• Tutorials
  • Courses
  • Tracks

Cyber Quiz Day 40

Last Updated :
Discuss
Comments

Question 1

A new IP camera ships with admin/admin, exposes a web UI on :80, and auto-registers to a cloud app. What’s the first hardening step before putting it on production VLANs?

  • Block outbound traffic to all cloud domains

  • Enable UPnP for easier onboarding

  • Change credentials and disable unused services (e.g., Telnet)

  • Configure port-forwarding from the internet to the camera UI

Discuss it

Question 2

A vendor provides firmware via HTTP and no signature is verified on-device. What’s the primary risk during upgrade?

  • DoS due to large update files

  • MITM delivering malicious firmware with persistent backdoors

  • Slower boot times after update

  • Loss of motion-detection features only

Discuss it

Question 3

You’re sniffing traffic between a camera and its cloud API. You see tokens in plaintext and replay succeeds. Which control mitigates both eavesdropping and replay in transit?

  • TLS only

  • TLS + short-lived tokens with server-side validation

  • MAC address filtering

  • Static API keys stored on the device

Discuss it

Question 4

A smart lock exposes UART pads on its PCB. What’s the most likely outcome of a successful physical attack here?

  • Device factory reset only

  • Bricking the device every time

  • Only reading MAC address and SSID

  • Extraction of keys/creds or full firmware dump

Discuss it

Question 5

A mobile app controlling cameras uses predictable resource IDs in API calls. Which flaw best matches this?

  • SQL injection

  • CSRF

  • IDOR (broken object authorization)

  • SSRF

Discuss it

Question 6

You need a quick, lawful reconnaissance of a CCTV test host 116.110.16.218 to find common camera services and versions. Which sequence is most appropriate?

  • nmap -snnmap -sV -p 554,80,8080,23,37777

  • nmap -A -Pn 0.0.0.0/0

  • masscan 1-65535 on the whole internet

  • tcpdump only, no scanning

Discuss it

Question 7

RTSP is open on :554 and you suspect guessable stream paths. What’s the most relevant next step with Nmap NSE?

  • nmap --script rtsp-url-brute -p 554

  • nmap --script http-enum -p 80

  • nmap --script smb-vuln* -p 445

  • nmap --script ftp-anon -p 21

Discuss it

Question 8

You must publish a security baseline for connected cameras on enterprise Wi-Fi. Which two network controls are most effective to reduce lateral movement?

  • Single flat VLAN for all devices; broad any-any rules

  • Network segmentation + egress filtering for device subnets

  • Enabling UPnP on the edge routers

  • Mirroring camera traffic to all ports for visibility

Discuss it

Question 9

A procurement team asks how to evaluate vendors before buying thousands of sensors. Which guidance pairing is most aligned with recognized practices?

  • Any NDA + vendor website

  • Only a penetration test report

  • SLA that promises 99.9% uptime

  • OWASP IoT Top 10/ISVS + require evidence aligned to NIST SP 800-213 capabilities

Discuss it

Question 10

A DVR web panel on :80 shows vendor banner “Hikvision-Webs”, weak password policy, and outdated firmware. Which priority order best reflects risk reduction?

  • Change port to 8080 → keep defaults → expose to internet

  • Enable UPnP → disable logs → allow all outbound

  • Enforce unique strong creds → enable TLS/reverse proxy → update with signed firmware → restrict access

  • Replace NVR with DVR but keep settings

Discuss it

There are 10 questions to complete.

Take a part in the ongoing discussion