Advertise here ✔️

SALEHE NJOHOLE

Phone: +255 692 127 931 Email: njoholes@gmail.com

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhG5GSwn5UBLXuOOUyUDGcmuQRzn3NFkRk47bJzhk44ktBL7H0hlgUZOHqp4Y7HVlkKJd3MToAGxkygkNoG4t4kxCfjG9pCINqkA3KhHIDeudh4Sv1rRQ9uYAQJLrlxGWYzQWUGD9d8Za8/s930/3.png

Saleh Njohole

Always be inspired in your life.

My Life

What goes around is what comes around.

Brave

Be happy this moment because this moment is your life.

Thursday, April 2, 2026

SYSTEM SECURITY PRACTICAL EXAM

By  No comments:

 


SECURITY PRACTICAL EXAM

TIME: 3 HOURS
LAB SETUP
Machines:
Attacker: Kali Linux
Victim 1: Metasploitable 2
Victim 2: Windows Server (optional)
Network:
Kali: 192.168.1.5
Metasploitable: 192.168.1.10


SECTION A: RECON & ENUMERATION (20 MARKS)
Task 1: Identify Live Hosts

Task 2: Full Port Scan

Task 3: Service Enumeration

SECTION B: VULNERABILITY ANALYSIS (20 MARKS)
Task 4: Scan for Vulnerabilities
Using OpenVAS or Nessus

Task 5: Risk Analysis

 SECTION C: EXPLOITATION (20 MARKS)
 Task 6: Exploit FTP Backdoor
Using Metasploit Framework

Task 7: Post Exploitation
    a) whoami
    b) uname -a
    c) cat /etc/passwd
 
SECTION D: PASSWORD ATTACK (15 MARKS)
Task 8: Brute Force SSH
Using Hydra

Task 9: Security Analysis

SECTION E: PRIVILEGE ESCALATION (10 MARKS)
Task 10: Check Sudo Permissions

SECTION F: WEB ATTACK (15 MARKS)
Task 11: SQL Injection
Target:

http://192.168.1.10/dvwa

Using Burp Suite

Task 12: XSS Attack
Input:

<script>alert('Hacked')</script>

SECTION G: LOG ANALYSIS (10 MARKS)
Task 13: Investigate Logs

 SECTION H: SYSTEM HARDENING (10 MARKS)
Task 14: Secure the System


--------------------------------------------------------------------------------------

FOR ANY ENQUIRIES WHATSAPP: 0692 127 931

Share:
Read More

DATABASE ADMINISTRATION -MOCK APTITUTE TEST (MAT)

By  No comments:
Share:
Read More

Contact Us

SALEHE NJOHOLE P.O.BOX 2428, DAR ES SALAAM, TANZANIA EAST AFRIKA. Call: 0692 127 931
  • ICT OFFICER II – SCANNER QUESTIONS AND ANSWERS
                MCQs for ICT OFFICER II – SCANNER Section A: Scanner Operations & Imaging Which of the following best describes t...
  • ICT OFFICER - SECURITY MANAGEMENT PRACTICAL
    1.      You are given a web application which uses MERN stack to perform a vulnerability scan.   i.           State the discovered vul...
  • SYSTEM ADMINISTRATOR QUESTIONS AND ANSWER
      1. What is Linux primarily known as? a) A web server b) An operating system c) A programming language d) A hardware platform View A...
  • ICT OFFICER II - SCANNER NOTES
        CHAPTER ONE INTRODUCTION As an ICT Officer, managing scanners involves more than basic troubleshooting; it includes administration, ...
  • MCQS on SYSTEM ADMINISTRATOR
    1.     Which language is used to write Ansible playbooks? a) JSON b) YAML c) XML d) Python   Answer: b) YAML   2.     What is the alternativ...
  • MIX BY QUESTIONS PART 2
    Computer Operating Systems   ## **Part 1: Fundamentals and Architecture (1-25)**   **1. What is the primary function of an operating...
  • PROGRAMMER QUESTIONS AND ANSWERS
      1. What is the base of a recursive function? A. The first call to the function B. The condition that stops recursion ✅ C. The infinite ...
  • System Developer Questions and Answers
     System Developer QUESTION NO 1. 🔧 Tools & Definitions **What does "CI" stand for in DevOps?** A) Continuou...
  • HELPDESK QUESTIONS AND ANSWERS
      Helpdesk Questions and Answers Section A: General Helpdesk Fundamentals Q1. Which of the following best describes the main role of a ...
  • PROGRAMMING PRACTICAL QUESTIONS
      PROGRAMMING PRACTICAL QUESTION        As an application developer, you are assigned by the Public Service Recruitment Secretariat to devel...