Program contents:-

Week 1:-

Spoofing ip address and mac addresses

Proxy bouncing

Hacking rapidshare

Shortened URL Vulnerabilities

Network reconnaissance

Ping sweeping and traceroute

Reverse DNS lookups

Netcat and NCat

Port scanning

Daemon banner grabbing

Week 2

ICMP scanning

OS fingerprinting

Firewall enumeration

Passive fingerprinting with p0f

Web server fingerprinting

Spoofed packet attacks

Email forging

DOS attaicks

Reflective DDOS attacks

Password cracking attacks

Cracking saved password in browsers

Password managers

Intellectual property thefts

EXE binders

Social engineering attacks

TCP/IP: A mammoth description

Firewall tunneling using SSH and putty

HTTP tunneling

Cracking Email accounts

Port Forwarding and port triggering

WEEK 3

Identity thefts

Input validation attacks

SQL injection

IP spoofing

Cross site scripting attacks

Misuse of hidden HTML tags

Canonicalization attacks

HTTP response splitting

Buffer overflows

Passive and active sniffing attacks

ARP poisoning attack

MAC flooding attack

MAC duplication attack

Social networking websites security

Windows 7 and windows vista password cracking

Cracking CAPTCHA

Tab napping

DNS cache poisoning

DNS cache poisoning birthday attack

Domain hijacking

WEEK 4

Meet in the middle attacks

Shell accounts

USB hacking

Road sign hacking

Steganography

Wireless hacking

War driving

De-authentication attacks

Cracking WEP keys

Caffe latte attacks

Cracking WPA and WPA2

Computer forensics

Honeypots

Viruses torn apart

Penetration testing and vulnerability assessment

Software hacking

Backtrack

Saturday, December 11, 2010

afceh exam1

afech 1 question bank


01> Imagine a scenario where you send a FIN data packet to a particular port on the tarrget system. If the target system sends back an error message, what does it mean?

ansewr:- 5. Can't say without know the Operating system information.

02> While trying to chage the signature of torjan you endes increasing few bytes in the hex file. what will be the result?
answer:- 1. the torjan file will crash altogether

03> you have norton antivirus installed on your system. you scanned a torjan file and aftare altering the signatures found that it is not being detectd by norton. now you sent it to the victim where it was caught by the antivirus. what could be the possible explanation?
answer:- 3. the victim is using some other antivirus.

04> which social engineering technique is most likely to work again a senior male executive working in a bank?
answer:- 2. smooth talking.

05> what is the exact street address (physical address) of the system 203.94.11.12? you should use web based tools to answer this question.
answer:- 2. can't say

06> if you create a data packet with an infinite TTL value and send it to your friend's computer. what will happen to the data packet?
answer:- 4. the data packet will reach the target computer.

07> data is always broken down into smaller fragments at the sender's end. what will happen it you send the first fragment and third fragment of some data to the target system without sending the second fragment?
answer:- 3. ICMP fragment reassembly time exceeded error message.

08> the TCP connect port scan is often referred to as the most reliable technique of port scanning. why?
answer:- 4. it cannot be blocked without affecting normal traffic.

09> why do you think the Tracerout tool was originally developed?
answer:- 3. to pinpoint the exact position in network where there was a problem.

10> how do you bypass the BIOS password on a laptop(not a desktop)?
answer:- 1. default passwords.

11> what are the stepsfollowed by a system Awhen it wants to establish a new connection with a remote comuter B?
answer:- 1. A sends SYN packet to B. B sends back SYN/ACK. A replies with ACK.

12> are switching networks vulnerable to sniffers?
answer:- 2. yes

13> which operating system has a TTL value of 128, DF set to YES, TOS= 0 and a window size of 7000?
answer:- 4. windows NT

14> imagine that all instant messenger traffic has been blocked on your office or college network. how can you access your instant messenger and chat with your colleagues?
answer:- 2. www.meebo.com

15> can you name a major vulnerability that exists on the website htto://www.iscr.org?
answre:- 1. SQL injection

16> How can you detect sql injection loopholes on the internet?
answer:- 5. all the above.

17> what does a data packet with the RST flag turned ON represent?
answer:- 3. want to reset connection.

18> what is a good countermeasure against Land attacks?
answer:- 1. patch your operating system.

19> in which country is the website www.abc.kh located?
answer:- 5. can't say

20> why do you think array bound checking on input is an important aspect of secure programming?
answer:- 1. protects again inter overflows.

21> if the initial sequence number of a system is 1000, what will it become after 10 FIN packets, 10 SYN packets, 10 SYN packets, 10 SYN/ACK packets, 10 FIN/ACK packets, 10 seconds and 1234 ACK packets?
answer:- 3. 129040

22> which error message does the ICMP data packet with Type = 3 and code = 8 represent?
answer:- 3. source host isolated

23> what are phising attacks?
answer:- 1.the art of sending a fake login screen to the victim.

24> what is the difference between Active and Passive fringerprinting?
answer:- 1. active is not anonymous,passive is anonymous.

25> what would you recommend to somebody who wants to protect their identity on the internet?
answer:- 5. all the above.

26> if you created a data packet with a TTL value of 1 and send it to your friend's computer. what will happen to the data packet?
answer:- 1. there will be an error message and the data packet will be discared.

27> what makes the stacheldraht attack tool so difficult to counter?
answer:- 5. all the above.

28> if you ping a particular IP address on the Internet multiple times, will the TTL values displayed in the output always remain the same?
answer:- 1. no.

29> how many ports are open on the website www.hackingmobilephones.com between port 1 and 200?
answer:- 1. 3-5 ports.

30> what kind of honeypot would you recommend a university should use?
answer:- 4. high involved Honeypot

31> what vulnerability is the following programming code vulmerable against? (printf ("&d",input_decimal);) ?
answer:- 2. format string overflow

32> if you port scan your own computer and detect port 456 as open, what does it mean?
answer:- 3. any modified torjan could be installed on your system.

33> which of the following is a strong password yet easy to remember?
answer:- 4. A.n.k.i.t25

34> what do you need to do to ensure that an antivirus tool does not detect the presence of a torjan on the victim's computer?
answer:- 5. modify the signature of the trojan to avoid detection.

35> analyze the below email headers and determine the source IP address of the system that was used to send this email:
x-Appartly....................
answer:- 2. 202.158.41.55

36> usually when you port scan your home computer, you will find that some ports are open? why?
answer:- 3. the applications running on your system are your system are using these open ports.

37> why are dial up internet connections usually considered to be more secure than broadband internet connections?
answer:- 3. most dial up connections provide a dynamic IP address.

38> what is the octal version of the IP address 198.54.11.15?
answer:- . 0306.066.013.017

39> which social engineering technique is most likely to work against a young, female call center employee working in a bank?
answer:- 1. intimidation

40> using information gathering techiques determine the web hosting company of the DBS bank of singapore website (www.dbs.com.sg).?
answer:- 4. pacific net

41> whats is HTTP tunneling?
answer:- 2. working with any protocol transmitting it through http

42> how can you perform DSN poisoning?
answer:- 2. DNS zone transfer

43> what kind of honeypot would you recommend a bank should use?
answer:- 3. low involved honeypot.

44> perform a WHOIS query on the DBS bank of singapore website (www.dbs.com.sg) and determine the registered address of the website?
answer:- 2. 6,shenton way,singapore

45> what class does the IP address 198.54.11.0 belong to?
answer:- 3. class C

46> if you tracerout a partcular IP address on the Internet multiple times, do you always see the same results?
answer:- 1. No

47> in what step or command of email forging do you need to include any file attachments?
answer:- 4. DATA

48> on google search you type the search string "failure". then you press the button "i'm feeling lucky". you land on the page of "biography of president George W. Bush". what does it means?
answer:- 2. the search string has placed the page on the top of the search list.

49> what is the advantage of using ping utility?
answer:- 2. ping sweeping is faster and can be used to ping a large number of system

50> determine the web server running on the website www.hackingmobilephones.com (you may use the daemon banner grabbing techique)?
answer:- 3. apache