UNIVERSITY EXAMINATIONS: 2021/2022
EXAMINATIONS FOR THE DEGREE OF BACHELOR OF SCIENCE IN
INFORMATION SECURITY AND FORENSICS
BISF 3205: PENETRATION AND VULNERABILITY TESTING
FULL TIME/PART TIME
DATE: DECEMBER, 2021 TIME: 2 HOURS
INSTRUCTIONS: Answer QUESTION ONE AND ANY OTHER TWO questions.
QUESTION ONE – COMPULSORY [20 MARKS]
a) Discuss the benefits of conducting a penetration test. 5 Marks
b) Discuss any five common areas of penetration testing. 5 Marks
c) Differentiate between Penetration Testing, Security Auditing and Ethical Hacking, highlighgting
the similarities and differences. 6 Marks
d) Discuss the steps involved in conducting a penetration test 4 Marks
QUESTION TWO [15 MARKS]
a) Discuss in detail the WLAN penetration testing steps. 10 Marks
b) Outline the steps for router penetration testing. 5 Marks
QUESTION THREE [15 MARKS]
a) Discuss in detail the database penetration testing steps. 10 Marks
b) Discuss how you would conduct a switch penetration test. 5 Marks
QUESTION FOUR [15 MARKS]
Discuss in detail how you would go about conducting a web application penetration testing.
Document every step and highlight what you would be looking for. 15 Marks