DDOS Attack Scenario

1. Your Company's website suddenly experiences an overwhelming amount of traffic, causing it to

become very slow and unresponsive for legitimate users. There is no immediate indication of who is
behind this surge. what type of attack might this be and what immediate actions should be taken to
address the issue?

Ethical hacking tools & technique.

2. Compare and contrast the use of automated penetration testing tools versus manual testing
technique in ethical hacking. which approach do you believe is more effective in identifying system
vulnerabilities & why?

3. Classify the information security challenges and explain about any five challenges with detail
manner.

4. Biometric authentication system-IDAM: Evaluate strength and weakness of integrated biometric

authentication methods into an organisation's IAM strategy Consider factors such as security, user
acceptance privacy concern & potential failure modes.

5. Deception
i) How can organization strategically plan and implement deception techniques to create effective
Cyber defense mechanisms? Discuss the considerations for designing and deploying deceptive
elements within a network infrastructure to maximize their impact on attackers.

ii) Investigate the role of deception in incident response strategies including its use for early threat
detect threat hunting forensic analysis. How can organization leverage deception to gather actionable
intelligence during and after security incidents to enhance their response capabilities?

6. Education tool for understanding cipher and encrypting a secret message

i) A teacher wants to Create an interactive online tool that helps students understand the concept of
poly alphabetic substitution by encrypting and decrypting their own messages: The tool should
visually demonstrate how the Cipher alphabet shifts with each letter. what considerations should the
teacher take anto account to make the tool both educational & user-friendly ?

ii) You are planning a surprise party for a friend who loves puzzles & cryptography. To send out the
invitation without spoiling the surprise, you decide to encrypt the message using a Caesar cipher with
a shift of 4. The message yo you want to encrypt is " meet at the park at noon". What is the encrypted
message?

7. Firewall emerging Trends & challenges Discuss emerging trends in firewall technology, such as
cloud-based firewall Software-Defined Networking (SDN) integration zero Trust Netwerk Architecture
(ZTNA). what challenges do organisations face in implementing effective firewall strategies in era of
remote work, IOT devices and increasing sophisticate cyber threats.

Module 2
8. Describe the OWASP Top 10 list of web application vulnerabilities. Choose one vulnerability From
the list and discuss common exploitation techniques and mitigation strategies. What are some
advanced technique attackers use to exploit server-side Vulnerabilities in web application such as SQL
injection or remote code execution?

9. Discuss Common vulnerabilities associated with network infrastructure devices such as routers,
switches & firewall.
How can misconfiguration or vulnerability in these devices can be exploited. Explain the concept of
"main the middle" attack & describe how attackers cant leverage this technique to intercept &
manipulate network traffic. What are some effective counter measures
10. Compare and Contrast signature - based detection and anomaly- based detection in Intrusion
detection Systems. what are the strengths and weakness of each approach?

11. Describe the role of intrusion detection Systems in incident response. How do IDS alerts
contribute to the detection, analysis and mitigation of security incidents?

12. Discuss some emerging trends and technologies in the field of intrusion detection Systems such as
machine learning -based anomaly detection, threat inteligence integration, and Cloud- based IDS
solutions. How do these trends address evolving security threats and challenges ?

13. Explain the difference between authentication & authorization in the context of web security.
What are some common authentication, mechanism used in web application and how can they be
strengthen to prevent attack such as brute force or credential stuffing?

14. Explain the purpose of antivirus software and how it detects and mitigates malware threats.
Compare and contrast traditional signature-based antivirus detection with behaviour based and
heuristic detection and methods. Discuss the challenges associated with antivirus software such as
false positives, sign update and evasion techniques used by malware users ?

15. You are security analyst tasked with performing network security for a corporate network. The
organization suspect that unauthorized devices may be connected to the network. How do you use '
Nmap' to scan the network & identify all active host open ports?

16. Your organisation recently implemented a new firewall, and you need to verify that it is
Configured correctly to allow essential service while blocking Unauthorized access.

Module 3
17. N crack

18. You are conducting a security audit of web application that use HTTP Basic authentication for user
authentication. Explain how you would use N crack to test weak credentials or misconfiguration that
could potentially

19. Your organisation recently underwent a network infrastructure upgrade & need to verify that all
systems are properly configured and secured. Explain how to use 'Nessus' to conduct a network
security audit, including scanning etc.

20. write down the various controls that are used to apply for monitoring the organizational Systems
in the information security management?

More questions:

21. A Company experiences a series of phishing attacks targeting employees login credentials. How
can companies enhance security by implementing MFA(Multi-Factor Authentication) to require
additional authentication factors beyond passwords?

22. A cybersecurity team discovers a new strain of malware in their environment. How can they set
up a controlled environment to analyze the malware while using deception techniques to deceive the
malware into revealing its full capabilities?

23. A software development company wants to enhance the security of its servers and workstations
against insider threats and malware attacks.Describe the implementation of HIDS(Host based IDS)
solutions to monitor system logs? Write about the rules and policies of HIDS.

24. Write down the various controls that are used to apply for monitoring the organizational systems
into security management?
25. A social media platform experiences a major data breach resulting in the exposure of millions of
user accounts. How could they activate their crisis management plan to respond to the breach,
mitigate the damage and restore trust among users and stakeholders?

26. Employee discloses login credentials in response to social attack, leading to unauthorized access
to systems. How should the incident response team educate employees about social engineering
tactics, revoke credentials and enhance security awareness training?

27. A development team wants to integrate a third party software component that speeds up
deployment times but introduces potential vulnerabilities. How do you evaluate the security risks and
measures you take to securely integrate and manage this software?

Module 4

28. Several employees report suspicious emails asking for login credentials also. How should the
incident analysis team proceed to trace the origin of phishing email. Identify all affected systems and
access the damage by compromised accounts.

29. An educational institute wants to audit its IT infrastructure to protect students and faculty data
and provide reliable access to learning resources. What area should the audit team prioritize
considering both cyber security and data privacy?

30. An employee in your organization clicks on a link in a phishing email,which leads to a suspicious
website.Describe how you would record this incident using a standard template. What information
would you capture?How would you classify this incident and what priority level would you assign to it ?

31. Your organization's main website is experiencing DDOS affecting customer access .How would you
document this using an incident report form? Classify and prioritize this incident considering its
position in the business report.

32. A non-profit organization receives funds from various donors and must ensure these funds are
used according to the donor's intentions. Which audit technique should be used to trace and verify
the allocation of funds. How would the auditor ensure the accuracy and reliability of the financial
statement?

33. A bank wishes to audit its IT system to prevent cyber attacks. What techniques should auditors
employ to assess the adequacy of the bank's cyber security measures including network security,data
encryption and access control? How can penetration testing and vulnerability scanning be integrated
into the audit process?

34. During a compliance audit of a hospital, you discover that several procedures do not align with
National health regulations. How do you record these findings and how do you structure your report
to ensure clear communication of sometimes to hospital management?

Module 5

35. Software development company plans to release a new mobile app for financial transactions.
Describe how you would establish the nature and scope of information.Security audit to evaluate
security posture of mobile application ,including data encryption, secure authenticity protection
against common mobile threats ?

36. A government agency responsible for critical infrastructure wants to strengthen its cybersecurity
defenses against potential cyber threats.Explain how would you establish the nature and scope of an
information security audit to assess the agency's readiness to protect critical infrastructure assets
from cyber attacks?
37. A financial institution wants to access the security of its online banking platform.Describe how you
would establish the nature & scope of an information security audit to evaluate the platform's
security controls including authentication mechanisms, encryption standard,and vulnerability
managements?

38. A multinational corporation wants to safeguard its intellectual property assets from unauthorized
access and theft. Describe how you would identify the specific requirements of inf to protect
corporation trade secrets, patents and property information.

39. You are leading a project to implement a new security framework across your organization.The
Deadline is tight and your team is behind schedule due to unforeseen technical challenges. How do
you manage your team's workload and your own stress to ensure the project is completed on time
and meets all securities standards?

40. An e-commerce company has to launch a new website for online transactions. How would you
identify the requirement of information security to protect client payment information,prevent fraud
& ensure secure transactions?

41. You are notified of a security breach after working hours.The breach requires immediate attention
but your team is off duty. How do you manage the situation to resolve the issue promptly while
considering work life balance?

Tools

42 . Hired as cybersecurity consultant for the medium sized company that has experienced security
breaches in the past.How to use Nessus to conduct an assessment of their network security
posture?Provide Step plan to outline use of Nessus, from initial setup to final reporting and
remediation recommendation?

43. Suppose you are tasked with conducting a security assessment of a web application for a client.
Describe how you would use Nikto to identify common vulnerabilities such as outdated software
versions,misconfigurations and known security issues. Provide Step -by-step plan for performing the
assessment with Nikto,including how you would interpret the scan results and prioritize remediation
efforts?

44. As a part of a pen testing engagement task with stimulating a brute force attack against target
system login interface, How could leverage crunch tool create a custom character set and generate
password penetration for brute force attack . Discuss consideration for selecting an appropriate
character set and password length based on target systems security controls and password
complexity requirements?

45. Imagine you are tasked with mapping out the network infrastructure of a large organization. How
would you use nmap for a comprehensive discovery scan to identify all active hosts, open ports
and services on the network? Discuss the options and techniques in NMAP for host discovery port
scanning and service version detection. Explain how you would interpret the result to create a
topology map

46 . A company has identified the critical virus in one of its web apps and needs to assess the
effectiveness of a newly implemented patch. Describe how you would use metasploit to exploit the
virus and verify whether the patch successfully mitigated the exploit. Discuss the steps involved in
setting up a control environment for testing, executing the exploit and analyzing the result to confirm
the patch's efficiency?

47. Imagine you are hired by a large corporation to access the security posture of their network
infrastructure. How would you utilize Nessus to conduct a comprehensive vulnerability
assessment ?Describe the steps you would take to configure and execute scans across different
network segments,analyze the scan results and prioritize remediation efforts based on the severity of
identified vulnerabilities?

48. Demonstrate steps involved for performing an exploit within a virtual machine considering kali
linux machine as an attacker machine and windows 7 virtual machine as victim machine using
metasploit tool?

49. A company wants to implement a continuous monitoring solution to detect and respond to
potential threats to its infrastructure. How could NIKTO be integrated into computer security
monitoring workflow to perform regular scans for new vulnerabilities & emerging threats ?
Discuss the automation option and scheduling capabilities available in NIKTO for conducting periodic
scans as well as the methods for alerting security analysts to anomalous or suspicious findings?