Level: 3

Module Title: Network Penetration Testing & Ethical Hacking

Module Code: M3G421124
Module Leader: Dr Michelle Govan
Session: 2012/2013 Sample Paper
Exam Duration: 2 hours

Candidates should attempt ONLY three questions.

All questions carry an equal weighting (75 marks in total).

Please read the questions carefully.

This is a closed book exam.

Students for whom English is not their first language are permitted to use a Standard
English/Foreign Language dictionary, e.g. French/English/English/French. Please ensure
that the dictionary does not contain any notes or other materials and note that electronic
dictionaries are not permissible.

Materials to be Supplied/Allowed:

Lined Examination Script Books (supplied)

Question Paper (supplied)

Network Penetration Testing & Ethical Hacking (M3G421124)

Computer, Communication & Interactive Systems
School of Engineering & Built Environment
 Network Penetration Testing & Ethical Hacking
Sample Exam Paper 2012/2013

Question 1: Penetration Testing Methodology [25 Marks]

a. In terms of hacking,
i. Define the term ethical hacking. [1 Mark]

ii. Explain the difference in the actions performed by an ethical hacker and a black hat hacker.
[2 Marks]

iii. Briefly outline the three aspects that differentiate an ethical hack and a malicious attack.
[3 Marks]

b. Explain in detail, the contents of the final penetration testing report. [4 Marks]

c. Explain in detail the basic four-step model to zero entry hacking. [5 Marks]

d. Define the technical terms: (i) vulnerability, and (ii) exploit. [2 Marks]

e. Define the four offences stated by the Computer Misuse Act 1990, as updated by the Police and
Justice Act 2006. Provide brief examples of activities that would violate the four main sections
of the Act. [8 Marks]

Question 2: Information Gathering, Scanning & Vulnerability Assessment [25 Marks]

a. In terms of information gathering,

i. Define the term reconnaissance, and explain its importance within the hacking/penetration
testing cycle. [2 Marks]

ii. Describe the difference between active and passive reconnaissance. [4 Marks]

iii. Explain the information that can be acquired from the Whois service. [2 Marks]

iv. Define what is meant by a Google directive. Explain the correct use of a directive, providing
an example to illustrate. [3 Marks]

b. In terms of port scanning,

i. Define what is meant by a port and a service. Explain their importance within hacking and
penetration testing. [3 Marks]

ii. Briefly describe port scanning. [2 Marks]

iii. Describe the Null port scan, and explain how it is implemented. [3 Marks]

iv. Define four perimeter avoidance-scanning methods that are designed to avoid firewalls.
Explain the common feature of the techniques. [3 Marks]

c. Explain the difference between a vulnerability assessment and a penetration test. [3 Marks]
2 M3G421124: Network Penetration Testing & Ethical Hacking

Question 3: Exploitation Mechanisms [25 Marks]

a. Define the term authentication, listing the different mechanisms and providing examples.
[4 Marks]

b. Describe the three basic technical methods for cracking passwords. Provide an example of the
structure of password that each method is able to crack. [4 Marks]

c. Define four non-technical based techniques to password cracking. [2 Marks]

d. Define the term social engineering, and explain in detail the attack vector referred to as reverse
social engineering. [5 Marks]

e. Explain the difference between a worm and a virus. [2 Marks]

f. Explain the difference between an overt channel and a covert channel. [2 Marks]

g. Explain what is meant by the term Trojan. Define the different forms a Trojan can take.
[6 Marks]

Question 4: Exploitation Phase [25 Marks]

a. In the context of penetration testing, describe the exploitation phase, outlining the ultimate
end goal. [3 Marks]

b. In the context of Metasploit,

i. Describe the use of the Meterpreter within the hacking process. [5 Marks]

ii. Explain the role of the payload. Provide two examples to illustrate your answer. [6 Marks]

iii. Explain the difference between the RHOST and LHOST options. [2 Marks]

iv. Define the three different interfaces available within Metasploit. [3 Marks]

c. Explain the type of attack commonly performed when using an online password cracker such
as Medusa or Hydra. [2 Marks]

d. Explain the difference between a brute force attack and a dictionary attack in the context of a
penetration test to an online service such as SSH. [4 Marks]

Question 5: Denial of Service Attacks & Retaining Access [25 Marks]

a. In the context of denial of service (DoS) attacks,

i. Explain the steps an attacker would undertake to perform a Distributed Denial of Service
Attack. [4 Marks]

ii. Describe in detail the attack vector referred to as a smurf attack. [5 Marks]

iii. Describe in detail the attack vector referred to as a fraggle attack. [4 Marks]

iv. Explain the methods which exist for preventing DoS attacks. [6 Marks]

b. In the context of penetration testing, define the following terms

i. Backdoor. [4 Marks]

ii. Rootkit. [2 Marks]