ASSIGNMENT - 1
1. What are Buffer Overflows? Give an example of a source code that can be overflowed.
2. Describe in detail three different types of Buffer Overflows.
3. How can Buffer Overflows be prevented?
4. Trojans, Keyloggers, Sniffers and Spyware are examples of tools that assist IP theft. Describe some similarities and differences between each one of them.
5. What are some of the challenges associated with remotely installing IP theft tools on the target system?
6. How can you avoid anti-virus detection while installing IP theft tools on the target system?
7. Describe counter-measures that can be implemented on a system to prevent IP theft.
8. What is Steganography? How can you detect the presence of data that is steganographically hidden inside an image?
9. If you are a disloyal, disgruntled employee and want to steal data from your organisation, then which technique would you use?
10. What is Dumpster Diving? Why does an attacker usually carry it out?
ASSIGNMENT - 2
1. What are routing tables? What are they used for?
2. Describe three different types of DOS attacks. How are they executed? Suggest some counter-measures.
3. Describe three different types of distributed DOS attacks. How are they executed? Suggest some countermeasures.
4. What is the key difference between DOS attacks and distributed DOS attacks?
5. Describe a hybrid DOS attack that has not been described in this course.
6. What security solutions would you implement in your organisation to prevent your employees from stealing data?
7. What is USB Hacking? What all can be done by an attacker using USB Hacking? How can you prevent USB Hacking?
8. What is an attacker usually trying to do while performing shoulder surfing?
9. What are Keyloggers? What makes them so dangerous?
10. How can an attacker prevent IP theft through cellphones?
ASSIGNMENT - 3
1. You will need two different systems for this particular lab session. On one system install the victim part of the Trojan while on the other system install the attacker part of the Trojan. Now use the attacker part of the Trojan to control the victim part and do things on its screen. (Kindly submit actual screenshots as your answer.)
2. Carry out Dumpster Diving on a particular victim for a consecutive period of 10 days and collect all private, confidential information that you can about the victim. Please note that every student is required to take prior permission from the victim before carrying out this exercise. (Kindly submit actual items that you collect via Dumpster Diving as your answer.)
|