ICT OFFICER - SECURITY MANAGEMENT PRACTICAL

1.     You are given a web application which uses MERN stack to perform a vulnerability scan.

 

i.          State the discovered vulnerabilities.

 

ii.           State the implication of the vulnerabilities and provide recommendations

 

iii.           Exploit the discovered vulnerabilities on the web application (OWASP Top 10 – there was an SQL injection, XSS, CSRF, and others)

 

2.     You are given an IP address to perform a network scan (nmap) to identify:

 

i.          Open ports, services running on open ports, OS running on open ports.

 

ii.           You also required to discover vulnerabilities on open ports, state their implications (effects) and recommend ways to deal with them.

 

iii.           Exploit the vulnerabilities identified above.

 

3.     You are given an API that has vulnerabilities, you are to perform a vulnerability scan and state the discovered vulnerabilities on the API endpoints and exploit them.

 

4.     I don’t recall the 4^th question

 

MDAs and LGAs (ICT Officer – Security) 2023

 

1.     Given a hacker’s directory, scan to find the victim’s OS, vulnerabilities, etc.

 

2.     Given a web application, perform a vulnerability scanning and penetration test of it and write a report.

 

3.     Given an image that has a malicious payload, discover the payload and write a report.

 

4.     Given a login page, perform a password attack.

 

TCRA (ICT Officer – Cyber Security) 2024

 

1.     Given an android application, perform a vulnerability assessment of the application. State the discovered vulnerabilities, their implications, and provide recommendations.

 

2.     Given a local area network:

i.     Discover hosts on the network.

 

ii.      Scan each host for open ports

 

iii.      Scan each host for services running and OS

 

iv.     Find associated vulnerabilities in the open ports for each host, state their implications and provide recommendations.

 

v.     Perform a penetration testing using the discovered vulnerabilities above (at least 2)

 

3.     You are given two .pcap files and you are required to answer questions about discovered IP address, MAC address, etc.

 

4.     Given a web application:

 

i.     Perform a vulnerability scan, state discovered vulnerabilities, and provide recommendations for each.

 

ii.      Use the discovered vulnerabilities to gain access into the web application and provide admin credentials (do not use brute force).

 

iii.      Exploit the vulnerabilities in the web application. 

__________________________________________________________________________________

FOR ANY ENQUIRIES

👇

WhatsApp: +255 692 127 931

___________________________________________________________________________________

                                                                ***ALL THE BEST*** 

NB: ANYTHING CAN HAPPEN.