(a)

i) Based on the port number 64428, identify the port type and explain its primary role.

[2 marks]

ii) Give one real-world example (both service/application name and port number are required) of a registered port and explain what this term means.

[3 marks]

iii) Outline a situation in which port knocking might be used and how it works.

[4 marks]

iv) Based on the following scenario and explain three hardening principles that SellBay should consider, with appropriate examples for each.

SellBay, a small online marketplace have just setup a single physical Windows server that handles Active Directory, DNS, DHCP, IIS hosting multiple web apps, FTP and SSH services. The sysadmin is unfamiliar with Windows, so as a precaution, has left most settings as default. They have also granted full administrative permissions for each service, to all of the management team, so that any necessary changes can be easily made.

[6 marks]

(b)

i) A network packet is sent from an application installed on PC1 to PC2, which is on the same network. List the sequence of NFTABLES network stack hooks that the packet would pass through on the local host.

[2 marks]

ii) Explain what happens during a denial of firewalling attack and why some firewalls may be more prone than others.

[4 marks]

iii) Explain what the following syntax instructs NFTables to do:

nft add chain ip packet-filter output { type filter hook output priority 0 \; policy accept\; }