NPTEL Ethical Hacking Assignment 5 Answers 2023

Hello Learners, In this Post, you will find NPTEL Ethical Hacking Assignment 5 Week 5 Answers 2023. All the Answers are provided below to help the students as a reference don’t straight away look for the solutions.

NPTEL Ethical Hacking Assignment 5 Answers Join Group👇

CLICK HERE

Note: First try to solve the questions by yourself. If you find any difficulty, then look for the solutions.

NPTEL Ethical Hacking Assignment 5 Answers 2023:

We are updating answers soon Join Telegram Group for update: CLICK HERE

Q.1. Consider the following statements:

(i) The purpose of vulnerability scanning is to identify weakness of system/network in order to determine how a system can be exploited.

(ii) NMAP script can be useful for automated scanning. However, scripts can have specific requirement.

• a. Only (i) is true.
• b. Only (ii) is true.
• c. Both (i) and (ii) are true.
• d. Both (i) and (ii) are false.

Q.2. Which of the following NMAP option runs some of the nmap scripts?

• a. -A
• b. -SC
• C. -pn
• d. -PE
• e. -SL

Q.3. Which of the following NMAP scripts is used to preform DoS attack?

• a. ssh-brute
• b. smb-os-discovery
• c. smb-brute
• d. http-slowloris-check
• e. None of these.

NPTEL Ethical Hacking Assignment 5 Answers Join Group👇

Q.4. Which of the following tools/software cannot be used for scanning vulnerabilities?

• a. Hypervisor
• b. Nessus
• c. Hydra
• d. crunch
• e. hascat
• f. Nmap

Q.5. Which of the following tool/approach can be used for proxy preparation?

• a. Web based proxy/Proxychains tools
• b. By running NMAP vulnerability scanning scripts.
• c. Macchanger tool
• d. Hypervisor
• e. Firewall

Q.6. Which of the following is not a password cracking approach?

• a. Shoulder Surfing
• b. Social Engineering
• c. Dictionary Attack
• d. Brute Force attack
• e. Rule Based Attack
• f. None of these.

Q.7. Which of the following tools can be used to create a dictionary for dictionary based password attack?

• a. Hydra
• b. Crunch
• c. Nessus
• d. None of these.

NPTEL Ethical Hacking Week 5 Assignment 5 Answers Join Group👇

CLICK HERE

Q.8. Which of the following statement(s) is/are true for user enumeration?

• a. Enumeration refers to collecting details of users and their privileges.
• b. User enumeration refers to collecting username and passwords.
• c. NMAP does not have any script for user enumeration.
• d. Hydra and crunch tool can be used for user enumeration.

Q.9. Which of the following can be used for gaining same level privileges than existing one?

• a. Vertical privilege escalation.
• b. Horizontal privilege escalation.
• c. Diagonal privilege escalation.
• d. Triangular privilege escalation.
• e. None of these.

Q.10. Which of the following approaches can be helpful to avoid privilege escalation attack?

• a. Run user level application on least privileges.
• b. Keep the software updated.
• c. Regularly perform vulnerability scan.
• d. Institute a strong password policy.
• e. Avoid downloading files from untrusted/malicious websites.
• f. Ignore unknown mails..

Q.11. Which of the following statement(s) is/are false?

• a. Malware are malicious software that damages or disables computer systems and gives limited or full control to the malware creator for the purpose of theft or fraud.
• b. Malware can get inside systems through file sharing or fake programs.
• c. Malware cannot replicate itself.
• d. Malwares can alter, corrupt, modify or delete some data/files.
• e. None of these.

NPTEL Ethical Hacking Week 5 Answers Join Group👇

Q.12. Which of the following can be used as a countermeasure against malwares?

• a. Use of firewall
• b. Avoid downloading files from untrusted/malicious websites
• c. Use of antivirus tools
• d. Keep computer and software updated.
• e. Ignoring unknown mails
• f. All of these

Q.13. Which of the following statement(s) is/are false for sniffing?

• a. Sniffing is a process of monitoring and capturing all data packets passing through a given network.
• b. The HTTPS packets are vulnerable to sniffing attack.
• c. In passive sniffing ARP packets are used to flood the switch’s CAM table.
• d. None of these.

Q.14. Which of the following commands is used to delete an ARP entry in a system?

• a. arp-1
• b. arp-s
• c. arp-i
• d. arp-e
• e. None of these

Q.15. Which of the following statement(s) is/are true?

• a. ARP spoofing involve construction of large number of forged ARP request/reply packets.
• b. Using fake ARP messages, an attacker can divert all communications between two machines so that all traffic is exchanged via his/her PC.
• c. In MAC attack, CAM table are flooded with fake MAC address and IP pairs.
• d. MAC attack cannot change the behavior of the switch.
• e. MAC attack can fill the CAM table of adjacent switches.
• f. None of these.

NPTEL Ethical Hacking Assignment 5 Answers Join Group👇

Disclaimer: This answer is provided by us only for discussion purpose if any answer will be getting wrong don’t blame us. If any doubt or suggestions regarding any question kindly comment. The solution is provided by Brokenprogrammers. This tutorial is only for Discussion and Learning purpose.

About NPTEL Ethical Hacking Course:

Ethical hacking is a subject that has become very important in present-day context, and can help individuals and organizations to adopt safe practices and usage of their IT infrastructure. Starting from the basic topics like networking, network security and cryptography, the course will cover various attacks and vulnerabilities and ways to secure them. There will be hands-on demonstrations that will be helpful to the participants.

Course Layout:

• Week 1:   Introduction to ethical hacking. Fundamentals of computer networking. TCP/IP protocol stack.
• Week 2:   IP addressing and routing. TCP and UDP. IP subnets.
• Week 3:   Routing protocols. IP version 6.
• Week-4:   Installation of attacker and victim system. Information gathering using advanced google search, archive.org, netcraft, whois, host, dig, dnsenum and NMAP tool.
• Week-5:  Vulnerability scanning using NMAP and Nessus. Creating a secure hacking environment System Hacking: password cracking, privilege escalation, application execution. Malware and Virus. ARP spoofing and MAC attack.
• Week 6:   Introduction to cryptography, private-key encryption, public-key encryption.
• Week 7:   Cryptographic hash functions, digital signature and certificate, applications.
• Week 8:   Steganography, biometric authentication, network-based attacks, DNS and Email security.
• Week-9:   Packet sniffing using wireshark and burpsuite, password attack using burp suite. Social engineering attacks and Denial of service attacks.
• Week 10: Elements of hardware security: side-channel attacks, physical inclinable functions, hardware trojans.
• Week-11: Different types of attacks using Metasploit framework: password cracking, privilege escalation, remote code execution, etc.Attack on web servers: password attack, SQL injection, cross site scripting.
• Week 12: Case studies: various attacks scenarios and their remedies.

CRITERIA TO GET A CERTIFICATE:

Average assignment score = 25% of average of best 8 assignments out of the total 12 assignments given in the course.
Exam score = 75% of the proctored certification exam score out of 100

Final score = Average assignment score + Exam score

YOU WILL BE ELIGIBLE FOR A CERTIFICATE ONLY IF AVERAGE ASSIGNMENT SCORE >=10/25 AND EXAM SCORE >= 30/75. If one of the 2 criteria is not met, you will not get the certificate even if the Final score >= 40/100.

If you have not registered for exam kindly register Through https://examform.nptel.ac.in/