*1.

Enter your Name, mobile number and email address

Enter your Name, mobile number and email address
___________________________________

2. Referring to the figure below, the horizontal line represents a power-line. D

ue to an incident, power was no longer reaching to point "I" from point "A".
Assuming you have a voltage reader, describe is the fastest method for detecting
the location of the defect on the wire?
___________________________________
Power outage
A B C D E F G H I
[__,__,__,__,__,__,__,__]

3. You are performing a vulnerability assessment on a client. You were able to f

ind a severe vulnerability, the client became eager to demonstrate the vulnerabi
lity to his management as fast as possible. It is your responsibility to program
a demonstration of the exploit. Assuming the issue is a web based vulnerability
(on a web application), what is the best programming language to use for writin
g the exploit given the fact that it must be finalized as fast as possible?
VB . Net
C++
Csharp
Python
Assembly Language
C

4. You are managing an application previously developed by a different programme

r (running over HTTPS). No documentation is provided. You found out from the ser
ver logs that the application started malfunctioning due to a problem in a POST
parameter called "theSecret". Given that the error log on the server side is not
clear and there are no JavaScript errors, what would be the fastest and most ef
ficient next step for you to take, in order to debug the problem?
User HTTPwatch or HTTPfox to sniff the traffic and see the value of the "theSecr
et" parameter being sent and what response we are receiving
Use Firebug to sniff the traffic and see the value of the "theSecret" parameter
being sent and what response we are receiving
Use Wireshark to sniff the traffic and see the value of the "theSecret" paramete
r being sent and what response we are receiving

Use the "view source" function on the browser to see understand what is the prob
lem with the "theSecret" parameter

5.You are trying to audit a web application. However, whenever you enter a speci
al character, a JavaScript popup stops you from doing so. What tools can be used
to bypass this type of protection?
WebScarab
BurpSuit local proxy
TamperData Firefox add-on
Sub7
W3AF
Nessus
Acunetix

6. What is the best programming language for coding a remote access tool (trojan
-like tool) used in penetration tests?
Meterpreter
Python
CSharp
VB .Net
C / C++
Batch script
Perl

7. what is the most commonly used design pattern for web application development
?
Abstract factory
Singleton
MVC (Module / View / Controller)
Builder

8. What is a "protected variable"?

A variable which can only be read but not modified
A variable which is read by it's class and subclasses
A variable that is protected from getting accessed unless from the class to whic
h it belongs to only
A variable which is stored in a protected memory segment on which external proce
sses cannot access

9. Assuming we have a web based form. Certain validation takes place on the form
(such as checking for correct email address pattern, making sure integers are e
ntered in the age field ....etc). The client requested from you (as the develope
r) both server and client side validation. What are the difference between them?
JavaScript is used for client side validation while PHP is used for server side
Both client and server side validation can be programmed with JavaScript
Client side validation is coded with JavaScript while server side is coded throu
gh AJAX
JQuery is used for server side validation and AJAX is used for client side
HTML events are used for client side validation while JavaScript is used for ser
ver side validation

10. What are preconditions (in a software development context)?

Required conditions for the application to work
Required constraints per variable within a function
Conditions conveyed by the client during information gathering phase
Minimum hardware and software requirements for the application to run efficientl
y

11. What is the programming language of the following syntax:

select * from users where userName = 'helpag';
Perl
SQL Statement

ASP .Net
PHP
C++
XML

12. In what extension should the below code be stored?

<html>
<head>
<title>PageTest</title>
</head>
<body>
<? echo '<p>Hello World</p>'; ?>
</body>
</html>
CSS
PHP
HTML
ASPX
JS

13. What is the following programming / Scripting language:

for /l %%x in (1, 1, 9) do echo %%x
Python
Windows batch script
Perl
Visual basic
C++

14. What would be the extension of the following file:

// FILE START
document.write("Hello from inside the code")
//FILE END
JS
HTML

JSP
ASP
ASPX

15. Given you have a PHP page (customers.php) where the code returned is below.
With any language or scripting language of your choice, code a tool (as in write
the code below) that submits a request to
http://website.com/customers.php
And when the below response is returned, the tool will take the email addresses
only and place them in an array
<HTML>
<body>
<br />
Name: John<br />
Telephone: 05473733<br />
Fax: 6574737<br />
Email: theemail1@domain.com<br/>
<br />
<br />
Name: Jack<br />
Telephone: 4728422<br />
Fax: 53453<br />
Email: theemail2@domain.com<br/>
<br />
<br />
Name: smith<br />
Telephone: 3433433<br />
Fax: 4324324<br />
Email: theemail3@domain.com<br/>
<br />
<br />
Name: Stacy<br />
Telephone: 34322532<br />
Fax: 42342<br />
Email: theemail4@domain.com<br/>
</body>
</HTML>
______________________________
16. Which programming languages are you most familiar with?
C
ASP .Net
CSharp
VB .Net
Java

PHP
HTML
JSP
C++
ASP
Python
Perl
SQL
Other (please specify) ______________________

17. What is the function of the below statement?

select count(*) from usrs where usrn="$usr" and psw="$psw"
Run a Linux cron job
Retrieve all information of a user from the databse
select a field from a combo box
Authenticate a user

18. Given the following statement and assuming no input filtering is taking plac
e on the application. How can an attacker subvert the output to returning always
true
select count(*) from usrs where usrn='$usr' and psw="$psd"
Given the following statement and assuming no input filtering is taking place on
the application. How can an attacker subvert the output to returning always tru
e select count(*) from usrs where usrn='$usr' and psw="$psd" $usr parameter sh
ould be set to ' true and $psd should be set to " true
$usr parameter should be set to ' or 'a'='a and $psd should be set to " or "a"="
a
$usr parameter should be set to ' or 'a'='a and $psd should be set to ' or 'a'='
a
$usr parameter should be set to blank and $psd should be blank
19. Why is error handling important in security?
Why is error handling important in security?
ion owner trace the cause of the error

Error handling helps the applicat

Error handling hides sensitive data that can be leaked when an error is generate
d

Error handling can restore damage caused from an error or attack

Error handling does not impact security
20. Retrieve the clear text of the following cipher text:
VGhhbmsgeW91IGZvciB5b3VyIGludGVyZXN0IGluIEhlbHBBRwo=
Retrieve the clear text of the following cipher text: VGhhbmsgeW91IGZvciB5b3VyIG
ludGVyZXN0IGluIEhlbHBBRwo=
21. Retrieve the clear text out of the following cipher text:
H4sIAJ0TIVEAA%2FNMU6jML1UoSi3OzylLTVEoycgs1gGSqXlg8fT8EoVEhbLUokqFjMz0DIXi5Pyi
VC4AL1RPPjUAAAA=
Retrieve the clear text out of the following cipher text: H4sIAJ0TIVEAA%2FNMU6jM
L1UoSi3OzylLTVEoycgs1gGSqXlg8fT8EoVEhbLUokqFjMz0DIXi5Pyi VC4AL1RPPjUAAAA=
22. In what language is the code below programmed? And describe what each line o
f code does:
WSAConnect(sock, (SOCKADDR*) &sain, sizeof(sain), NULL, NULL, NULL, NULL);
memset(&ini_proc, 0, sizeof(ini_proc));
In what language is the code below programmed? And describe what each line of co
de does: WSAConnect(sock, (SOCKADDR*) &sain, sizeof(sain), NULL, NULL, NULL, NUL
L); memset(&ini_proc, 0, sizeof(ini_proc));
23. Complete the sentence:
WinDBG, Syser and Olydbg are tools used for:
Complete the sentence: WinDBG, Syser and Olydbg are tools used for:
24. Explain (in your own words) the following techniques as much as possible:
Polymorphism
Metamorphism
Obfuscation
Packers
Explain (in your own words) the following techniques as much as possible: Polymo
rphism Metamorphism Obfuscation Packers
25. What is the difference between hashing and encryption?
What is the difference between hashing and encryption? Hashing is a one way fu
nction on which the cipher text cannot be reversed to clear text. It contains no
key, encryption can generate cipher text from clear text and clear text from ci
pher text by using an encryption/decryption key
Hashing masks the data while encryption makes it unreadable
Hashing is the process of serializing the information into an array (sometimes r
andomization of segments take place for security reasons) encryption can generat
e cipher text from clear text and clear text from cipher text by using an encryp
tion/decryption key
Hashing and encryption are the same technically, however the context on which th
ey are used changes the name. Hashing is used when storing sensitive details in
the database while encryption is used for exchanging sensitive data
26. Which of the following all belong to man-in-the-middle attack category?
Which of the following all belong to man-in-the-middle attack category?
lay, ARP poisoning, DNS spoofing, DHCP spoofing

SMB re

ARP poisoning, XSS, SQL injection, SMB relay

DNS cache poisoning, switch ARP cache poisoning, buffer overflows
ARP cache poisoning, DOS attacks, Phishing attacks
27. Describe what you would consider your best accomplishment when it comes to I
T security (regardless of the category)