ilovepdf_merged_merged.pdf
Document Details
Uploaded by CalmKeytar8296
Full Transcript
NPTEL Online Certification Courses Indian Institute of Technology Kharagpur Course Name: ETHICAL HACKING Assignment- Week 1 TYPE OF QUESTION: MCQ/MSQ/SA Number of questions: 10...
NPTEL Online Certification Courses Indian Institute of Technology Kharagpur Course Name: ETHICAL HACKING Assignment- Week 1 TYPE OF QUESTION: MCQ/MSQ/SA Number of questions: 10 Total mark: 10 x 1 = 10 ______________________________________________________________________________ QUESTION 1: In which of the following penetration testing models, no information about the network is given to the tester? a. White box model. b. Black box model. c. Gray box model. d. Red box model. Correct Answer: b Detail Solution: In the white box model, the tester has complete information about the network. In the black box model, the tester does not have any information about the network. Gray box model is somewhere in between, where the tester is only provided with partial information about the network. There is nothing called red box model. Thus the correct option is (b). ____________________________________________________________________________ QUESTION 2: Which of the following statement(s) is/are true for a circuit switched network? a. A communication link may be shared by more than connection. b. A communication link is dedicated to a connection and cannot be shared with other connections. c. The packet transfer delay between a pair of nodes may depend on the prevailing network traffic. d. It is more efficient for bursty traffic. Correct Answer: b NPTEL Online Certification Courses Indian Institute of Technology Kharagpur Detail Solution: In a circuit switched network, a communication link remains dedicated to a connection; however, in a packet switched network, communication links may be shared by more than one connection. Also, in a packet switched network, packets between the same source and destination may follow different paths, and hence the packet transfer delay can vary with time; this depends on the prevailing traffic situation in the network; whereas in circuit switched network the link is dedicated so mostly the delay remains constant. Circuit switched network is acceptable for voice communication but is very inefficient for high traffic like data streaming. Thus, option (b) is true. ______________________________________________________________________________ QUESTION 3: Which of the following statement(s) is/are false for virtual circuit based packet transfer approach? a. It is a connection-oriented approach, where a route is established priori to transfer of packets. b. The intermediate node can perform dynamic routing. c. All the packets reach in order to the destination. d. It is a true packet switched network. Correct Answer: b, d Detail Solution: Virtual circuit approach is a connection-oriented packet switching approach where a route is established before packet transmission starts. For a session the packets follows the same path, and then once the session is expired a new route is established. In virtual circuit, a virtual circuit id is used by intermediate nodes of the route such that the packet can be forwarded to the next node. This means that the Intermediate nodes can only forward the packet and cannot make dynamic routing decision. In virtual circuit all packets reach in order to the destination as packets follow the same path. It is not a true packet switched network as it uses a fixed path for transmitting data. Thus correct answers are (b) and (d). ______________________________________________________________________________ QUESTION 4: NPTEL Online Certification Courses Indian Institute of Technology Kharagpur A packet of size 2000 bytes is sent over a 50 kilo-bits-per-second (Kbps) point-to-point link whose propagation delay is 5 msec. The packet will reach the destination after ________ msec. (Assume 1K = 1000) Correct Answer: 323 to 327 Detail Solution: 1 bit can be sent in = (1 / 50,000) sec 2000 bytes or 16,000 bits can be sent in 16,000 / 50,000 sec = 0.32 sec = 320 msec The initial delay before the first bit reaches the destination is 5 msec Hence the packet will reach the destination after = 320 msec + 5 msec = 325 msec _____________________________________________________________________________ QUESTION 5: Which of the following OSI layers is responsible for end-to-end reliable data transfer? a. Physical layer b. Transport layer c. Network layer d. Datalink layer Correct Answer: b Detail Solution: The physical layer is responsible for actual transmission of signals over a communication medium. The data-link layer is responsible for transmitting data frames reliably over point-to-point links. The network layer is responsible for the switching or routing of packets from one node to the next on way to its final destination. The transport layer is a virtual host-to-host layer between the two end systems which is responsible for end-to-end reliable data transfer with error recovery and flow control. Thus, the correct option is (b). ______________________________________________________________________________ QUESTION 6: Which of the following statement(s) is/are true for the IP address? a. It uniquely identifies a network interface of a computer system. b. It uniquely identifies a host in the network. c. It indicates how many hardware ports are there in the computer system. NPTEL Online Certification Courses Indian Institute of Technology Kharagpur d. None of these. Correct Answer: b Detail Solution: The IP address uniquely identifies a host in the network. Thus the true option is (b). _____________________________________________________________________________ QUESTION 7: How many bits are used for IP address (in IPv4) and port number respectively? a. 32, 8 b. 32, 16 c. 128, 8 d. 128, 16 Correct Answer: b Detail Solution: 32 bits are used for IP address whereas 16 bits are used for port number. Thus the correct option is (b). ______________________________________________________________________________ QUESTION 8: Which of the following is not a valid port numbers in TCP/IP? a. 21 b. 80 c. 443 d. 8080 e. 80800 Correct Answer: e Detail Solution: In TCP/IP, port numbers are 16-bit quantities, with values in the range of 0 to 216-1 = 65535. Hence, the correct option is (e). ______________________________________________________________________________ QUESTION 9: If the IP header is 224 bits long, what will be the value of the “HLEN” field (in decimal) ______? Correct Answer: 7 NPTEL Online Certification Courses Indian Institute of Technology Kharagpur Detail Solution: The HLEN field contains the size of the IP header in multiples of 32 bits or 4 bytes. Here, size of the IP header = 224 bits = 7 x 32 bits. Hence, HLEN will contain 0111, which is the binary equivalent of the number 7. ______________________________________________________________________________ QUESTION 10: The minimum size of IP header required in an IP datagram is ________ bytes. Correct Answer: 20 Detail Solution: The minimum size of the IP header is 20 bytes; whereas an additional 40 bytes can be added in the packet as per requirement. ______________________________________________________________________________ ************END******* NPTEL Online Certification Courses Indian Institute of Technology Kharagpur Course Name: ETHICAL HACKING Assignment- Week 2 TYPE OF QUESTION: MCQ/MSQ/SA Number of questions: 10 Total mark: 10 x 1 = 10 ______________________________________________________________________________ QUESTION 1: Which of the following statement(s) is/are true for transparent fragmentation? a. The subsequent networks are aware that the fragmentation has occurred. b. It is required to route all packet to the same exit router in a network. c. Each fragment is treated as an independent packet. d. All fragmented packets are reassembled by host system. e. All fragmented packets are reassembled by the exit router. Correct Answer: b, e Detail Solution: In transparent fragmentation, all packets are routed through an exit router that assembles the fragmented packets. In this approach the subsequent network(s) have no information about fragmentation. Whereas in non-transparent fragmentation the packets can be transmitted through multiple routers as each packet is treated as independent packet and the reassembly is done by the destination host system. Thus the true options are (b) and (e). ______________________________________________________________________________ QUESTION 2: For reassembling the fragmented packets at the final destination, which of the following header field(s) is(are) used by IP? a. Fragment offset. b. Flags. c. Header checksum. d. HLEN. e. Identification. Correct Answer: a, b, e Detail Solution: For fragment assembly, identification (ID), fragment offset and flag fields are used. NPTEL Online Certification Courses Indian Institute of Technology Kharagpur Thus true options are (a), (b) and (e). ______________________________________________________________________________ QUESTION 3: An IP packet arrives at the final destination with the D flag set as 1. Which of the following statement is true about the packet? a. The packet has not been fragmented. b. The packet has been fragmented and it is the first fragment. c. The packet has been fragmented and it is the last fragment. d. None of these. Correct Answer: a Detail Solution: When the More (M) flag in a packet is 1, this indicates that the original packet has definitely been fragmented and there are more fragments following. When the Don’t Fragment (D) flag in a packet is 1 then it prevents it from being fragmented. Thus the true option is (a). ______________________________________________________________________________ QUESTION 4: In an IP packet, the value of HLEN is 8, and the total size of IP packet is 1500 bytes. The number of data bytes in the packet will be ________. Correct Answer: 1466 to 1470 Detail Solution: Since HLEN = 8, the size of the IP header will be 8 x 4 = 32 bytes. The total size of the IP packet is given as 1500 bytes. Hence, the number of data bytes = 1500 – 32 = 1468. bytes. ______________________________________________________________________________ QUESTION 5: Which of the following statement(s) is/are false for IP addressing? a. Each host connected to the Internet is defined by an IP address. b. IP address consist of two parts: network number and host number. c. When a packet is routed to the destination network, only the network number is used. d. None of these. NPTEL Online Certification Courses Indian Institute of Technology Kharagpur Correct Answer: d Detail Solution: IP address is 32-bit quantity, it is expressed as dotted decimal notation where dots are used to separate each of the four octets in the address. IP address consist of two logical parts: network number and host number; while routing a packet to the destination network, only the network number is looked at whereas for uniquely identifying the system inside a network host number is used. Thus the correct option is (d). ______________________________________________________________________________ QUESTION 6: Which address classes do the IP addresses 10.16.75.12 and 192.10.85.120 belong to? a. Class A and Class B b. Class B and Class C c. Class C and Class D d. Class A and Class C Correct Answer: d Detail Solution: Class A addresses start with “0”, class B addresses start with “10”, class C addresses start with “110”, and class D addresses start with “1110”. For the IP address 10.16.75.12, the first byte 10 = 00001010 in binary; for the IP address 192.10.85.120, the first byte 192 = 11000000 in binary. Clearly, the first one is Class A, and the second one is Class C address. Hence, the correct option is (d). ______________________________________________________________________________ QUESTION 7: Which of the following IP addresses does not represent broadcast address? a. 10.0.0.255 b. 10.255.255.255 c. 144.16.255.255 d. 173.16.0.255 e. 192.168.5.255 f. 192.168.255.0 Correct Answer: a, d, f NPTEL Online Certification Courses Indian Institute of Technology Kharagpur Detail Solution: In a broadcast address, all the bits in the “host” part of the IP address will be 1. (a) and (b) are class A addresses, where the last 24 bits indicate the host. (c) and (d) are class B addresses, where the last 16 bits indicate the host. (e) and (f) are class C addresses, where the last 8 bits indicate the host. Hence, the IP addresses given in options (b), (c), and (e) represent broadcast addresses. Thus IP address given in options (a), (d) and (f) are not a broadcast address. ______________________________________________________________________________ QUESTION 8: Which of the following statement(s) is/are false for flag bits in TCP header? a. SYN=1 and ACK=0 represents a connection request message. b. SYN=1 and ACK=1 represents a connection confirmation message. c. RST bit is used to reset/reject connection request. d. None of these. Correct Answer: d Detail Solution: In the TCP header, SYN=1 and ACK=0 represents connection request, whereas SYN=1 and ACK=1 represents connection confirmation. RST is used to reset/reject connection. Thus correct option is (d). ______________________________________________________________________________ QUESTION 9: What is the subnet address if the destination IP address is 144.16.34.124 and the subnet mask is 255.255.242.0? a. 144.16.32.0 b. 144.16.34.0 c. 144.16.34.255 d. 144.16.242.255 Correct Answer: b Detail Solution: Let us express the two numbers in binary: 144.16.34.124 = 10010000 00010000 00100010 01111100 255.255.242.0 = 11111111 11111111 11110010 00000000 If we take bit-by-bit AND, we shall get the subnet address as NPTEL Online Certification Courses Indian Institute of Technology Kharagpur 10010000 00010000 00100010 00000000 = 144.16.34.0 Thus the correct option is (b). ____________________________________________________________________________ QUESTION 10: An organization is allotted an address block with beginning address as: 144.16.192.24/29 in CIDR notation. What will be the address range for that block? a. 144.16.192.0 to 144.16.192.8 b. 144.16.192.8 to 144.16.192.16 c. 144.16.192.16 to 144.16.192.24 d. 144.16.192.24 to 144.16.192.31 Correct Answer: d Detail Solution: First 29 bits in the IP address will denote network number. The range will be: 144.16.192.24 = 10010000 00010000 11000000 00011000 to 144.16.192.31 = 10010000 00010000 11000000 00011111 Thus the range given in option (d) is correct. ______________________________________________________________________________ ******END******* Week – 3 Assignment – 3 Energy conservation and waste heat recovery, 2024 1. Select the correct option regarding the use of reheat in steam power plant i. It improves the total work output and dryness fraction. ii. Work output per unit mass of circulating fluid increases. iii. It decrease size of boiler. iv. Less heating is required in economizer A. i and ii B. ii and iv C. i, ii and iii D. All the above Ans: A 2. Match the following a) Regenerative cycle i) Direct contact b) Reheat Cycle ii) Increases mean temperature of heat addition c) Closed feed water heater iii) Improves work output d) Open feed water heater iv) Indirect contact A. a-ii, b-iii, c-iv, d-i B. a-iii, b-iv, c-i, d-ii C. a-iv, b-iii, c-i ,d-ii D. a-i, b-iv, c-iii, d-ii Ans: A 3. Pinch point in a heat recovery steam generator is A. Difference between the temperatures of flue gases and inlet of economizer B. Difference between the temperatures of flue gases and inlet of evaporator C. Difference between the temperatures of flue gases and inlet of superheater D. None of the above Ans: B 4. A steam power plant operates on a Rankine cycle with reheating. The cycle is shown as below on a T-s plane. Which one is representing the reheating process? A. A-B B. B-C C. C-D D. D-E Ans: C 5. The feed water heater in steam power plant preheats feed water by A. Hot flue gases from boiler furnace B. Extracting steam from the turbine C. Hot air from air preheater D. Using steam directly from the superheater Ans: B 6. In the Rankine cycle, heat rejection takes place at A. Constant pressure B. Constant volume C. Constant enthalpy D. None of the above Ans: A 7. Which is the correct representation of heating process in Rankine cycle (i) (ii) Flue gas Flue gas Steam Steam T T s s (iii) (iv) Flue gas Flue gas Steam Steam T T s s A. i B. ii C. iii D. iv Ans: B 8. Exergy destroyed in the turbine is equal to A. Exergy delivered to the turbine by the working fluid only B. Exergy delivered by the turbine to the shaft only C. Difference between the exergy delivered to the turbine by the working fluid and exergy delivered by the turbine to the shaft D. None of the above Ans: C 9. Consider a regenerative Rankine cycle with one open feed water heater as shown in figure. If m is the mass fraction of steam extracted from the turbine what is the possible expression for it. h6 h4 A. m h1 h4 h5 h4 B. m h2 h4 h5 h4 C. m h6 h5 h1 h2 D. m h2 h5 Ans: B Performing the energy balance for open feed water heater m h2 1 m h4 1 h5 h5 h4 m h2 h4 10. A steam power plant operates on an ideal regenerative Rankine cycle with one open feed water heater. Determine the enthalpy of steam extracted from the turbine. T-s diagram of the cycle is shown in problem 9. h4 = 187.07 kJ/kg h5 = 803.5 kJ/kg h6 = 808.5 kJ/kg m = 0.242 kg/s Neglect pump work and kinetic and potential energy changes. A. 2374.3 kJ/kg B. 2734.3 kJ/kg C. 2360.1 kJ/kg D. Data not sufficient Ans: B Using the expression obtained from energy balance for open feed water heater h5 h4 m h2 h4 h2 = 2734.3 kJ/kg 11. In a steam power plant, a saturated liquid water coming out from condenser enters into a pump and the pump feeds back the water into the boiler. The condenser and the boiler pressures are 0.06 bar and 18 bar, respectively. The specific volume of the water at the condenser outlet is 0.001006 m3/kg. Find out the pump work (kJ/kg) required to feed unit mass of water. Isentropic efficiency of the pump is 85 %. A. 2.1 kJ/kg B. 1.8 kJ/kg C. 1.5 kJ/kg D. Data not sufficient Ans: A P1 – P2 = 18 – 0.06 = 17.94 bar = 17.94 × 100 kPa v3 = 0.001006 m3/kg WP, isentropic = h4 – h3 = v3 (P1 – P2) = 0.001006 × 17.94 × 100 = 1.80 kJ/kg ηP = 85% = WP, isentropic/WP,actual WP,actual = 1.80/0.8 = 2.12 kJ/kg 12. Consider a steam power plant using a reheat cycle as shown below. Steam leaves the boiler and enters the high pressure turbine at 4 MPa, 350 oC (h1 = 3095 kJ/kg). After expansion in the turbine to 400 kPa (h2 = 2609 kJ/kg), the steam is reheated to 350 oC (h3 = 3170 kJ/kg), and then expanded in a low-pressure turbine to 10 kPa (h4 = 2454 kJ/kg). The thermal efficiency of the plant neglecting pump work is A. 34.6% B. 41.4% C. 14.0% D. 20.6% Ans: A Neglecting the pump work h5 = h6 Turbine work (WT) = (h1 – h2) + (h3 – h4) = 1202 kJ/kg Heat input (Qin) = (h1 – h6) + (h3 – h2) = 3464 kJ/kg Thermal efficientcy = (WT / Qin) = (1202/3464) = 0.346 = 34.6 % 13. Steam generated at a power plant at 6.0 MPa and 500 °C is fed to a reversible adiabatic turbine. The steam exits from the turbine and enters a condenser at 15 kPa where it is condensed to a saturated liquid, which is then pumped to the boiler. Calculate turbine work (kJ/kg)? Properties at inlet and exit of the turbine are given below. 1. 6.0 MPa and 500 °C h = 3422.2 kJ/kg, s = 6.882 kJ/kg K 2. 15 kPa hf = 226 kJ/kg, hfg = 2373.2 kJ/kg, sf = 0.755 kJ/kg K, sfg = 7.254 kJ/kg K A. 2467 kJ/kg B. 2456.8 kJ/kg C. 1193.2 kJ/kg D. 2323.9 kJ/kg Ans: C State1 P1 =6.0 MPa and 500 °C, From given property table, h1= 3422.2 kJ/kg s1= 6.882 kJ/kg K state 2 P2 = 15 kPa , s2 = s1 = 6.882 kJ/kg K, sf2 = 0.755 kJ/kg K, sfg2 = 7.254 kJ/kg K hf2 = 226 kJ/kg, hfg2 = 2373.2 kJ/kg s2 = sf2+x sfg2 x = (s2- sf2)/ sfg2 = (6.882 – 0.755)/ 7.254 = 0.844 h2 = hf2+x hfg2 =226 + 0.844(2373.2) = 2228.98 kJ/kg WT, isentropic = (h1- h2) = 3422.2 – 2228.98 = 1193.22 kJ/kg 14. A regenerative Rankine cycle with one open feed water heater as shown in figure below. The enthalpy of the steam is 3600 kJ/kg at the turbine inlet, 3000 kJ/kg at the location of bleeding and 2500 kJ/kg at the turbine exit. The net power output of the plant is 120 MW, and the fraction of steam bleeding off the turbine for regeneration is 0.2. If the pump work is negligible, the mass flow rate of steam at the turbine inlet (point 1) is A. 150 kg/s B. 96 kg/s C. 120 kg/s D. None of the above Ans: C h1 = 3600 kJ/kg h2 = 3000 kJ/kg h3 = 2500 kJ/kg Wnet = WT - WP=120000 kW WP is neglected WT = m1 (h1-h2) + m3 (h2-h3) WT = m1 (3600 - 3000) + m3 (3000 - 2500) Considering fraction of steam bled as 0.2, m2 = 0.2 m1 Using m1 = m2 + m3, m3 = m1 - m2 = 0.8 m1 120000 = m1 (3600 - 3000) + 0.8 m1 (3000 - 2500) 120000 = m1 (600) + 0.8 m1 (500) m1 = 120000/1000 = 120 kg/s 15. Why regenerative steam power cycle is used? A. It facilitates heat addition at larger temperature difference B. It facilitates heat addition at lower temperature difference C. It facilitates heat addition at higher temperature D. It facilitates heat rejection at lower temperature Ans: C Assignment-4 Course Id: noc24-me142 Energy conservation and waste heat recovery (ECWHR), 2024 1) What is the primary function of the intercooler in an intercooled gas turbine cycle? A. To cool the exhaust gases before they are released into the atmosphere B. To increase the pressure of the air entering the compressor C. To reduce the temperature of the air between stages of compression, thereby reducing the work of compression D. To improve the efficiency of the combustion process Ans. C. 2) In a Heat Recovery Steam Generator (HRSG), which component is primarily responsible for increasing the overall efficiency of the system by utilizing the exhaust gases from a gas turbine? A. Economizer B. Supplementary firing C. Superheater D. Feedwater Heater Ans. B. 3) What is the primary function of the economizer in an HRSG system? A. To produce high-pressure steam B. To reduce NOx emissions C. To heat the feedwater before it enters the steam generation process D. To condense exhaust gases for reuse Ans. C. 4) The efficiency of the topping and the bottoming cycle of a combined cycle power plant are 0.35 and 0.25 respectively. The efficiency of combined cycle in percentage is A. 33.65 B. 68.75 C. 51.25 D. 60 Ans: C. Solution: 1 2 1 2 0.35 0.25 0.35 0.25 0.5125 (or 51.25%) 5) For a gas turbine with maximum temperature T3 and minimum temperature T1, the optimum pressure ratio for maximum net work output is given by 𝛾 𝑇 2(𝛾+1) A. ( 3) 𝑇1 2(𝛾−1) 𝑇3 𝛾 B. ( ) 𝑇1 𝛾 𝑇 2(𝛾−1) C. ( 3) 𝑇1 2𝛾 𝑇 (𝛾−1) D. ( 3) 𝑇1 Ans: C Solution of Q. no 5) For an ideal Brayton cycle, pressure ratio (rp) is given by 𝛾−1 𝑇2 𝑇3 (𝑟𝑝 ) 𝛾 = = , 𝑇1 𝑇4 and the net work output is given by, Wnet i.e. WT -WC. W𝑛𝑒𝑡 = 𝑊𝑇 − 𝑊𝐶 = 𝑚𝑎 𝐶𝑝 (𝑇3 − 𝑇4 ) − 𝑚𝑎 𝐶𝑝 (𝑇2 − 𝑇1 ). For the maximum net work output, the optimum pressure ratio can be found. As the maximum temperature (T3) and minimum temperature (T1) are fixed, and writing Wnet in terms of rp, T3, and T1, we get 𝛾−1 1 W𝑛𝑒𝑡 = 𝑚𝑎 𝐶𝑝 𝑇3 (1 − 𝛾−1 ) − 𝑚𝑎 𝐶𝑝 𝑇1 ((𝑟𝑝 ) 𝛾 − 1). (𝑟𝑝 ) 𝛾 On differentiation of Wnet with respect to rp and making dWnet/drp equal to zero, we get the optimum pressure ratio, 𝛾 𝑇3 2(𝛾−1) (𝑟𝑝 ) = ( ) (𝐎𝐩𝐭𝐢𝐨𝐧 𝐂) 𝑜𝑝𝑡𝑖𝑚𝑢𝑚 𝑇1 6) In a gas turbine, the atmospheric air is compressed to 5.5 atm. The maximum and minimum cycle temperatures are 1280 K and 310 K. Find the ratio of the gas turbine cycle efficiency to the Carnot cycle efficiency. The ambient is at 1 atm, 310 K. (γ = 1.4) A. 0.43 B. 0.67 C. 1.96 D. 0.50 Ans: D. Solution of Q. no 6) 𝑇𝑚𝑖𝑛 310 𝜂𝐶𝑎𝑟𝑛𝑜𝑡 = 1 − =1− = 0.7578 𝑜𝑟 75.78%, 𝑇𝑚𝑎𝑥 1280 1 𝑃2 5.5𝑎𝑡𝑚 𝜂𝐵𝑟𝑎𝑦𝑡𝑜𝑛 = 1 − 𝛾−1 , where rp is compression ratio, given as 𝑟𝑝 = = = 5.5 ; 𝑃1 1𝑎𝑡𝑚 (𝑟𝑝 ) 𝛾 1 𝜂𝐵𝑟𝑎𝑦𝑡𝑜𝑛 = 1 − 𝛾−1 = 0.3855 (5.5) 𝛾 𝜂𝐵𝑟𝑎𝑦𝑡𝑜𝑛 0.3855 = = 0.5087 ≈ 0.50 (𝐎𝐩𝐭𝐢𝐨𝐧 𝐃) 𝜂𝐶𝑎𝑟𝑛𝑜𝑡 0.7578 7) The given below block diagram of a gas turbine power plant shows combustion chamber, intercooler, reheater, and regenerator, which are represented by the letters P, Q, R, and S. Identify the correct option showing the correct representation of the above-mentioned components. 10 Q 5 S 9 R 7 8 6 4 Compressor Compressor Turbine Turbine Wnet 1 2 3 Air P A. P- Reheater, Q-Regenerator, R-Combustion chamber, and S-Intercooler. B. P- Intercooler, Q-Regenerator, R-Combustion chamber, and S-Reheater. C. P- Combustion chamber, Q- Intercooler, R- Reheater, and S- Regenerator. D. P- Intercooler, Q-Regenerator, R-Reheater, and S-Combustion chamber. Ans: B. 8) A simple ideal Brayton cycle with air as the working fluid has a pressure ratio of 11. The air enters the compressor at 300K and the turbine at 1500 K (γ = 1.4). The back-work ratio (in %) is A. 40 B. 45 C. 50 D. 55 Ans: A Solution of Q.no 8) Pressure ratio (rp) is 11. Using the properties of the isentropic process 𝛾−1 𝑇2 = (𝑟𝑝 ) 𝛾 = 1.9839; P2 = P3 and P1 = P4, we get T2 = 595.198 K and T4 = 756.08 K 𝑇1 𝑊𝑐𝑜𝑚𝑝 ℎ2 − ℎ1 𝐶𝑝 (𝑇2 − 𝑇1 ) Back work ratio = = = = 0.3968 ≈ 0.40 𝑜𝑟 40% (𝐎𝐩𝐭𝐢𝐨𝐧 𝐀) 𝑊𝑇𝑢𝑟𝑏 ℎ3 − ℎ4 𝐶𝑝 (𝑇3 − 𝑇4 ) 9) In an ideal Brayton cycle with perfect intercooling (T3 = T1, T2’ = T4), air steadily enters the first compressor (process 1-2’) of the gas turbine shown in figure below at 100 kPa and 300 K. The pressure ratio across the two-stage compressor is 8. The intercooler operates at an intermediate pressure so that the compression work is minimum. One may assume ideal gas behavior with ∆ℎ = 𝐶𝑝 ∆𝑇. The ratio of the work-done by the compressors in two-stage compression (1st stage-process 1 to 2’, 2nd stage-process 3 to 4) with intercooling to the work done by the compressor in single-stage compression (process 1-2) in percentage is A. 85 B. 75 C. 80 D. 95 Ans: A Solution of Q. no 9) Using given pressure ratio and properties of isentropic process 1-2’. As mentioned in the question, intermediate pressure is given as, 𝑃2 𝑃2′ = √𝑃1 𝑃2. 𝑟𝑝 = , 𝑃2 = 800 𝑘𝑃𝑎. 𝑃2′ = √100 × 800 𝑘𝑃𝑎 = 282.84 𝑘𝑃𝑎. 𝑃1 Also, 𝑃2′ = 𝑃3. For process 1-2’, 𝛾−1 0.4 𝑇4 𝑃4 𝛾 800 1.4 =( ) , 𝑇4 = 𝑇3 × ( ) = 403.76 𝐾, 𝑇4 = 𝑇2′ 𝑇3 𝑃3 282.84 Using the relevant values, we calculate the Compressor work with intercooling (I Stage- process 1-2’, II Stage- process 3-4), 𝑊𝑐𝑜𝑚𝑝,𝑤𝑖𝑡ℎ 𝑖𝑛𝑡𝑒𝑟𝑐𝑜𝑜𝑙𝑖𝑛𝑔 = 𝑊𝐼 𝑆𝑡𝑎𝑔𝑒,1−2′ + 𝑊𝐼𝐼 𝑆𝑡𝑎𝑔𝑒,3−4 = (ℎ2′ − ℎ1 ) + (ℎ4 − ℎ3 ) = 𝐶𝑝 (𝑇2′ − 𝑇1 ) + 𝐶𝑝 (𝑇4 − 𝑇3 ) The compressor work without intercooling (Process 1-2), 𝑊𝑐𝑜𝑚𝑝,𝑤𝑖𝑡ℎ𝑜𝑢𝑡 𝑖𝑛𝑡𝑒𝑟𝑐𝑜𝑜𝑙𝑖𝑛𝑔 = 𝑊1−2 = (ℎ2 − ℎ1 ) = 𝐶𝑝 (𝑇2 − 𝑇1 ) 𝑊𝑐𝑜𝑚𝑝,𝑤𝑖𝑡ℎ 𝑖𝑛𝑡𝑒𝑟𝑐𝑜𝑜𝑙𝑖𝑛𝑔 𝐶𝑝 (𝑇2′ − 𝑇1 ) + 𝐶𝑝 (𝑇4 − 𝑇3 ) = 𝑊𝑐𝑜𝑚𝑝,𝑤𝑖𝑡ℎ𝑜𝑢𝑡 𝑖𝑛𝑡𝑒𝑟𝑐𝑜𝑜𝑙𝑖𝑛𝑔 𝐶𝑝 (𝑇2 − 𝑇1 ) = 0.8524 𝑜𝑟 85.24% ≈ 85% (𝐎𝐩𝐭𝐢𝐨𝐧 𝐀) 10) The gas-turbine section of a combined gas-steam power plant has a pressure ratio of 15. Air enters the compressor at 300 K and 1 atm at a rate of 13 kg/s and is heated to 1500 K in the combustion chamber. The combustion gases leaving the gas turbine are used to heat the steam to 400°C at 10 MPa in a heat exchanger. The combustion gases leave the heat exchanger at 420 K. The steam leaving the turbine is condensed at 15 kPa. (Figures and table given below for the reference) State Given h (kj/kg) State Given h (kj/kg) 1 p1, T1 301.2 6 p6, T6 3096.5 2 p2, s2=s1 652.95 7 p7, s6=s7 2011.26 3 p3=p2, T3 1506 8 p8=p7, x8=0 226 4 p1=p4, s3=s4 694.69 9 p9=p6, s9=s8 236.1 5 p4=p5, T5 421.68 10 p10=p6 2584.7 Assuming all the compression and expansion processes to be isentropic, the mass flow rate (𝑚̇ 𝑠 ) of steam (in kg/s) is A. 0.12 B. 124.07 C. 1.240 D. 12.40 Ans: C Solution of Q. no. 10) the mass flow rate (𝑚̇ 𝑠 ) of steam (in kg/s) is An energy balance on the adiabatic heat exchanger produces: 𝑚̇𝑎𝑖𝑟 (ℎ4 − ℎ5 ) ≅ 𝑚̇𝑠 (ℎ6 − ℎ9 ) Using the relevant values as given in the question we get 𝑚̇𝑎𝑖𝑟 (ℎ4 − ℎ5 ) 13(694.69 − 421.68) 𝑘𝑔 𝑚̇𝑠 = = = 1.2407 (𝐎𝐩𝐭𝐢𝐨𝐧 𝐂) (ℎ6 − ℎ9 ) (3096.5 − 236.1) 𝑠 11) As per the information given in the question 10, the net power output (Wnet) (considering pump work) (in MW) is A. 730.82 B. 7.30 C. 73.08 D. 0.73 Ans: B Solution of Q. no 11) As per the information given in the question 10, the net power output (Wnet) (considering pump work) (in MW) is 𝑊̇𝑛𝑒𝑡 = 𝑊̇𝑇,𝐼 + 𝑊̇𝑇,𝐼𝐼 − 𝑊̇𝐶 − 𝑊̇𝑝 Whereas, 𝑊̇𝑇,𝐼 = Gas-Turbine work output, 𝑊̇𝑇,𝐼𝐼 =Steam-Turbine work output, 𝑊̇𝐶 =Compressor work, 𝑊̇𝑝 =Pump work 𝑊̇𝑛𝑒𝑡 = 𝑚̇𝑎𝑖𝑟 (ℎ3 − ℎ4 ) + 𝑚̇𝑠 (ℎ6 − ℎ7 ) − 𝑚̇𝑎𝑖𝑟 (ℎ2 − ℎ1 ) − 𝑚̇𝑠 (ℎ9 − ℎ8 ) = 7.30 MW (Option B) 12) On the basis of the details provided in question 11, the thermal efficiency (th) of the combined cycle (in %, by rounding decimals to the nearest whole number) is A. 66 B. 76 C. 60 D. 55 Ans: A Solution of Q. no 12) The thermal efficiency (th) of the combined cycle (in %, by rounding decimals to the nearest whole number) is To obtain the thermal efficiency the external heat addition is evaluated: 𝑄̇𝑖𝑛 = 𝑚̇𝑎𝑖𝑟 (ℎ3 − ℎ2 ) = 13(1506 − 652.95) = 11.08965 MW The thermal efficiency of the combined cycle is 𝑊̇𝑛𝑒𝑡 7.3082 MW 𝜂𝑡ℎ = = = 0.6590 ≈ 𝟎. 𝟔𝟔 𝒐𝒓 𝟔𝟔% (𝐎𝐩𝐭𝐢𝐨𝐧 𝐀) 𝑄̇𝑖𝑛 11.08965 MW 13) The efficiency of HRSG can be improved using A. Multiple pressure steam generation B. Low pinch point temperature difference C. Low approach point temperature difference D. High pinch point temperature difference Ans: A, B, C 14) By using a Combined Cycle Gas Turbine (GT) and Steam Power Plant (SPP) A. specific fuel consumption increases B. efficiency can be increased C. work output can be increased D. the waste heat from the gas turbine (topping cycle) is routed to the steam turbine (bottoming cycle), which generates extra power. Ans: B, C, D 15) Which of the following statement(s) is/are correct for the use of regeneration, intercooling, and reheating in a gas-turbine cycle with a given inlet condition, pressure ratio, and maximum cycle temperature A. Using regeneration (with no reheating or intercooling) in gas-turbine cycle, Wnet i.e. WT - WC remains unchanged, whereas the efficiency of the cycle increases B. By staging the compression process with perfect intercooling (with no regeneration or reheating), the heat input to the cycle decreases but the compression work decreases C. By staging the heat supply process with a combustor and a reheater (with no regeneration and intercooling), the cycle efficiency always increases D. To improve the efficiency of the cycle, intercooling and reheat are always used with regeneration Ans: A, B, D NPTEL Online Certification Courses Indian Institute of Technology Kharagpur Course Name: ETHICAL HACKING Assignment- Week 5 TYPE OF QUESTION: MCQ/MSQ/SA Number of questions: 12 Total mark: 12 x 1 = 12 ______________________________________________________________________________ QUESTION 1: Which of the following NMAP options can be used to run some of the nmap scripts? a. PE b. PU c. A d. O e. sC Correct Answer: c, e Detail Solution: sC performs a script scan using the default set of scripts. It is equivalent to -- script=default. Option “A” which is known as aggressive scan enables OS detection (-O), version scanning (-sV), script scanning (-sC) and traceroute (--traceroute). The correct options are (c) and (e). ______________________________________________________________________________ QUESTION 2: Which of the following NMAP scripts is used to perform DoS attack? a. ssh-brute b. smb-os-discovery c. smb-brute d. http-dos-attack e. None of these Correct Answer: e Detail Solution: -ssh-brute is used to crack credential of ssh service; smb-brute is used to crack user credential; smb-os-discovery is used to identify the OS of the target system; http-slowloris-check script is used to check if the webserver is vulnerable to DoS attack without actually launching a DoS attack, http- Slowloris script is used to launch Slowloris attack. There is no script with name http-dos-attack. NPTEL Online Certification Courses Indian Institute of Technology Kharagpur The correct option is (e). ______________________________________________________________________________ QUESTION 3: Which of the following tools/software can be used for scanning vulnerabilities? a. Nessus b. Hydra c. crunch d. hascat e. NMAP Correct Answer: a, e Detail Solution: The typical tools that are used for scanning vulnerabilities in hosts and networks are NMAP, Nessus, Nexpose, MPSA, etc. Hydra is used for password cracking, crunch is used for making dictionary, hascat is used to generate has passwords. The correct options are (a) and (e). ______________________________________________________________________________ QUESTION 4: Which of the following tools can be used to create a dictionary for dictionary-based password attack? a. Hydra b. Crunch c. SQLMAP d. None of these. Correct Answer: b Detail Solution: To create a dictionary Crunch tool can be used. Hydra is used for dictionary based password attack. SQLMAP is use for sql injection attacks. Thus the correct option is (b). _____________________________________________________________________________ QUESTION 5: Consider the following statements: (i) User enumeration refers to collecting details of users and their privileges. (ii) Hydra and Crunch tool can be used for user enumeration. NPTEL Online Certification Courses Indian Institute of Technology Kharagpur a. Only (i) is true. b. Only (ii) is true. c. Both (i) and (ii) are true. d. Both (i) and (ii) are false. Correct Answer: a Detail Solution: User enumeration refers to collecting details of user and there privilege. It can also give details for password rules, however it cannot generate password for respective users. For enumeration we can use tools such as enum4linux, rpcclient. We can also use an nmap scrip smb-enum-users for user enumeration. Hydra and Crunch are used for password cracking. Thus the correct option is (a). ______________________________________________________________________________ QUESTION 6: Assume that we want to connect to a target system (10.0.0.1) through ssh service, the username and password are “user” and “pwd” respectively. Which of the following commands can be used to create a ssh connection? a. ssh 10.0.0.1 –l user -p pwd b. ssh 10.0.0.1 -l user c. ssh 10.0.0.1@user d. None of these Correct Answer: b, c Detail Solution: To create a ssh connection, the ssh command is used. With this command username is provided by using -l option or can be combined with target IP address using @ symbol. Password is asked by target after validating username. Thus the correct options are (b) and (c). ______________________________________________________________________________ QUESTION 7: How many words will be generate by crunch tool if we use the crunch command as “crunch 1 2 0123456789” ? Correct Answer: 110 Detail Solution: The given command will generate word list with only numbers of length 1 and 2. So in total the command will generate (100 words 0-99 and 00 to 09) = 110 words. NPTEL Online Certification Courses Indian Institute of Technology Kharagpur ______________________________________________________________________________ QUESTION 8: Which of the following can be used for gaining same level privilege as the existing one? a. Vertical privilege escalation. b. Horizontal privilege escalation. c. Diagonal privilege escalation. d. Triangular privilege escalation. e. None of these. Correct Answer: b Detail Solution: Vertical privilege escalation refers to gaining higher than existing privileges. Horizontal privilege escalation refers to acquiring the same level of privilege with the identity of some other user. There is nothing called diagonal/triangular privilege escalation. The correct option is (b). ______________________________________________________________________________ QUESTION 9: Which of the following tools can be used for user enumeration? a. Hydra b. Crunch c. Enum4linux d. None of these. Correct Answer: c Detail Solution: Enum4linux tools can be used to retrieve user information. Enum4linux tools can also enumerate password related information such as password policy. Hydra is used for password cracking, whereas Crunch is used to create dictionary. The correct option is (c). ______________________________________________________________________________ QUESTION 10: To download any file from the target system that is connected through FTP connection, which of the following commands can be used? a. put b. get c. upload d. download NPTEL Online Certification Courses Indian Institute of Technology Kharagpur Correct Answer: b Detail Solution: To upload any file we use the “put” command. To download a file “get” command is used. The correct option is (b). ______________________________________________________________________________ QUESTION 11: Which of the following statement(s) is/are false? a. Malware are malicious software that damages or disables computer systems and gives limited or full control to the malware creator for the purpose of theft or fraud. b. Malware can get inside systems through file sharing or fake programs. c. Malwares can alter, corrupt, modify or delete some data/files. d. None of these. Correct Answer: d Detail Solution: Malwares are malicious softwares that damage or disable computer systems and give limited or full control to the malware creator for the purpose of theft or fraud. It can modify or delete data/files. Malware are used to get inside system using file sharing or by fake software. All the given statements are true. The correct option is (d). ______________________________________________________________________________ QUESTION 12: Which of the following commands is used to delete an ARP entry? a. arp -l b. arp -s c. arp -i d. arp –e e. None of these Correct Answer: e Detail Solution: To access all information related to ARP, arp command is used, -a option is used to see all arp entries, -s option is used to create new arp entry, -i option is used to specify a particular network interface, -d option is used to delete an arp entry. The correct option is (e). ______________________________________________________________________________ ************END******* NPTEL Online Certification Courses Indian Institute of Technology Kharagpur Course Name: ETHICAL HACKING Assignment- Week 6 TYPE OF QUESTION: MCQ/MSQ/SA Number of questions: 10 Total mark: 10 x 1 = 10 ______________________________________________________________________________ QUESTION 1: Which of the following statements is true for Masquerade attack? a. In this attack, some portion of message is altered on its way. b. In this attack, an attacker prevents access of resource to its legitimate users. c. In this attack, the attacker pretends as a legitimate entity. d. In this attack, the attacker analyzes the network traffic. Correct Answer: c Detail Solution: Analyzing the network traffic refers to passive attack. Masquerade is an active attack, which can be categorized in 4 categories. In Masquerade, one entity (attacker) pretends to be a different entity (legitimate). Replay involve passive capture of a transaction and subsequent replay. In modification, some portion of a message is altered on its way. Denial of service prevents access to resources. Thus the correct option is (c). ______________________________________________________________________________ QUESTION 2: Which of the following is an example of passive security attack? a. Traffic analysis b. Replay c. Modification d. Denial of Service e. None of these Correct Answer: a Detail Solution: Masquerade, replay, modification, denial of service all are active attacks. Snooping and traffic analysis comes under passive attacks. NPTEL Online Certification Courses Indian Institute of Technology Kharagpur Thus the correct option is (a). ______________________________________________________________________________ QUESTION 3: Which of the following statement(s) is/are true? a. In symmetric key cryptography, separate keys are used by sender and receiver. b. In symmetric key cryptography, a single key is used by sender and receiver. c. In asymmetric key cryptography, separate keys are used by sender and receiver. d. In asymmetric key cryptography, a single key is used by sender and receiver. Correct Answer: b, c Detail Solution: Encryption is the most important concept for network security, and typically two types of encryptions are used. Private key (symmetric): where the sender and receiver uses same key for encryption/decryption of the message. Public key (asymmetric): where a separate key is used for encryption and decryption of the message. Thus the true options are (b) and (c). ______________________________________________________________________________ QUESTION 4: Consider the following statement: (i) In symmetric key cryptography, the security depends on secrecy of the key. (ii) In symmetric key cryptography, the security depends on the secrecy of the encryption/decryption algorithm. a. Only (i) is true b. Only (ii) is true c. Both (i) and (ii) are true. d. Both (i) and (ii) are false. Correct Answer: a Detail Solution: In symmetric key (private key) cryptography, the security of the data only depends on the secrecy of the key shared among sender and receiver, and not on the secrecy of the algorithm used for encryption and decryption. Thus correct option is (a). NPTEL Online Certification Courses Indian Institute of Technology Kharagpur ______________________________________________________________________________ QUESTION 5: 25 parties want to exchange messages securely using a private key encryption algorithm. The number of distinct key values required will be _________. Correct Answer: 300 Detail Solution: In symmetric encryption, every pair of communicating parties must have a separate key. For N parties, the number of keys will be NC2. For N = 25, 15C2 = 25 24 / 2 = 300. ______________________________________________________________________________ QUESTION 6: Consider a cipher text “GVCTXSKVETLC” encrypted using a substitution cipher approach, where each letter is replaced by the k-th next letter. Assumption: (i) The alphabets are wrapped around, i.e. Z is followed by A. (ii) Each alphabet (A to Z) is assigned a number (1 to 26). (iii) The value of secret key k is 4. What will be the plain text? a. HAPPYNEWYEAR b. CRYPTOGRAPHY c. SECURENETWOR d. CRYPTOGRAPHIC e. None of these. Correct Answer: b Detail Solution: k=4 indicates that for encryption, each letter is replaced by its 4th following letter. If we decrypt the message we will get the plain text as CRYPTOGRAPHY. Thus the correct option is (b). ______________________________________________________________________________ QUESTION 7: Consider a mono-alphabetic cipher with the following key value: (A B W X E F S T I J O P M N K L Q R G H U V C D Y Z) NPTEL Online Certification Courses Indian Institute of Technology Kharagpur What will be the encrypted form of the message “ALPHABETIC” ? a. APLTABEHIW b. ALPHABETIC c. WXLTABEHIC d. None of these. Correct Answer: a Detail Solution: According to the specified mapping the encrypted message will be APLTABEHIW. Hence, the correct option is (a). ______________________________________________________________________________ QUESTION 8: If a sender A wants to carry out encryption on a message and send it to receiver B using public- key cryptography. Which of the following key will be used for decryption at receiver end B? a. A’s public key b. A’s private key c. B’s public key d. B’s private key Correct Answer: d Detail Solution: If a sender A wants to carry out encryption on a message and send it to receiver B using public-key cryptography, A will encrypt the given message using B’s public key, so that it can be correctly decrypted by the receiver B using B’s private key. Thus the correct option is (d). ____________________________________________________________________________ QUESTION 9: The effective key length use in AES encryption algorithm can be: a. 64 bit b. 128 bit c. 192 bit d. 256 bit e. 513 bit. NPTEL Online Certification Courses Indian Institute of Technology Kharagpur Correct Answer: b, c, d Detail Solution: In AES the block length is limited to 128-bit however the key length can be 128, 192 and 256 bits. Thus the correct options are (b), (c) and (d). ______________________________________________________________________________ QUESTION 10: 50 parties want to exchange messages securely using some public key encryption technique like RSA. The number of distinct key values required will be __________. Correct Answer: 100 Detail Solution: In public-key or asymmetric encryption, every party is in possession of two keys, a public key and a private key. For N parties, the number of keys will be 2N. For N = 50, the number of distinct keys required will be 50 x 2 = 100. ______________________________________________________________________________ ************END******* NPTEL Online Certification Courses Indian Institute of Technology Kharagpur Course Name: ETHICAL HACKING Assignment- Week 7 TYPE OF QUESTION: MCQ/MSQ/SA Number of questions: 10 Total mark: 10 x 1 = 10 ______________________________________________________________________________ QUESTION 1: Consider a hash function H that generates hash values h1 and h2, when fed with messages m1 and m2 respectively. Which of the following options can never be true? a. h1 and h2 are equal, but m1 and m2 are unequal. b. m1 and m2 are equal, but h1 and h2 are unequal. c. None of these. Correct Answer: b Detail Solution: A hash function maps a given message m to generate some particular hash value h. Two different messages m1 and m2 can, however, generate the same hash value, which is called collision. The same message always generates the same hash value. The correct option is (b). ______________________________________________________________________________ QUESTION 2: What is meant by collision in the context of hashing? a. More than one different messages can generate the same hash value. b. After encryption, the ciphertexts corresponding to two or more plaintexts are the same. c. The hash function generates the all zero string as the hash value. d. None of these. Correct Answer: a Detail Solution: In a hash function, collision refers to the situation where more than one different messages generate the same hash value. It has nothing to do with encryption. The correct option is (a). ______________________________________________________________________________ NPTEL Online Certification Courses Indian Institute of Technology Kharagpur QUESTION 3: Which of the following does not correspond to the first preimage resistance in the context of hash functions? a. It is difficult to find a message M such that HASH(M) = H, except for a few hash values H. b. Given a message M1, it is difficult to find another message M2 such that HASH(M1) = HASH(M2). c. It is difficult to find two messages M1 and M2 such that HASH(M1) and HASH(M2) and unequal. d. None of these. Correct Answer: b, c Detail Solution: This follows from the definition of the desirable properties of a hash function. First preimage resistance refers to the condition that we are given a hash value H, and are trying to find out some message M such that HASH(M) = H. This should be difficult to do. The correct options are (b) and (c). ______________________________________________________________________________ QUESTION 4: Which of the following is/are false for Unkeyed hash function (Modification Detection Code)? a. Unkeyed hash function is used to preserve integrity of message. b. Unkeyed hash function is used to authenticate source of message. c. Unkeyed hash function produces an output that depends only on the input data. d. None of these. Correct Answer: b Detail Solution: Unkeyed hash function takes an input of variable length and converts it to a fixed-length output. It does not use any key, and thus the output only depends on the input data. Unkeyed hash function is used to preserve data integrity. It is impossible to figure out the sender of the message when we use Unkeyed hash function. Thus the correct option is (b). ______________________________________________________________________________ QUESTION 5: Which of the following statement(s) is/are true? NPTEL Online Certification Courses Indian Institute of Technology Kharagpur a. Hashing realizes a one-to-one mapping. b. Encryption realizes a one-to-one mapping. c. Hashing realizes a many-to-one mapping. d. Encryption realizes a many-to-one mapping. Correct Answer: b, c Detail Solution: A hash function by definition realizes a many-to-one mapping, where more than one messages can get mapped to the same hash value. In contrast, encryption realizes a one-to-one function, where a given plaintext maps to a unique ciphertext, and vice versa. The correct options are (b) and (c). ______________________________________________________________________________ QUESTION 6: Which of the following are hash functions? a. MD5 b. Triple-DES c. SHA-1 d. AES Correct Answer: a, c Detail Solution: MD5 and SHA-1 are examples of hash function, while Triple-DES and AES are examples of symmetric key encryption algorithm. The correct options are (a) and (c). ______________________________________________________________________________ QUESTION 7: Hash functions are slower as compared to symmetric and public key encryption. a. True b. False Correct Answer: b Detail Solution: Computation of hash function is the fastest. Computation of public-key encryption is the slowest. Symmetric-key encryption lies in between the two. Hence, the correct option is (b). ____________________________________________________________________________ NPTEL Online Certification Courses Indian Institute of Technology Kharagpur QUESTION 8: What are the block size and key size of the DES algorithm? a. 64 bits, 56 bits b. 56 bits, 64 bits c. 64 bits, 64 bits d. 64 bits, 128 bits Correct Answer: a Detail Solution: In the DES algorithm, the block size is 64 bits and the key size is 56 bits. The correct option is (a). _____________________________________________________________________________ QUESTION 9: Which of the following is/are true for digital signature? a. Digital signature is legally equivalent to hand-written signature. b. In digital signature, signer uses his public key to sign. c. Anybody having access to the signer’s public key can verify the signature. d. None of these. Correct Answer: a, c Detail Solution: Digital signature is an example of authentication where the signer uses his private key to sign any document, a receiver or anybody having the access of public key of the signer can verify the signature, digital signature is equivalent to hand written signature. The correct options are (a) an (c). ____________________________________________________________________________ QUESTION 10: The SSL record protocol is responsible for a. High-speed data transmission b. Data authentication c. Non repudiation d. None of these Correct Answer: d NPTEL Online Certification Courses Indian Institute of Technology Kharagpur Detail Solution: The SSL Record protocol uses a combination of various cryptographic techniques to provide secure data transmission over a network. It ensures data encryption and also data integrity (using a hash function). However, it does not provide authentication service or non-repudiation guarantee. The correct option is (d). ______________________________________________________________________________ ************END******* NPTEL Online Certification Courses Indian Institute of Technology Kharagpur Course Name: ETHICAL HACKING Assignment- Week 8 TYPE OF QUESTION: MCQ/MSQ/SA Number of questions: 10 Total mark: 10 x 1 = 10 ______________________________________________________________________________ QUESTION 1: Which of the following is/are examples of steganography? a. Hiding some text information within an image file. b. Hiding some text information within an audio clip. c. Hiding some secret information within an executable file. d. Encrypting an image file so that only the intended recipient can view it. Correct Answer: a, b, c Detail Solution: Steganography refers to a set of methods where some information is hidden within some other file (like image, audio, video, executable, etc.). It does not involve encryption for secure access. The correct options are (a), (b) and (c). ______________________________________________________________________________ QUESTION 2: Consider a gray-level image of size 100 x 100, where each pixel is stored in 8-bits (representing a gray scale). The number of bytes of information can be hidden in the image by using LSB steganography technique is _________. Correct Answer: 1240 to 1260 Detail Solution: Each pixel consists of 8 bits or 1 bytes, and hence 1 bits of information can be stored in each pixel. The number of bytes of hidden information that can be stored in the whole image will be: 100 x 100 / 8 = 1250 bytes. ______________________________________________________________________________ QUESTION 3: Which of the following correspond to behavioral biometrics? a. Biometrics that relate to human behavior. NPTEL Online Certification Courses Indian Institute of Technology Kharagpur b. Biometrics that relate to human body. c. Biometrics that rely on the use of a powerful computer system. d. None of these Correct Answer: a Detail Solution: Behavioral biometrics refers to biometrics that relate to human behavior, like signature (hand and finger movement) and Gait (walking style). However, fingerprint, Iris scan and Retina scan are properties of the human body and not dependent on the behavior. It does not rely on computing power. Hence, the correct option is (a). ______________________________________________________________________________ QUESTION 4: Which of the following is/are example(s) of physiological feature? a. Retina b. Fingerprint c. Signature d. Typing speed e. None of these Correct Answer: a, b Detail Solution: Physical biometrics refers to physiological features on the human body such as fingerprint, retina scan whereas behavioral features are use in behavioral biometrics such as keystroke pattern, typing speed, mouse movement, signature styles etc. The correct options are (a) and (b). ____________________________________________________________________________ QUESTION 5: Which of the following attacks refer to the situation where an attacker gains entry into the victim machine (or spoofs the IP address) and then sends a ping request to a broadcast address? a. SYN flooding attack. b. Smurf denial-of-service attack. c. DNS spoofing attack. d. None of these. NPTEL Online Certification Courses Indian Institute of Technology Kharagpur Correct Answer: b Detail Solution: In the Smurf DoS attack, the victim gains entry into the victim machine (or spoofs the IP address) and then sends a ping request to a broadcast address. A large number of ping response packets are received, which can overload the victim. The correct option is (b). _____________________________________________________________________________ QUESTION 6: Which of the following is not an example of denial-of-service attacks? a. SYN flooding attack. b. Smurf attack. c. Ping-of-death. d. None of these. Correct Answer: d Detail Solution: All of the given attacks are an example of denial-of-service attack The correct option is (d). ______________________________________________________________________________ QUESTION 7: Which of the following is true for iterative name resolution? a. A host may have to send multiple DNS requests to several DNS servers. b. A host sends a single DNS request to its next higher-level DNS server. c. Name resolution happens recursively within the host itself. d. None of these. Correct Answer: a Detail Solution: The DNS server receives a DNS request from a host containing a domain name, and it returns the corresponding IP address. In iterative name resolution, in response to a DNS request, the DNS server sends back a response specifying the next DNS server to send the query. In this way, the host may have to send a number of DNS requests before it gets resolved. In recursive name resolution, the host sends a DNS request to the next higher level DNS server. The DNS server in turn recursively forwards the request to its next higher-level DNS server, and so on, until the request gets resolved. The final reply gets back to the host. Here, the host sends a single DNS request. NPTEL Online Certification Courses Indian Institute of Technology Kharagpur Thus, option (a) is true. ____________________________________________________________________________ QUESTION 8: Which of the following statement(s) is/are false for HTTP Flood attack? a. It is exclusively a type of Distributed-Denial-of-Service (DDoS) attack. b. It overwhelms a target server using oversized ping packets. c. It overwhelms a target server with HTTP request. d. None of these. Correct Answer: b Detail Solution: HTTP Flood attack is a type DDoS attack which is designed to overwhelm the target server with HTTP requests. Once the target is saturated with HTTP requests, it does not respond to HTTP request from legitimate users. The correct option is (b). ______________________________________________________________________________ QUESTION 9: What is the full form of PGP? a. Packet Group Protocol b. Port Group Protocol c. Pretty Good Privacy d. None of these. Correct Answer: c Detail Solution: PGP stands for Pretty Good Privacy. The correct option is (c). ______________________________________________________________________________ QUESTION 10: Which of the following services are provided by PGP? a. It provides authentication. b. It provides confidentiality. c. It ensures availability. NPTEL Online Certification Courses Indian Institute of Technology Kharagpur d. None of these. Correct Answer: a, b ______________________________________________________________________________ Detail Solution: PGP is mostly used for email conversations, it provides security in email transmission by providing authentication and confidentiality, PGP also offers email compatibility. The correct options are (a) and (b). ______________________________________________________________________________ ************END******* NPTEL Online Certification Courses Indian Institute of Technology Kharagpur Course Name: ETHICAL HACKING Assignment Solution- Week 11 TYPE OF QUESTION: MCQ/MSQ/SA Number of questions: 10 Total mark: 10 x 1 = 10 ______________________________________________________________________________ QUESTION 1: Which of the following command is used to launch Metasploit framework? a. msfconsole b. msfvenum c. Metasploit d. None of these. Correct Answer: a Detail Solution: The msfconsole command is used to launch Metasploit framework. The correct option is (a). ______________________________________________________________________________ QUESTION 2: In Metasploit to check the compatible target (OS) for any exploit, which of the following command (option) is used? a. Show targets b. Set payloads c. Set targets d. Show payloads e. None of these. Correct Answer: a Detail Solution: To check the compatible operating systems for any exploits we can use “Show targets” command, similarly to check compatible payload we can use “Show payloads” option. The correct option is (a). ____________________________________________________________________________ NPTEL Online Certification Courses Indian Institute of Technology Kharagpur QUESTION 3: We can execute basic commands and tools inside Metasploit console. a. True b. False Correct Answer: a Detail Solution: The very interesting feature of Metasploit framework is that we can use all commands and tools such as nmap, inside the Metasploit framework. The correct option is (a). ____________________________________________________________________________ QUESTION 4: Which of the following commands can be used to get an administrative privilege in Metasploit framework? a. getsystem b. hashdump c. getuser d. msfvenum Correct Answer: a Detail Solution: getsystem is used to escalate privilege and get administrative login, hashdump is used to get user account details, msfvenum is used for creating payloads. There is no command called getuser. The correct option is (a). ____________________________________________________________________________ ______________________________________________________________________________ QUESTION 6: Which of the following tools uses brute-force attack to extract existing and hidden pages of a webserver? NPTEL Online Certification Courses Indian Institute of Technology Kharagpur a. DIRB b. SQL MAP c. Hydra d. Crunch e. None of these Correct Answer: a Detail Solution: To scan a webserver we use tools like dirb, dnsenum; we also use nmap script http-enum for the same purpose. Dirb tool performs brute-force attack to find out existing and hidden webpages and directories. To automate sql injection attack, SQL MAP tool can be used. Hydra and Crunch are used for password cracking. The correct option is (a). ______________________________________________________________________________ QUESTION 7: If a web page is vulnerable to blind sql injection attack, then which of the following is true? a. It will print error message for an incorrect user input. b. It will not print anything for an incorrect user input. Correct Answer: b Detail Solution: If the webpage is vulnerable to error-based sql injection, then it will generate an error message for incorrect user input. If the webpage is vulnerable to blind sql injection, then it will not generate any error message for incorrect user input. The correct option is (b). ______________________________________________________________________________ QUESTION 8: Consider the table “USERS” consist of 3 column u_id, u_name and pass as given below: u_id u_name pass 1 NPTEL Nptel2024 2 IIT_KGP Kgp2024 3 Eth_Hack Eth2024 NPTEL Online Certification Courses Indian Institute of Technology Kharagpur Which of the following SQL queries are malicious with respect to the above table? a. SELECT * from USERS; b. SELECT * from USERS where u_id = “3” c. SELECT * from USERS where u_name = “NPTEL” d. None of these Correct Answer: d Detail Solution: All the given SQL queries are valid queries. The correct option is (d). ______________________________________________________________________________ QUESTION 9: Which of the following SQLMAP options is used to list all users along with hashed password? a. - - users b. - - passwords c. - - user-pass d. - - user-privileges Correct Answer: b Detail Solution: --passwords option is used to list all users with their hashed password. The correct option is (b). ______________________________________________________________________________ QUESTION 10: Which of the following statement(s) is/are true for stored XXS? a. It is stored in the database of web application. b. It affects all users of that web application. c. It affects only a single client of the web application. d. None of these. Correct Answer: a, b Detail Solution: Stored XSS is stored in a database of web application and can affect all users; however, reflected XSS is limited to a single client. The correct options are (a) and (b). NPTEL Online Certification Courses Indian Institute of Technology Kharagpur ______________________________________________________________________________ ************END******* NPTEL Online Certification Courses Indian Institute of Technology Kharagpur Course Name: ETHICAL HACKING Assignment- Week 12 TYPE OF QUESTION: MCQ/MSQ/SA Number of questions: 10 Total mark: 10 x 1 = 10 ______________________________________________________________________________ QUESTION 1: Which of the following can be done with the help of NMAP tool? a. Determine the live host. b. Determine the services running on any target system. c. Determine the OS of the target systems. d. Identify the vulnerabilities of the target system. Correct Answer: a, b, c, d Detail Solution: NMAP can perform all of the above operations (except option d). NMAP can perform password attack; however, it uses the default dictionary available in the system. The correct options are (a), (b), (c) and (d). ______________________________________________________________________________ QUESTION 2: Which of the following options cannot be used for host discovery using NMAP? a. –PE b. –PC c. –PM d. –PP Correct Answer: b Detail Solution: For host discovery using NMAP various options can be used, the most common option is ping sweep. –PE is used for ICMP ECHO Sweep, -PP and –PM is used for ICMP NON-ECHO ping sweep scanning. There is no option as –PC. The correct option is (b). ______________________________________________________________________________ QUESTION 3: NPTEL Online Certification Courses Indian Institute of Technology Kharagpur In ICMP (ECHO) sweep scan, a scanner sends an ICMP type-8 packet and receives an ICMP type- 0 packet from target. What does it indicate? a. Target is alive/up. b. Target is down. Correct Answer: a Detail Solution: If the sender receives ICMP type-0 packet, this indicates that the target is up. The correct option is (a). ______________________________________________________________________________ QUESTION 4: Which of the following NMAP options can be used for TCP sweep scan? a. –PE b. –PP c. –PM d. None of these. Correct Answer: d Detail Solution: TCP sweep is carried out using the –PS, –PU option in NMAP. It is also done by some default options such as –sT, -p, -Pn. The correct option is (d). ______________________________________________________________________________ QUESTION 5: To see why NMAP is reporting any port as open or close (or a host as up or down) which of the following options is used? a. --disable-arp-ping b. --packet-trace c. --show-reason d. None of these. Correct Answer: d Detail Solution: disable-arp-ping option is used to disable arp request for host scanning, packet-trace option is used to trace the incoming and outgoing packets, reason option is used NPTEL Online Certification Courses Indian Institute of Technology Kharagpur to see why nmap is reporting any port as open or close or any host as up and down. There is no option called show-reason. The correct option is (d). ______________________________________________________________________________ QUESTION 6: Which of the following sweep scans are automatically done when we use –sn option. a. ICMP Echo b. ICMP Non-Echo c. TCP Sweep d. UDP Sweep Correct Answer: a, b, c Detail Solution: All type of sweep options are used with –sn option except UDP sweep. The correct options are (a), (b) and (c). ______________________________________________________________________________ QUESTION 7: The number of host (IP) scanned by NMAP command “nmap –sL 192.168.62.40-50” will be _________. Correct Answer: 11 Detail Solution: The given command will scan all hosts with IP addresses 192.168.62.40 to 192.168.62.50 (including both the IPs). Thus, a total of 11 IP addresses will be scanned. ______________________________________________________________________________ QUESTION 8: In NMAP by default, _________ number of ports are scanned. Correct Answer: 1000 Detail Solution: By default NMAP scans for top 1000 ports, if we use –F option then top 100 ports are scanned. ______________________________________________________________________________ NPTEL Online Certification Courses Indian Institute of Technology Kharagpur QUESTION 9: Which of the following NMAP options treats all hosts as online (skip host discovery)? a. –sP b. –PO c. –sU d. –Pn Correct Answer: d Detail Solution: -sP is used for only determining if the host is online; -PO is used for IP protocol ping; -sU is used for UDP scan; -Pn is used to skip host discovery and treats all host as online The correct option is (d). ______________________________________________________________________________ QUESTION 10: Which of the following NMAP options is used for Service and Version detection? a. –sL b. –sP c. –PO d. –sU e. None of these. Correct Answer: e Detail Solution: For OS detection –O option is used, we can also use –A option which is known as aggressive scan which can be used for OS, version and vulnerability scanning, for services and version detection –sV option is used. The correct option is (e). ______________________________________________________________________________ ********END*******