4th February 2020 Steve Borwell-Fox

Cyber Challenge

Cyber Challenge

If you are interested in a cyber security career pathway, please attempt our cyber challenge by answering the questions below.

Questions

Question 1

You’ve just received a client scope back for a Web Application test. This is to be performed on a live environment. Before testing, what considerations should you factor into your testing?

Question 2

After your initial reconnaissance, you receive an nmap output from one of the externally facing infrastructure hosts. As a brief overview, what would your methodology be?

PORT STATE SERVICE VERSION
53/tcp open domain Microsoft DNS 6.1.7601
135/tcp open msrpc Microsoft Windows RPC
139/tcp open netbios-ssn Microsoft Windows netbios-ssn
445/tcp open Microsoft-ds Microsoft Windows Server 2008 R2 – 2012
1521/tcp open oracle-tns Oracle TNS listener 11.2.0.2.0 (unauthorized)
49152/tcp open msrpc Microsoft Windows RPC
49153/tcp open msrpc Microsoft Windows RPC
49154/tcp open msrpc Microsoft Windows RPC
49155/tcp open msrpc Microsoft Windows RPC
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

Question 3

You have received a request for a Web Application penetration test, what information would you need to gather to be able to perform this both safely and thoroughly?

Question 4  (Optional)

Write a short (up to 300 words) summary of a security-related topic you find interesting and share your knowledge and experience with us!

 

How to submit your challenge?

Please send your challenge in an email to careers at borwell dot com along with your CV.  In your email explain what you will bring to borwell and what borwell can do for you.

When we receive the challenge the team should get back to you within 7 working days. We will then invite you to have a 15 minute Teams call with us to review your challenge over Microsoft Teams.  Then we may invite you in and show you around, and try to help you find where you might fit in best with our cyber security team.

Cyber Security Hacker