IMT - 94: Network Security Threats Attacks and Loopholes

ASSIGNMENT - 1

1. What is social engineering? Describe different types of social engineering attacks.

2. Give ideas of social engineering attacks that could possibly be implemented on people around you.

3. What is the difference between intimidation and impersonation?

4. Describe the various types of password cracking attacks.

5. Give three examples of weak passwords.

6. Give three examples of strong passwords.

7. How can an attacker crack a UNIX password?

8. How can an attacker crack a WINDOWS password?

9. How can an attacker crack a Screen Saver password?

10. What are default passwords? Why are they enabled in applications by software developers?

ASSIGNMENT - 2

1. Describe the functions, structure and uses of the various layers of TCP/IP.

2. What is the use of checksum on the Internet?

3. What is the use of sequencing on the Internet?

4. How can an attacker carry out IP spoofing?

5. What are the four biggest challenges associated with IP spoofing?

6. What are the advantages of proxy bouncing compared with proxy servers? How can you carry out proxy bouncing?

7. What are trust relationships? Are they more secure than username-password authentication?

8. What are the three steps of connection establishment and connection termination respectively?

9. Describe the functions of the following data packets: ACK, SYN, FIN, URG and PSH.

10. What role do DOS attacks play in IP spoofing?

ASSIGNMENT - 3

1. Download the file named ankitfadia.zip from the course mailing list and crack its password. (Kindly submit the cracked password as your answer).

2. Imagine that you are a social engineer and you wish to find out the bank account number of Mr A. You decide to call the call centre of the bank and carry out a social engineering attack. How would you do it? Kindly do not actually carry out such an attack, simply submit conversation records/logs of a social engineering attack.