UNIVERSITY EXAMINATIONS 2019
EXAMINATION FOR THE DEGREE OF BACHELOR OF APPLIED
COMPUTING
BAC5201 ETHICAL HACKING
FULL TIME/PART TIME
DATE: AUGUST, 2019 TIME: 2 HOURS
INSTRUCTIONS: Answer Question One & ANY OTHER TWO questions.
QUESTION ONE [30 MARKS]
a) Enumerate any four motives behind information security attacks 4 Marks
b) Discuss the methods used by attacks to collect information from social networking sites
using social engineering. 4 Marks
c) Explain briefly any six port scanning countermeasures 6 Marks
d) In each of the phases of gaining access, escalating privileges and executing applications,
state the goal and technique/exploit used. 6 Marks
e) Outline the steps followed in conducting a session hijacking process. 6 Marks
f) State any four technical skills of ethical hackers. 4 Marks
QUESTION TWO [20 MARKS]
a) Discuss in detail the steps you would follow in conducting a Man-in-the-Browser Attack.
10 Marks
b) After you have prepared a testbed, explain the detailed malware analysis procedure.
6 Marks
c) Highlight briefly any four scanning methods used for finding vulnerable machines.
4 Marks
QUESTION THREE [20 MARKS]
a) Describe how Cross Site Request Forgery (CSRF) attacks work. 6 Marks
b) Outline the steps involved in the web server attack methodology. 6 Marks
c) Explain any four web application threats. 4 Marks
d) Discuss the security issues arising from App stores. 4 Marks
QUESTION FOUR [20 MARKS]
a) Outline any eight measures you would take in defending against keystroke loggers.
8 Marks
b) Describe how the following attack tools operate:
(i) Spyware 2 Marks
(ii) Keystroke logger 2 Marks
(iii) Rootkit 2 Marks
c) Discuss briefly any three major characteristics exhibited by most cyber criminals.
6 Marks
QUESTION FIVE [20 MARKS]
a) Differentiate between:
(i) Passive reconnaissance and active reconnaissance 2 Marks
(ii) Authenticity and Integrity 2 Marks
(iii) Suicide hackerand cyber terrorist 2 Marks
b) With the aid of a diagram explain the procedure used by hackers in a typical botnet setup
10 Marks
c) Profilers draw inferences on about the criminal’s personality and other characteristics
based on what? 4 Marks