the steps to detect rootkit. |
|
111. |
What is NTFS alternate data stream? How are NTFS streams created? How can system be protected against NTFS streams? |
|
112. |
What is steganography? How does it work? |
|
113. |
Explain the classification of steganography. (or Explain Technical and Linguistic steganography.) |
|
114. |
Explain the different steganography techniques. |
|
115. |
What are the applications of steganography? Explain. |
|
116. |
What are the different types of steganography? |
|
117. |
Explain the different issues in Information Hiding. |
|
118. |
What is steganalysis? What are its challenges? |
|
119. |
What are the different types of steganography attacks? |
|
120. |
How can image, text, audio and video steganography be detected? Explain. |
|
121. |
Why do attackers cover tracks? What are different ways to cover tracks? |
|
122. |
Explain password cracking pen testing. |
|
123. |
Explain privilege escalation pen testing and executing applications pen testing. |
|
124. |
Explain pen testing for detecting hidden files. |
|
125. |
How can pen testing be done to check whether we can cover the tracks of our activity? |
|
Unit 2: Trojans and Backdoors. |
|
|
126. |
What is a Trojan? What is the purpose of Trojans? |
|
127. |
What are the indications of a Trojan attack? What do Trojan creators look for? |
|
128. |
How can a system be infected using a Trojan? |
|
129. |
What are wrappers? Explain. |
|
130. |
What are the different ways a Trojan can get into a system? Explain. |
|
131. |
How are Trojans deployed? What are the different techniques used by Trojans to evade antivirus software? |
|
132. |
What are different types of Trojans? Explain each in brief. |
|
133. |
How can Trojans be detected? What are the countermeasures against Trojans and Backdoors? |
|
134. |
Explain the pen testing for Trojans and Backdoors. |
|
Unit 2: Viruses and Worms. |
|
|
135. |
What is a virus? What are the characteristics of virus? What are the stages in life cycle of a virus? Explain. |
|
136. |
Explain the Infection phase and Attack phase in working of viruses. |
|
137. |
What are the objectives behind creating viruses? What are the indications of a virus attack? |
|
138. |
What are the different ways in which computer gets infected with virus? What are the techniques used for infecting computers with viruses? |
|
139. |
What are the different types of viruses? Explain each in brief. |
|
140. |
What are computer worms? Why are they created? How do they differ from virus? |
|
141. |
What is Sheep Dip computer? What is antivirus system? Explain. |
|
142. |
Explain the procedure for Malware analysis. |
|
143. |
What are the different methods to detect computer viruses? What are the |
|
|
countermeasures against computer viruses? |
|
144. |
Explain the penetration testing for virus. |
|
Unit 2: Sniffing |
|
|
145. |
What is wiretapping? What are different types of wiretapping? |
|
146. |
What is packet sniffing? How is it done? What are the threats due to packet sniffing? |
|
147. |
How do sniffers work? Explain. |
|
148. |
What are different types of sniffing attacks? Explain each in brief. |
|
149. |
Explain the two types of sniffing. What protocols are vulnerable to sniffing? |
|
150. |
What is content addressable memory table? How does it work? What happens when Content addressable memory table is full? What is mac flooding? |
|
151. |
How can we defend against MAC attacks? Explain. |
|
152. |
What is DHCP starvation attack? What is rogue DHCP attack? How can we defend against these attacks? |
|
153. |
What is APR spoofing attack? How does ARP spoofing work? |
|
154. |
What is ARP poisoning? What are the threats due to ARP poisoning? How can we defend against ARP poisoning? |
|
155. |
Explain MAC spoofing and IRDP spoofing. How can we defend against them? |
|
156. |
What is DNS poisoning? What are the steps to launch DNS poisoning attacks? What are the types of DNS poisoning attacks? Explain. |
|
157. |
How can we protect against DNS spoofing? Explain. |
|
158. |
How can an attacker hack network using sniffers? |
|
159. |
What are the countermeasures against sniffing? |
|
160. |
What are the different ways to detect sniffing? Explain. |
|
161. |
Explain Sniffing pen testing. |
|
Unit 3: Social Engineering |
|
|
162. |
What is Social Engineering? What type of behaviours can be vulnerable to social engineering attacks? |
|
163. |
Why is social engineering effective? What are the factors that make companies vulnerable to social engineering attacks? |
|
164. |
What are the warning signs of social engineering attacks? What are the phases of social engineering attacks? |
|
165. |
Explain the impact of social engineering attack on an organization. |
|
166. |
Who are the common targets for social engineering attacks? |
|
167. |
Explain the different types of social engineering. |
|
168. |
Explain Human based social engineering in detail. |
|
169. |
Explain computer based social engineering in detail. |
|
170. |
Explain Mobile based computer engineering in detail. |
|
171. |
What are the reasons for insider attacks? How can these attacks be prevented? |
|
172. |
Discuss the common social engineering targets and defence strategies. |
|
173. |
Explain social engineering through impersonation on social networking sites. |
|
174. |
What are the risks of social networking to corporate networks? Explain. |
|
175. |
What is identity theft? What are the different ways to steal an identity? |
|
176. |
What are the ways to minimize the risk of identity theft? |
|
177. |
What are the countermeasures against social engineering? |
|
178. |
How can phishing emails be detected? Explain. |
|
179. |
What are the countermeasures against identity theft? |
|
180. |
Explain Social Engineering pen testing. |
|
Unit 3: Denial of Service. |
|
|
181. |
What is denial of service attack? What are distributed denial of service attacks? How do |
|
|
they work? |
|
182. |
Explain the different techniques of denial of service attacks. What are the symptoms of denial of service attacks? |
|
183. |
What are bandwidth attacks? What are service request floods? |
|
184. |
Explain SYN attack and SYN flooding. |
|
185. |
Explain ICMP flood attack. |
|
186. |
Explain phlashing, sabotage and bricking a system. |
|
187. |
What are application level flood attacks? Explain. |
|
188. |
Explain Organized Crime Syndicates. Explain their organizational chart. |
|
189. |
What is a botnet? What is the purpose of botnet? Explain the botnet propagation technique. |
|
190. |
Discuss the botnet ecosystem. |
|
191. |
What is activity profiling? Explain wavelet based signal analysis and sequential change point detection. |
|
192. |
What are the countermeasures against denial of service and distributed denial of service attacks? |
|
193. |
What are the techniques to defend against botnets? Explain. |
|
194. |
Explain denial of service penetration testing. |
|
Unit 3: Session Hijacking. |
|
|
195. |
What is session hijacking? What are the steps to hijack a session? What are the dangers posed by hijacking a session? |
|
196. |
Why is session hijacking successful? What are the key session hijacking techniques? Explain. |
|
197. |
How can brute force be used for session hijacking? What is referrer attack? |
|
198. |
Explain spoofing and hijacking attacks. |
|
199. |
Explain the session hijacking process. |
|
200. |
Explain active and passive session hijacking techniques. |
|
201. |
Explain network level and application level session hijacking. |
|
202. |
Explain Man-in-the-middle and man-in-the-browser attacks. |
|
203. |
What is cross site scripting attack? How is it done? |
|
204. |
What is session fixation? What are the techniques used for session fixation? |
|
205. |
What is TCP/IP hijacking? How is it performed? |
|
206. |
Explain RST hijacking, blind hijacking and UDP hijacking. |
|
207. |
What are the counter measures against session hijacking? |
|
208. |
Explain session hijacking pen testing. |
|
Unit 3: Hacking Webservers. |
|
|
209. |
What is website defacement? Why are webservers compromised? What are the consequences of webserver compromisation? |
|
210. |
What is the impact of webserver attacks? |
|
211. |
What are the effects of webserver misconfiguration? Explain with example. |
|
212. |
Explain directory traversal and web cache poisoning attacks. |
|
213. |
Explain HTTP response hijacking attack. |
|
214. |
Explain the different techniques to crack webserver passwords. |
|
215. |
What are the different ways of web application attacks? Explain. |
|
216. |
Explain the webserver attack methodology. |
|
217. |
What are the countermeasures against hacking webservers? |
|
218. |
How can we defend against HTTP response splitting and web cache poisoning? |
|
219. |
What are patches and hotfixes? What is patch management? |
|
220. |
Explain Webserver pen testing. |
|
Unit 4: Hacking Web Applications |
|
|
221. |
What is a web application? What are its components? Explain. |
|
222. |
Explain the architecture of web application. How does web application work? Explain. |
|
223. |
What is Web 2.0? What are the applications of Web 2.0? Explain. |
|
224. |
Explain the web application vulnerability stack. |
|
225. |
Give the examples of web attack vectors. |
|
226. |
Explain the different threats to web applications. Explain each in brief. |
|
227. |
Explain how input validation flaws make web applications vulnerable. |
|
228. |
With the help of an example, explain, parameter tampering attack. |
|
229. |
What is directory traversal attack? What can an attacker do with directory traversal? |
|
230. |
How security misconfiguration can make web applications vulnerable? Explain with examples. |
|
231. |
With respect to web applications, what are injection flaws? What are its different types? Explain. |
|
232. |
What is LDAP injection? How does it work? Explain. |
|
233. |
Explain the hidden field manipulation attack with example. |
|
234. |
What are cross site scripting attacks? Explain in detail. |
|
235. |
Explain cross site request forgery attack. How does it work? |
|
236. |
What is web application denial of service attack? Explain different web application denial of service attacks. |
|
237. |
What is cookie poisoning? How does it work? |
|
238. |
How session fixation helps attackers to hijack a valid user session? Explain. |
|
239. |
How does insufficient transport layer security and improper error handling make web applications vulnerable? Explain. |
|
240. |
How do unvalidated redirects and forwards make web applications vulnerable? Explain. |
|
241. |
Explain the various attacks that can be done at the various layers of web services stack. |
|
242. |
Explain the web services footprinting attack and web service XML poinsoning. |
|
243. |
Explain the Web App hacking methodology. |
|
244. |
How is footprinting of web infrastructure done? Explain. |
|
245. |
Explain the analysis to be carried out to identify attack surfaces that are exposed. |
|
246. |
What are the different types of attacks on authentication mechanisms of web applications? Explain. |
|
247. |
What are the different types of password attacks? Explain. |
|
248. |
Explain the different types of authorization attacks. |
|
249. |
Explain session management attack. |
|
250. |
What are different ways to attack data connectivity? Explain. |
|
251. |
What are the different ways to attack Web App clients? |
|
252. |
Explain the different types of attacks on Web services? Explain each. |
|
253. |
What is encoding scheme? What are different encoding schemes? |
|
254. |
What are the countermeasures against command injection flaws? |
|
255. |
How can web applications be defended against cross site scripting attacks? |
|
256. |
What are the countermeasures against denial of service attacks on web applications? |
|
257. |
What are the counter measures against web application attacks? |
|
258. |
Explain in detail, the web application pen testing. |
|
Unit 4: SQL Injection |
|
|
259. |
What is SQL injection? What are the major threats of SQL injection? |
|
260. |
What are the different types of attacks that can be launched with SQL injection? |
|
261. |
Explain the following SQL injection attacks with examples: |
|
|
a) Code analysis b) Attack Analysis c) Updating a table d) Adding new records e) Identifying table name f) Deleting the table |
|
262. |
What are the different ways to detect SQL injection? Explain. |
|
263. |
Explain the SQL injection black box pen testing. |
|
264. |
What are the different types of SQL injections? Explain. |
|
265. |
Explain simple and union SQL injection attacks. |
|
266. |
What is blind injection? Explain in detail with examples. |
|
267. |
Explain the SQL injection methodology. |
|
268. |
How can web site login be bypassed using SQL injection? Explain with example. |
|
269. |
How can database, table and column be enumerated using SQL injection? Explain. |
|
270. |
Explain password grabbing SQL server hashes grabbing using SQL injection. |
|
271. |
How can SQL injection be used for the following: a) Transfer database to attacker’s machine. b) Interact with the operating system. c) Interact with the file system. d) Network reconnaissance. |
|
272. |
Explain the different types of signature evasion techniques. |
|
273. |
Explain sophisticated matches, hex encoding and manipulating white spaces evasion techniques. |
|
274. |
Explain in-line comment, char encoding and string concatenation evasion techniques. |
|
275. |
Why do attackers obfuscate codes? Explain with example. |
|
276. |
What are the countermeasures against SQL injection? Explain. |
|
Unit 4: Hacking Wireless Networks |
|
|
277. |
What is service set identifier? Explain. Explain the different authentication modes of Wi-Fi. |
|
278. |
Explain the Wi-Fi authentication process using centralised authentication server. |
|
279. |
What is Wi-Fi chalking? What are different ways of Wi-Fi chalking? What are different symbols used for it? |
|
280. |
What are the different wireless encryption algorithms? |
|
281. |
What is WEP encryption? How does it work? What are its goals? What are flaws in WEP encryption? |
|
282. |
What is WPA? How does it work? What are temporal keys? |
|
283. |
What is WPA2? How does it work? |
|
284. |
Compare WEP, WPA and WPA2. |
|
285. |
What are the issues with WEP? |
|
286. |
Enumerate the reasons that make initialization vectors weak. |
|
287. |
How can WEP encryption be broken? |
|
288. |
How can we defend against WPS cracking? |
|
289. |
What are the different wireless access control threats? |
|
290. |
How can integrity attacks be launched on wireless networks? |
|
291. |
What are the different confidentiality attacks that can be launched on wireless networks? Explain. |
|
292. |
What are the different availability attacks that can be launched on wireless networks? Explain. |
|
293. |
What are the different authentication attacks that can be launched on wireless networks? |
|
|
Explain. |
|
294. |
How is rogue access point attack done? |
|
295. |
Explain the following attacks on wireless networks: a) Client Mis-association. b) Mis-configured access point c) Unauthorized association d) Ad-hoc connection attack e) HoneySpot Access point f) Access point MAC spoofing |
|
296. |
Explain Jamming signal attack. |
|
297. |
Explain the wireless hacking methodology. |
|
298. |
What are the different ways of footprinting wireless networks? Explain. |
|
299. |
What is GPS mapping? How does and attacker use it? |
|
300. |
What do attackers gain by wireless traffic analysis? |
|
301. |
What is spectrum analysis? Explain. |
|
302. |
What is Aircrack-ng suite? What are the different programs it contains? |
|
303. |
How can the following attacks be launched using Aircrack-ng suite? a) Revealing hidden SSID b) Fragmentation attack c) MAC spoofing attack d) De-authentication and disassociation e) Man in the middle attack |
|
304. |
Explain wireless ARP poisoning attack. |
|
305. |
What is Evil Twin? Explain. |
|
306. |
What is Bluetooth hacking? Explain the different Bluetooth device attacks? |
|
307. |
What are the different threats to Bluetooth devices? |
|
308. |
How to bluejack a victim? Explain. |
|
309. |
What are the countermeasures against Bluetooth hacking? |
|
310. |
How can rogue access point be detected and blocked? Explain. |
|
311. |
Explain the different wireless security layers. |
|
312. |
What are the countermeasures against wireless attacks? |
|
313. |
What are wireless intrusion prevention systems? How are they deployed? |
|
314. |
What is wireless penetration testing? What is its purpose? |
|
315. |
Explain the wireless penetration testing framework. |
|
316. |
Explain pen testing of LEAP encrypted wireless LAN. |
|
317. |
Explain pen testing of WPA/WPA2 encrypted WLAN. |
|
318. |
Explain pen testing of WEP encrypted WLAN. |
|
319. |
Explain pen testing unencrypted WLAN. |
|
Unit 4: Hacking Mobile Platform |
|
|
320. |
i. Explain the following terminologies related to hacking mobile platforms: Stock ROM, CyanogenMod, Bricking the Mobile Device, Bring your own Device. ii. Explain the different mobile attack vectors. |
|
321. |
What are the different mobile platform vulnerabilities and risks? Explain each in brief. |
|
322. |
Discuss the security issues arising from App Stores. What are the threats of mobile malware? |
|
323. |
What are the issues with App Sandboxing? Explain. |
|
324. |
What are the features of Android OS? Explain the architecture of Android OS. |
|
325. |
What is Android Device Administration API? What are the policies it supports? |
|
326. |
What is rooting? What is its use? What are the risks associated with rooting? |
|
327. |
How can Android devices be secured? |
|
328. |
What is iOS? Explain core framework of iOS. |
|
329. |
Explain jailbreaking with respect to iOS. What are its types? What are jailbreaking techniques? |
|
330. |
How can the devices using iOS be secured? |
|
331. |
Enumerate the features of Windows Phone 8. |
|
332. |
Explain Windows phone secure boot process. |
|
333. |
How can Windows OS devices be secured? Explain. |
|
334. |
What is Blackberry OS? What are the features of Blackberry devices? Explain the Blackberry Enterprise solution architecture. |
|
335. |
Explain the blackberry attack vectors. Explain each in brief. |
|
336. |
What are the different ways in which attacker can exploit SMS on Blackberry devices? |
|
337. |
How can Blackberry devices be secured? |
|
338. |
What is mobile device management? Explain the logical architecture of mobile device management. |
|
339. |
Enumerate the general security guidelines for Mobile devices. |
|
340. |
List the guidelines for mobile device security for administrators. |
|
341. |
Explain Android phone pen testing. |
|
342. |
Explain iPhone pen testing. |
|
343. |
Explain Windows phone pen testing. |
|
344. |
Explain Blackberry phone pen testing. |
|
Unit 5: Invading IDS, Firewalls and Honeypots |
|
|
345. |
What is intrusion detection system? How does it work? |
|
346. |
What are the different ways to detect intrusion? |
|
347. |
What are the different types of intrusion detection systems? |
|
348. |
What are the general indications of intrusions? |
|
349. |
What is a firewall? How does it work? Explain the architecture of firewall. |
|
350. |
What are demilitarized zones? |
|
351. |
What are different types of firewalls? Explain in detail. |
|
352. |
Explain packet filtering firewall. |
|
353. |
Explain circuit-level gateway firewall. |
|
354. |
Explain application-level firewall. |
|
355. |
Explain stateful multilayer firewall. |
|
356. |
Explain the following techniques of firewall identification: a) Port scanning b) Banner grabbing c) Firewalking |
|
357. |
What is Honeypot? How does it work? What are different types of Honeypots? |
|
358. |
How is Honeypot setup? |
|
359. |
What is insertion attack? |
|
360. |
What types of denial of service attacks can be launched against intrusion detection systems? Explain. |
|
361. |
What is obfuscation? How can it be used to evade intrusion detection systems? |
|
362. |
What is false positive generation attack against intrusion detection systems? |
|
363. |
What is session splicing? What is its use in attacking intrusion detection systems? |
|
364. |
Explain Unicode evasion technique to evade intrusion detection systems. |
|
365. |
Explain in detail fragmentation attacks on intrusion detection systems. |
|
366. |
Explain in detail time-to-live attacks on intrusion detection systems. |
|
367. |
How can RST and URG packets be used to attack intrusion detection systems? |
|
368. |
What are polymorphic and ASCII shellcodes? How can they be used to bypass intrusion detection systems? |
|
369. |
Explain application layer attacks on intrusion detection systems. |
|
370. |
Explain Desynchronization – Pre connection SYN and Post connection SYN attacks on intrusion detection systems. |
|
371. |
How can firewalls be evaded using IP address spoofing? |
|
372. |
How source routing can be used to evade firewall restrictions? |
|
373. |
What are tiny fragments? How can attacker use them to bypass firewall restrictions? |
|
374. |
What are the different techniques to bypass blocked sites? Explain. |
|
375. |
What are the different ways to bypass firewalls? Explain. |
|
376. |
How are Honeypots detected? Explain. |
|
377. |
What are the countermeasures that provide protection against intrusion detection systems, Honeypots and firewalls? |
|
378. |
Explain firewall penetration testing. |
|
379. |
Explain intrusion detection system penetration testing. |
|
Unit 5: Buffer Overflows |
|
|
380. |
What is buffer overflow? Explain with example. |
|
381. |
Why are programs and applications vulnerable to buffer overflows? |
|
382. |
Explain the stack segment and stack based buffer overflows. |
|
383. |
Explain the different stack operations. |
|
384. |
What is heap? Explain heap based buffer overflow. |
|
385. |
What are No Operations? How do attackers use NOP? |
|
386. |
What knowledge is required to program buffer overflows? What are the steps to create buffer overflows? |
|
387. |
How do attackers attack real programs for buffer overflows and segmentation fault? |
|
388. |
What is format string problem? How buffer overflow is caused using format string? |
|
389. |
What is stack smashing? What happens once the stack is smashed? |
|
390. |
Explain simple buffer overflow in C. |
|
391. |
How can buffer overflow exploit be mutated? Explain. |
|
392. |
How can we identify and detect buffer overflows? |
|
393. |
What are the defences against buffer overflows? How can buffer overflows be prevented? |
|
394. |
What are programming countermeasures against buffer overflows? |
|
395. |
What is data execution prevention? Explain. |
|
396. |
Explain in detail, the buffer overflow pen testing. |
|
Unit 5: Cryptography |
|
|
397. |
What is cryptography? Why is it used? What are the objectives of cryptography? Explain the cryptography process. |
|
398. |
What are the different types of cryptography? Explain. |
|
399. |
Write a short note on government access to keys. |
|
400. |
What are ciphers? How are they classified? |
|
401. |
Explain data encryption standard and advanced encryption standard. |
|
402. |
Explain in brief about RC4, RC5 and RC6 algorithms. |
|
403. |
Explain digital signature algorithm and related signature schemes. |
|
404. |
Explain Rivest Shamir Adleman algorithm with example.. |
|
405. |
Explain the RSA signature scheme. |
|
406. |
What are message digest functions? Explain MD5.How can MD5 be brute forced? |
|
407. |
Explain secure hashing algorithm. Compare SHA0, SHA1 and SHA2 functions. |
|
408. |
What are digital signatures? How do they work? |
|
409. |
What is secured shell? What are its features? What does it protect against? |
|
410. |
What is public key infrastructure? Explain in detail. |
|
411. |
Who are certifying authorities? List three certifying authorities with the types of certificates they provide. |
|
412. |
What is secured sockets layer? What is session identifier? Explain the SSL handshake protocol flow. |
|
413. |
Explain transport layer security in detail. |
|
414. |
What is disk encryption? What is its use? |
|
415. |
What are cryptographic attacks? What are its different categories? |
|
416. |
What are the different code breaking techniques? Explain. |
|
417. |
Explain Man-in-the-middle attack on digital signature schemes. |
|
Unit 5: Penetration Testing |
|
|
418. |
What is security assessment? What are the categories of security assessment? Explain each category. |
|
419. |
What is vulnerability assessment? What are its limitations? |
|
420. |
What is penetration testing? Why is it required? |
|
421. |
Compare security audit, vulnerability assessment and penetration testing. |
|
422. |
What makes a good penetration test? Explain. |
|
423. |
What are the penetration testing points and locations? Explain. |
|
424. |
Explain internal and external penetration testing. |
|
425. |
Explain black box, grey box and white box penetration testing. |
|
426. |
Explain announced, unannounced, automated and manual penetration testing. |
|
427. |
Explain the common penetration testing techniques. |
|
428. |
How can DNS domain names, IP address information and enumerating information about hosts on publicly available networks be used for penetration testing? |
|
429. |
Explain the phases of penetration techniques. |
|
430. |
Explain in detail the pre attack phase of penetration testing. |
|
431. |
Explain in detail the attack phase of penetration testing. |
|
432. |
Explain in detail the post attack phase of penetration testing. |
|
433. |
Explain the pen testing methodology. |
|
434. |
What is application security assessment? Explain. |
|
435. |
Explain the Web application testing |
|
436. |
What is network security assessment? |
|
437. |
Explain wireless assessment and testing. |
|
438. |
Explain penetration testing of network filtering devices. |
|
439. |
How is denial of service simulated? |
|
440. |
Write a short note on outsourcing penetration testing. |
|
441. |
Explain the penetration testing service level agreements. |