Cyber Security Principles

1. Using NMAP(tool) or any of your favorite port scanner, scan scanme.nmap.org URL and answer the following: (approximate 400 words). a) Explain meaning of the “Open Port”, “Closed Port” and “Filtered Port” give an example for each in your explanation. b) Using Nmap command, identify what services are running on port number 139 and 445 of the same URL. (Explain and get screenshot from Nmap commands). c) Identify OS detection, version detection and traceroute of the same URL using aggressive Nmap command. (Explain and get screenshot from Nmap commands). 2- Using OSINT technique or using Reconnaissance method, identify all the emails address available on public domain / internet for @uni.sydney.edu.au You are required to show the evidence or technique, or commands used for extracting all the emails address belong to @uni.sydney.edu.au domain. (approximate 400 words). Note: This domain (@uni.sydney.edu.au) you are working on is just an example, and I will apply the same steps to the desired domain 3. Explain the differences between Persistent, Non-Persistent and DOM-based Cross Site Scripting attack, give examples for each and explain various defending technique (mitigation controls) against those types of XSS. (approximate 500 words). 4. With reference to OWASP Top 10 – 2017, explain with real example as what is “Broken Authentication”? Research and identify at least 2 most recent hack in Australia which were due to “Broken Authentication” vulnerability. Also explain how to prevent this type of attack. (approximate 500 words).