NPTEL Ethical Hacking Week 4 Assignment Answers 2024 (July-October)

Week 4 Assignment 4 Solutionssolutions and explanations for each question in the Week 4 Assignment of the Ethical Hacking course. The focus of this assignment is on hypervisors, active reconnaissance, Whois database lookups, port scanning, and techniques related to host discovery and OS detection in NMAP. Each question is analyzed, and the correct answer is provided with reasoning.





Question 1:
Which of the following statement(s) is/are true?
a. Hypervisor allows one host system to support multiple virtual machines by sharing the resources.
b. Hypervisor allows one host system to support multiple virtual machines; however, it does not allow resource sharing.
c. Kali-Linux is a Debian-based Linux distribution that has a collection of tools that are useful for penetration testing.
d. Kali-Linux is a hack-proof secured operating system.
e. None of these.

Answer:
Correct options: a, c
Reasoning:

  • Option a is correct because hypervisors are designed to allow a single host system to manage multiple virtual machines, effectively sharing the host's resources among them.
  • Option c is correct because Kali-Linux is a well-known Debian-based distribution widely used for penetration testing due to its comprehensive set of security tools.

Question 2:
Which of the following statement(s) is/are true about "Active Reconnaissance"?
a. Information about the target is collected indirectly.
b. There is a chance of detection.
c. Information about the target is collected directly.
d. There is no chance of detection.

Answer:
Correct options: b, c
Reasoning:

  • Option b is correct because active reconnaissance involves directly interacting with the target system, which increases the risk of detection by the target.
  • Option c is correct because active reconnaissance entails directly gathering information from the target, as opposed to passive reconnaissance, which relies on indirect methods.

Question 3:
Which of the following information cannot be retrieved using Whois database lookup?
a. Registration details
b. Name Servers
c. IP Address
d. History of the website.
e. None of these.

Answer:
Correct option: d
Reasoning:

  • The Whois database provides information such as registration details, name servers, and sometimes the IP address associated with a domain. However, it does not provide the history of a website, making option d the correct choice.

Question 4:
What is the main objective of a port scan?
a. Identification of live hosts.
b. Identification of services running in the target system.
c. Identification of the operating system of the target systems.
d. None of these.

Answer:
Correct option: b
Reasoning:

  • The primary purpose of a port scan is to identify which services are running on the target system by probing different ports to see if they are open and responding. This helps in understanding what software and potentially exploitable services are present on the target.

Question 5:
Which of the following statement(s) is/are true for host discovery using ICMP ECHO sweep?
a. For ICMP ECHO sweep, -PP option is used.
b. The attacker sends out an ICMP ECHO request packet to the target, and waits for an ICMP ECHO reply response.
c. If the attacker does not receive an ICMP ECHO reply then the host is considered as down.
d. If the attacker does not receive an ICMP ECHO reply then the host is considered as live.

Answer:
Correct options: b, c
Reasoning:

  • Option b is correct because ICMP ECHO sweep involves sending an ICMP ECHO request to the target and waiting for a reply to confirm the presence of a live host.
  • Option c is correct because if no ICMP ECHO reply is received, it is generally inferred that the host is down or unreachable.

Question 6:
Which of the following options are used for host discovery using TCP and UDP sweep respectively?
a. PE, PA
b. Pp, PU
c. PM, PA
d. P4, PU

Answer:
Correct option: b
Reasoning:

  • Option b is correct because in NMAP, Pp is used for TCP Ping, and PU is used for UDP Ping, which are the options used for host discovery.

Question 7:
Which of the following option is used for OS detection?
a. PU
b. Os
c. O
d. sO
e. None of these.

Answer:
Correct option: c
Reasoning:

  • Option c is correct because in NMAP, the -O option is used to enable OS detection, which attempts to determine the operating system of the target host by analyzing the response to certain network probes.

Question 8:
How many ports are scanned in NMAP for a target system if we use -F option ________?
Answer:

  • The -F option in NMAP stands for "Fast mode," which scans only the top 100 most common ports instead of all 65,535 possible ports.

Question 9:
If we want to disable host discovery in port scanning, then which of the following options can be used?
a. F
b. P
c. Pn
d. sn
e. We cannot disable host discovery.

Answer:
Correct option: c
Reasoning:

  • Option c is correct because -Pn in NMAP is used to disable host discovery, meaning the tool will assume the target is up and will skip the host discovery phase.

Question 10:
Which of the following can be used to reconnaissance countermeasures?
a. Do not release critical info in public.
b. Encrypt password and sensitive information.
c. Restrict zone transfer.
d. Examine logs periodically.
e. Use firewalls.

Answer:
Correct options: All of the above
Reasoning:

  • All the options listed are valid countermeasures to reconnaissance. Each method contributes to protecting sensitive information and preventing attackers from gathering information during the reconnaissance phase.
NPTEL Ethical Hacking Week 4 Assignment Answers 2024 (July-October)

Next Post Previous Post
No Comment
Add Comment
comment url
×