- (Topic 3)
You have been authorized to perform a penetration test against a website. You want to use Google dorks to footprint the site but only want results that show file extensions. What
Google dork operator would you use?
Correct Answer:
A
Restrict results to those of a certain filetype. E.g., PDF, DOCX, TXT, PPT, etc. Note: The ??ext:?? operator can also be used—the results are identical.
Example: apple filetype:pdf / apple ext:pdf
- (Topic 2)
Taylor, a security professional, uses a tool to monitor her company's website, analyze the website's traffic, and track the geographical location of the users visiting the company's website. Which of the following tools did Taylor employ in the above scenario?
Correct Answer:
B
Increase your web site??s performance and grow! Add Web-Stat to your site (it??s free!) and watch individuals act together with your pages in real time.
Learn how individuals realize your web site. Get details concerning every visitor??s path through your web site and track pages that flip browsers into consumers.
One-click install. observe locations, in operation systems, browsers and screen sizes and obtain alerts for new guests and conversions
- (Topic 3)
Your company, Encryptor Corp, is developing a new application that will handle highly sensitive user information. As a cybersecurity specialist, you want to ensure this data is securely stored. The development team proposes a method where data is hashed and then encrypted before storage. However, you want an added layer of security to verify the integrity of the data upon retrieval. Which of the following cryptographic concepts should you propose to the team?
Correct Answer:
B
A digital signature mechanism is a cryptographic concept that you should propose to the team to verify the integrity of the data upon retrieval. A digital signature mechanism works as follows:
✑ A digital signature is a mathematical scheme that allows the sender of a message
to sign the message with their private key, and allows the receiver of the message to verify the signature with the sender??s public key. A digital signature provides two
security services: authentication and non-repudiation. Authentication means that the receiver can confirm the identity of the sender, and non-repudiation means that the sender cannot deny sending the message12.
✑ A digital signature mechanism consists of three algorithms: key generation,
signing, and verification. Key generation produces a pair of keys: a private key for the sender and a public key for the receiver. Signing takes the message and the private key as inputs, and outputs a signature. Verification takes the message, the signature, and the public key as inputs, and outputs a boolean value indicating whether the signature is valid or not12.
✑ A digital signature mechanism can be implemented using various cryptographic
techniques, such as hash-based signatures, RSA signatures, or elliptic curve signatures. A common method is to use a hash function to compress the message into a fixed-length digest, and then use an asymmetric encryption algorithm to encrypt the digest with the private key. The encrypted digest is the signature, which can be decrypted with the public key and compared with the hash of the message to verify the integrity12.
A digital signature mechanism can ensure the integrity of the data upon retrieval, because:
✑ A digital signature is unique to the message and the sender, and it cannot be forged or altered by anyone else. If the message or the signature is modified in any way, the verification will fail and the receiver will know that the data is corrupted or tampered with12.
✑ A digital signature is independent of the encryption or hashing of the data, and it can be applied to any type of data, regardless of its format or size. The encryption or hashing of the data can provide confidentiality and efficiency, but they cannot provide integrity or authentication by themselves. A digital signature can complement the encryption or hashing of the data by providing an additional layer of security12.
The other options are not as suitable as option B for the following reasons:
✑ A. Implement a block cipher mode of operation: This option is not relevant because it does not address the integrity verification issue, but the encryption issue. A block cipher mode of operation is a method of applying a block cipher, which is a symmetric encryption algorithm that operates on fixed-length blocks of data, to a variable-length message. A block cipher mode of operation can provide different security properties, such as confidentiality, integrity, or authenticity, depending on the mode. However, a block cipher mode of operation cannot provide a digital signature, which is a form of asymmetric encryption that uses a pair of keys3 .
✑ C. Suggest using salt with hashing: This option is not sufficient because it does not provide a digital signature, but only a hash value. Salt is a random value that is added to the input of a hash function, which is a one-way function that maps any data to a fixed-length digest. Salt can enhance the security of hashing by making it harder to perform brute-force attacks or dictionary attacks, which are methods of finding the input that produces a given hash value. However, salt cannot provide a digital signature, which is a two-way function that uses a pair of keys to sign and verify a message .
✑ D. Switch to elliptic curve cryptography: This option is not specific because it does not specify a digital signature mechanism, but only a type of cryptography. Elliptic curve cryptography is a branch of cryptography that uses mathematical curves to generate keys and perform operations. Elliptic curve cryptography can be used to
implement various cryptographic techniques, such as encryption, hashing, or digital signatures. However, elliptic curve cryptography is not a digital signature mechanism by itself, but rather a tool that can be used to create one .
References:
✑ 1: Digital signature - Wikipedia
✑ 2: Digital Signature: What It Is and How It Works | Kaspersky
✑ 3: Block cipher mode of operation - Wikipedia
✑ : Block Cipher Modes of Operation - an overview | ScienceDirect Topics
✑ : Salt (cryptography) - Wikipedia
✑ : What is Salt in Cryptography? | Cloudflare
✑ : Elliptic-curve cryptography - Wikipedia
✑ : Elliptic Curve Cryptography: What It Is and How It Works | Kaspersky
- (Topic 2)
Techno Security Inc. recently hired John as a penetration tester. He was tasked with identifying open ports in the target network and determining whether the ports are online and any firewall rule sets are encountered. John decided to perform a TCP SYN ping scan on the target network. Which of the following Nmap commands must John use to perform the TCP SYN ping scan?
Correct Answer:
C
https://hub.packtpub.com/discovering-network-hosts-with-tcp-syn-and-tcp-ack-ping-scans-in-nmaptutorial/
- (Topic 3)
Jude, a pen tester working in Keiltech Ltd., performs sophisticated security testing on his company's network infrastructure to identify security loopholes. In this process, he started to circumvent the network protection tools and firewalls used in the company. He employed a technique that can create forged TCP sessions by carrying out multiple SYN, ACK, and RST or FIN packets. Further, this process allowed Jude to execute DDoS attacks that can exhaust the network resources. What is the attack technique used by Jude for finding loopholes in the above scenario?
Correct Answer:
C
In order to circumvent network protection tools, cybercriminals may forge a TCP session more efficiently by submitting a bogus SYN packet, a series of ACK packets, and at least one RST (reset) or FIN (connection termination) packet. This tactic allows crooks to get around defenses that only keep tabs on incoming traffic rather than analyzing return traffic.
