HOME WORK
7
3. Name two different types of encryption supported by GPG for your key.
4. What happens when you sign and trust a new key to your keychain?
5
. If a user sends you his/her public key, will he/she be able to decrypt your encrypted messages once you import and sign his/her key?
6.What are the similarities between an MD5 hash and a fingerprint?
7. How would you encrypt a Web server and the pages it serves up?
8
. Why is hashing all database inputs not considered encryption of the database? What value does hashing database entries provide?
9. Where would you remove a user’s certifi cate from being able to access systems on your network?
1
0. Which connection type is secure and which is cleartext between SSH, Telnet, and FTP?
1
2-What was the allocated source IP host address for the TargetWindows01 server, TargetUbuntu01 server, and the IP default gateway router?
3-Did the targeted IP hosts respond to the ICMP echo-request packet with an ICMP echo-reply packet when you initiated the “ping” command at your DOS prompt? If yes, how many ICMP echo-request packets were sent back to the IP source?
4-If you ping the TargetWindows01 server and the UbuntuTarget01 server, which fields in the ICMP
echo-request/echo-replies vary?
5. What is the command line syntax for running an “Intense Scan” with Zenmap on a target subnet of
172.30.0.0/24?
6. Name at least fi ve different scans that may be performed from the Zenmap GUI. Document under what circumstances you would choose to run those particular scans.
7. How many different tests (i.e., scripts) did your “Intense Scan” defi nition perform? List them all after reviewing the scan report.
8. Describe what each of these tests or scripts performs within the Zenmap GUI (Nmap) scan report.
9. How many total IP hosts (not counting Cisco device interfaces) did Zenmap GUI (Nmap) fi nd on the network?
10. Based on your Nmap scan results and initial reconnaissance and probing, what next steps would you perform on the VSCL target machines?
5
1-What is the purpose of the address resolution protocol (ARP)?
2. What is the purpose of the dynamic host control protocol (DHCP)?
3. What was the DHCP allocated source IP host address for the “Student” VM and Target VM?
4. When you pinged the targeted IP host, what was the source IP address and destination IP address of the ICMP echo-request packet?
5. Did the targeted IP host respond to the ICMP echo-request packet with an ICMP echo-reply packet? If yes, how many ICMP echo-request packets were sent back to the IP source?
6. Find a TCP three-way handshake for a Telnet, FTP, or SSH session. What is the signifi cance of the TCP three-way handshake?
7. What was the SEQ# of the initial SYN TCP packet and ACK# of the SYN ACK TCP packet?
8. During the instructor’s Telnet session to LAN Switch 1 and LAN Switch 2, what was the captured
terminal password for LAN Switch 1 and LAN Switch 2?
9. When the instructor used SSH to remotely access a Cisco router, were you able to see the terminal password? Why or why not?
10. What other IP packets are on the VLAN and Ethernet LAN segment? How can these other IP packets provide additional clues or information about the logical IP routing and IP addressing schema?
8
1. Why is it critical to perform a penetration test on a Web application and a Web server prior to production implementation?
2. What is a cross-site scripting attack? Explain in your own words.
3. What is a refl ective cross-site scripting attack?
4. What common method of obfuscation is used in most real-world SQL attacks?
5. Which Web application attack is more prone to extracting privacy data elements out of a database?
6-If you can monitor when SQL injections are performed on an SQL database, what would you recommend as a security countermeasure to monitor your production SQL databases?
7-Given that Apache and Internet Information Services (IIS) are the two most popular Web application servers for Linux and Microsoft® Windows platforms, what would you do to identify known software vulnerabilities and exploits?
8. What can you do to ensure that your organization incorporates penetration testing and Web application testing as part of its implementation procedures?
9. What other security countermeasures do you recommend for websites and Web application deployment to ensure the CIA of the Web application?
10. Who is responsible and accountable for the CIA of production Web applications and Web servers?