1. You are given a web application which uses MERN stack to perform a vulnerability scan.
i.
State the
discovered vulnerabilities.
ii.
State the implication of the vulnerabilities and provide recommendations
iii.
Exploit the discovered vulnerabilities on the web application (OWASP Top
10 – there was an SQL injection, XSS, CSRF, and others)
2. You are given an IP address to perform a network
scan (nmap) to identify:
i.
Open ports, services running on open ports, OS running on open ports.
ii.
You also required to discover vulnerabilities on open ports, state their
implications (effects) and recommend ways to deal with them.
iii.
Exploit
the vulnerabilities identified above.
3. You are given an API that has
vulnerabilities, you are to perform a vulnerability scan and state the
discovered vulnerabilities on the API endpoints and exploit them.
4. I don’t recall the 4th question
MDAs and LGAs (ICT Officer –
Security) 2023
1. Given a hacker’s directory, scan to find the
victim’s OS, vulnerabilities, etc.
2. Given a web application,
perform a vulnerability scanning and penetration test of it and write a report.
3. Given an image that has a
malicious payload, discover the payload and write a report.
4. Given a login page, perform a password attack.
TCRA (ICT Officer – Cyber
Security) 2024
1. Given an android application,
perform a vulnerability assessment of the application. State the discovered
vulnerabilities, their implications, and provide recommendations.
2. Given a local area network:
i. Discover hosts on the network.
ii. Scan each host for open ports
iii. Scan each host for services running and OS
iv. Find associated
vulnerabilities in the open ports for each host, state their implications and
provide recommendations.
v. Perform a penetration testing
using the discovered vulnerabilities above (at least 2)
3. You are given two .pcap files
and you are required to answer questions about discovered IP address, MAC
address, etc.
4. Given a web application:
i. Perform a vulnerability scan,
state discovered vulnerabilities, and provide recommendations for each.
ii. Use the discovered
vulnerabilities to gain access into the web application and provide admin
credentials (do not use brute force).
iii. Exploit the vulnerabilities in the web application.
__________________________________________________________________________________
FOR ANY ENQUIRIES
👇
WhatsApp: +255 692 127 931
___________________________________________________________________________________
***ALL THE BEST***
NB: ANYTHING CAN HAPPEN.
0 comments:
Post a Comment