ceh paper 4 hard.docx
Document Details
Uploaded by ConvenientInequality
Tags
Related
- NPTEL Online Certification Courses: Ethical Hacking Lecture Notes PDF
- Ethical Hacking Past Paper PDF Week 1 & 2
- Metasploit Framework Important Questions PDF
- Lecture 2: Information Security and Ethical Hacking PDF
- Ethical Hacking Using Kali Linux PDF
- Information Systems Security Chapter 2 Attacks and Monitoring PDF
Full Transcript
**Which of the following is the correct order of steps in the Cyber Kill Chain model?** - A\) Reconnaissance, Weaponization, Delivery, Exploitation, Installation, Command and Control, Actions on Objectives - B\) Weaponization, Reconnaissance, Delivery, Exploitation, Installation, Com...
**Which of the following is the correct order of steps in the Cyber Kill Chain model?** - A\) Reconnaissance, Weaponization, Delivery, Exploitation, Installation, Command and Control, Actions on Objectives - B\) Weaponization, Reconnaissance, Delivery, Exploitation, Installation, Command and Control, Actions on Objectives - C\) Reconnaissance, Delivery, Weaponization, Exploitation, Installation, Command and Control, Actions on Objectives - D\) Delivery, Reconnaissance, Weaponization, Exploitation, Installation, Command and Control, Actions on Objectives **Which tool is best suited for bypassing antivirus detection by modifying malware signatures?** - A\) Metasploit - B\) Veil-Evasion - C\) Nmap - D\) Nikto **What is the primary purpose of using a proxy chain during an attack?** - A\) Speed up network connections - B\) Conceal the attacker\'s IP address - C\) Increase bandwidth - D\) Enhance payload delivery speed **Which of the following describes an ARP poisoning attack?** - A\) Altering ARP cache entries to intercept network traffic - B\) Flooding the ARP table with excessive entries - C\) Creating fake DNS entries - D\) Manipulating BGP routes **During a penetration test, what is the best method to determine if a firewall is stateful or stateless?** - A\) Perform a port scan with Nmap - B\) Conduct a SYN flood attack - C\) Analyze packet response and behavior over time - D\) Use a vulnerability scanner **Which technique is used to bypass modern Data Execution Prevention (DEP) mechanisms?** - A\) Return-Oriented Programming (ROP) - B\) Buffer Overflow - C\) SQL Injection - D\) Cross-Site Scripting (XSS) **What type of vulnerability does SQL injection exploit?** - A\) Input validation - B\) Memory corruption - C\) Access control - D\) Configuration management **Which wireless security protocol is considered the least secure and should be avoided?** - A\) WPA2 - B\) WEP - C\) WPA - D\) WPA3 **Which type of attack involves embedding malicious code into a website to target the users of that site?** - A\) SQL Injection - B\) Cross-Site Scripting (XSS) - C\) Cross-Site Request Forgery (CSRF) - D\) Phishing **What does a DNS zone transfer attack target?** - A\) Email servers - B\) DNS records - C\) Web applications - D\) Network firewalls **Which Metasploit payload allows an attacker to maintain a persistent connection on a compromised system?** - A\) Meterpreter - B\) Bind shell - C\) Reverse TCP - D\) Reverse HTTP **What is the main purpose of the tool \"John the Ripper\"?** - A\) Network scanning - B\) Password cracking - C\) Social engineering - D\) Vulnerability scanning **What is the primary objective of a buffer overflow attack?** - A\) To execute arbitrary code - B\) To deny service - C\) To escalate privileges - D\) To capture network traffic **Which protocol can be exploited to conduct a man-in-the-middle attack using a rogue DHCP server?** - A\) DNS - B\) SMTP - C\) HTTP - D\) DHCP **Which encryption algorithm is considered weak and should no longer be used due to vulnerabilities?** - A\) AES - B\) RSA - C\) DES - D\) ECC **What is the primary focus of a forensic investigation in a cyber incident?** - A\) To identify vulnerabilities - B\) To trace the attacker\'s actions - C\) To secure the network - D\) To develop patches **Which Linux command can be used to set a file to have immutable attributes, preventing even root from modifying it?** - A\) chown - B\) chmod - C\) chattr +i - D\) lsattr **Which type of malware can be used to provide unauthorized access to a system while concealing its presence?** - A\) Virus - B\) Worm - C\) Trojan - D\) Rootkit **Which attack technique can be mitigated by using a web application firewall (WAF)?** - A\) Brute force attack - B\) Man-in-the-middle attack - C\) SQL Injection - D\) Denial of Service **What is the main purpose of using the tool Burp Suite?** - A\) Network scanning - B\) Web application security testing - C\) Password cracking - D\) Exploit development **Which type of analysis is used to understand the functionality of a binary without executing it?** - A\) Dynamic analysis - B\) Static analysis - C\) Heuristic analysis - D\) Behavioral analysis **Which of the following is a commonly used technique for hiding malicious code in images?** - A\) Steganography - B\) Polymorphism - C\) Metamorphism - D\) Encoding **Which protocol is susceptible to eavesdropping attacks due to lack of encryption?** - A\) HTTPS - B\) SSH - C\) FTP - D\) SFTP **What is the primary difference between a virus and a worm?** - A\) Worms require user interaction to spread, viruses do not - B\) Viruses require user interaction to spread, worms do not - C\) Worms attach to files, viruses do not - D\) Viruses attach to files, worms do not **Which of the following tools is commonly used for performing DNS enumeration?** - A\) Nmap - B\) Nslookup - C\) Wireshark - D\) Nikto **What is the primary purpose of the tool Ettercap?** - A\) Web application testing - B\) Man-in-the-middle attacks - C\) Vulnerability scanning - D\) Network mapping **Which type of attack leverages weaknesses in the Simple Network Management Protocol (SNMP)?** - A\) Brute force attack - B\) Dictionary attack - C\) Enumeration - D\) Buffer overflow **Which of the following methods can be used to protect against SQL injection attacks?** - A\) Input validation - B\) Data encryption - C\) Strong passwords - D\) Two-factor authentication **Which component of the OSI model is responsible for routing packets across networks?** - A\) Data Link Layer - B\) Network Layer - C\) Transport Layer - D\) Session Layer **Which tool is specifically designed for automated vulnerability scanning of web applications?** - A\) Metasploit - B\) OpenVAS - C\) Nessus - D\) OWASP ZAP **Which technique is used by attackers to create a phishing site that looks identical to the legitimate site?** - A\) Domain spoofing - B\) Website cloning - C\) DNS poisoning - D\) ARP spoofing **Which command can be used on a Linux system to capture network traffic for analysis?** - A\) netstat - B\) tcpdump - C\) ifconfig - D\) traceroute **What is the primary use of the tool Aircrack-ng?** - A\) Wireless network cracking - B\) Network scanning - C\) Packet sniffing - D\) Password cracking **What type of attack involves intercepting and altering communication between two parties without their knowledge?** - A\) SQL Injection - B\) Man-in-the-middle attack - C\) Cross-Site Scripting (XSS) - D\) Phishing **Which command-line tool can be used to find information about the DNS servers of a domain?** - A\) traceroute - B\) nslookup - C\) ping - D\) netstat **Which type of vulnerability is commonly exploited by buffer overflow attacks?** - A\) Input validation - B\) Memory management - C\) Authentication - D\) Access control **What is the purpose of the tool Nikto?** - A\) Wireless network analysis - B\) Web server vulnerability scanning - C\) Password cracking - D\) Network mapping **Which of the following is an example of a social engineering attack?** - A\) SQL Injection - B\) Phishing - C\) Buffer overflow - D\) Cross-Site Scripting (XSS) **What is the primary purpose of a honeypot?** - A\) To detect unauthorized access - B\) To secure the network perimeter - C\) To encrypt sensitive data - D\) To improve network performance **Which protocol is often used to secure communication between email servers?** - A\) HTTP - B\) FTP - C\) SMTP - D\) STARTTLS **Which tool can be used to brute force attack wireless network encryption keys?** - A\) Nmap - B\) Hydra - C\) Aircrack-ng - D\) Metasploit **Which method is used to secure the integrity and confidentiality of data in transit?** - A\) Data masking - B\) Encryption - C\) Access control - D\) Hashing **What is the primary purpose of using SSL/TLS certificates in web applications?** - A\) To provide authentication and encryption - B\) To perform input validation - C\) To optimize web performance - D\) To manage user sessions **Which attack can be used to exploit vulnerabilities in session management mechanisms?** - A\) SQL Injection - B\) Cross-Site Request Forgery (CSRF) - C\) Buffer overflow - D\) Phishing **Which command can be used on a Linux system to view the current network connections?** - A\) ifconfig - B\) traceroute - C\) netstat - D\) tcpdump **Which type of attack involves flooding a target system with excessive requests to overwhelm it?** - A\) Man-in-the-middle attack - B\) Denial of Service (DoS) - C\) Phishing - D\) Cross-Site Scripting (XSS) **What is the purpose of the tool SQLmap?** - A\) To automate the process of exploiting SQL injection vulnerabilities - B\) To scan web servers for vulnerabilities - C\) To intercept and modify network traffic - D\) To perform brute force attacks on login pages **Which attack technique can be used to discover valid usernames on a target system?** - A\) Password spraying - B\) User enumeration - C\) ARP poisoning - D\) DNS poisoning **Which protocol is used to securely transfer files over a network?** - A\) HTTP - B\) FTP - C\) SFTP - D\) SMTP **What type of malware encrypts files on a victim\'s computer and demands payment for the decryption key?** - A\) Virus - B\) Worm - C\) Ransomware - D\) Spyware **Which type of attack attempts to exploit the predictable pattern of IPID incrementing in network devices?** - A\) IPID scanning - B\) ICMP redirection - C\) Fragmentation attack - D\) TCP sequence prediction **What is the primary goal of a time-based blind SQL injection?** - A\) To retrieve database schema information - B\) To determine the presence of vulnerabilities - C\) To delay the response from the database - D\) To extract data by inducing time delays **In a Kerberos authentication environment, what is the purpose of the Ticket Granting Ticket (TGT)?** - A\) To authenticate users to the network - B\) To provide service tickets for accessing network resources - C\) To encrypt user data - D\) To verify the integrity of network packets **Which attack exploits the poor implementation of the wireless protected setup (WPS) feature?** - A\) WPA2 cracking - B\) KRACK attack - C\) Reaver attack - D\) Evil twin attack **What is the significance of the MS17-010 vulnerability in cybersecurity?** - A\) It allows for privilege escalation on Linux systems - B\) It enables remote code execution on Windows systems - C\) It permits SQL injection attacks on web applications - D\) It facilitates cross-site scripting on web browsers **Which type of malware specifically targets industrial control systems and critical infrastructure?** - A\) Stuxnet - B\) WannaCry - C\) Mirai - D\) Conficker **In the context of web application security, what is the primary purpose of the Content Security Policy (CSP)?** - A\) To prevent SQL injection - B\) To block cross-site scripting (XSS) attacks - C\) To enforce HTTPS usage - D\) To restrict the use of cookies **What technique can be used to bypass network intrusion detection systems (IDS) by splitting malicious payloads into smaller packets?** - A\) Packet fragmentation - B\) TCP session hijacking - C\) ARP spoofing - D\) DNS tunneling **Which type of vulnerability is CVE-2017-5638 associated with, which affected Apache Struts?** - A\) Remote code execution - B\) Buffer overflow - C\) SQL injection - D\) Cross-site scripting **What is the primary function of the Kerberos Key Distribution Center (KDC)?** - A\) To manage encryption keys for network communication - B\) To authenticate users and issue tickets - C\) To encrypt and decrypt network traffic - D\) To monitor and log network activity **Which advanced evasion technique involves altering the order of TCP packets to avoid detection by IDS?** - A\) Packet fragmentation - B\) TCP segmentation - C\) Out-of-order delivery - D\) Polymorphic code **Which of the following is a primary characteristic of a rootkit?** - A\) It encrypts files and demands a ransom - B\) It provides unauthorized remote access to a system - C\) It self-replicates to spread across networks - D\) It disguises itself as legitimate software **What is the primary goal of a Watering Hole attack?** - A\) To compromise a specific group of end users - B\) To disrupt the operation of a website - C\) To extract sensitive data from databases - D\) To redirect traffic to a malicious site **Which technique can be used to execute a Return-Oriented Programming (ROP) attack?** - A\) Leveraging existing code snippets - B\) Modifying stack pointers - C\) Overwriting the heap - D\) Bypassing ASLR **Which type of analysis involves examining the assembly code of a binary file without executing it?** - A\) Static code analysis - B\) Dynamic code analysis - C\) Behavioral analysis - D\) Heuristic analysis **What is the main purpose of the tool Cuckoo Sandbox in malware analysis?** - A\) Static analysis of malware - B\) Dynamic analysis of malware - C\) Network traffic analysis - D\) Reverse engineering **In a penetration test, which technique can be used to discover hidden directories and files on a web server?** - A\) Directory brute forcing - B\) SQL injection - C\) Cross-site scripting - D\) DNS enumeration **Which of the following techniques can be used to gain access to an active directory domain by exploiting the Kerberos protocol?** - A\) Pass-the-ticket attack - B\) Pass-the-hash attack - C\) Golden ticket attack - D\) Silver ticket attack **Which feature of a secure boot process ensures that only digitally signed boot loaders are executed?** - A\) Secure boot - B\) Measured boot - C\) Trusted boot - D\) Chain of trust **Which method is commonly used to attack WPA3 wireless networks despite its enhanced security over WPA2?** - A\) Key reinstallation attacks - B\) Dragonblood attacks - C\) Dictionary attacks - D\) Evil twin attacks **What is the primary objective of a Padding Oracle Attack?** - A\) To decrypt ciphertext without knowing the encryption key - B\) To inject arbitrary SQL commands into a database - C\) To bypass authentication mechanisms - D\) To escalate user privileges **In the context of IPv6, what is the purpose of using the Neighbor Discovery Protocol (NDP)?** - A\) To resolve IP addresses to MAC addresses - B\) To secure communication between hosts - C\) To manage IP address allocation - D\) To prevent IP address spoofing **Which attack technique exploits the weakness of the EAPOL handshake in WPA/WPA2?** - A\) KRACK attack - B\) Reaver attack - C\) PMKID attack - D\) Evil twin attack **Which technique involves analyzing and exploiting the execution flow of a program to gain unauthorized access?** - A\) Dynamic code analysis - B\) Return-Oriented Programming (ROP) - C\) Stack pivoting - D\) DLL injection **What is the purpose of Address Space Layout Randomization (ASLR) in operating systems?** - A\) To encrypt sensitive data in memory - B\) To prevent buffer overflow attacks - C\) To randomize the memory addresses used by system and application processes - D\) To ensure secure communication between processes **Which tool is used to perform advanced persistent threat (APT) simulation in a red team engagement?** - A\) Cobalt Strike - B\) Wireshark - C\) Nmap - D\) Burp Suite **What is the main advantage of using elliptic curve cryptography (ECC) over traditional RSA encryption?** - A\) Shorter key lengths with equivalent security - B\) Easier implementation in software - C\) Greater compatibility with older systems - D\) Higher encryption speed **Which of the following describes a \'Golden Ticket\' attack?** - A\) Using a forged Kerberos ticket granting ticket (TGT) - B\) Exploiting SSL/TLS vulnerabilities - C\) Leveraging a compromised SSH key - D\) Manipulating DNS records **In which type of attack is an attacker able to execute arbitrary commands on a server by exploiting a web application?** - A\) Command injection - B\) SQL injection - C\) Cross-Site Scripting (XSS) - D\) XML External Entity (XXE) **Which vulnerability allows attackers to manipulate the flow of data between a user and a database by injecting commands through input fields?** - A\) Cross-Site Scripting (XSS) - B\) SQL injection - C\) Cross-Site Request Forgery (CSRF) - D\) Directory traversal **Which technique involves exploiting the trust relationship between a website and a user\'s browser to perform unauthorized actions on the user\'s behalf?** - A\) SQL injection - B\) Cross-Site Request Forgery (CSRF) - C\) Cross-Site Scripting (XSS) - D\) Command injection **What is the primary objective of a \'Silver Ticket\' attack in Kerberos?** - A\) To forge a service ticket for unauthorized access - B\) To decrypt Kerberos tickets - C\) To modify Kerberos policies - D\) To impersonate a domain controller **Which type of malware specifically targets macOS systems and is known for exploiting vulnerabilities unique to Apple\'s ecosystem?** - A\) XcodeGhost - B\) WannaCry - C\) Mirai - D\) Stuxnet **What is the purpose of using the tool Mimikatz in post-exploitation activities?** - A\) To extract plaintext passwords, hashes, PIN codes, and Kerberos tickets from memory - B\) To perform network scanning and mapping - C\) To analyze and reverse-engineer malware - D\) To perform brute force attacks on login pages **Which type of attack involves injecting malicious SQL code through a query string to manipulate a database?** - A\) SQL injection - B\) Cross-Site Scripting (XSS) - C\) Cross-Site Request Forgery (CSRF) - D\) Command injection **What is the primary function of the tool OWASP ZAP?** - A\) Network vulnerability scanning - B\) Web application security testing - C\) Password cracking - D\) Wireless network analysis **Which advanced evasion technique involves altering the packet size to bypass detection by IDS/IPS systems?** - A\) Packet fragmentation - B\) TCP segmentation - C\) IP tunneling - D\) Protocol obfuscation **What type of attack leverages the SMB protocol to spread malware laterally across a network?** - A\) Pass-the-hash attack - B\) EternalBlue exploit - C\) DNS spoofing - D\) ARP poisoning **Which attack technique involves crafting malicious PDF files to exploit vulnerabilities in PDF readers?** - A\) Exploit kits - B\) Malvertising - C\) Spear phishing - D\) File format exploits **What is the primary goal of the Pass-the-Hash attack in a Windows environment?** - A\) To use stolen hash values to authenticate without cracking them - B\) To brute force password hashes - C\) To inject malicious code into hashed data - D\) To capture plaintext passwords **Which attack exploits vulnerabilities in web application frameworks to perform unauthorized actions within a user session?** - A\) Cross-Site Scripting (XSS) - B\) Cross-Site Request Forgery (CSRF) - C\) SQL injection - D\) Command injection **Which technique can be used to bypass the security mechanisms of modern operating systems by redirecting execution flow to existing code within the program?** - A\) Return-Oriented Programming (ROP) - B\) Buffer overflow - C\) SQL injection - D\) Cross-Site Scripting (XSS) **Which tool is commonly used for intercepting and analyzing HTTP/HTTPS traffic between a client and server?** - A\) Wireshark - B\) Burp Suite - C\) Nmap - D\) Metasploit **Which type of attack leverages XML entities to perform actions such as reading local files or making HTTP requests to internal systems?** - A\) SQL injection - B\) Cross-Site Scripting (XSS) - C\) XML External Entity (XXE) injection - D\) Command injection **What is the purpose of the tool PowerSploit in a penetration testing context?** - A\) To exploit PowerShell to perform post-exploitation tasks - B\) To scan for vulnerabilities in web applications - C\) To perform wireless network cracking - D\) To analyze network traffic **Which method can be used to bypass multi-factor authentication (MFA) by intercepting and reusing authentication tokens?** - A\) Session hijacking - B\) Phishing - C\) SQL injection - D\) Cross-Site Scripting (XSS) **Which of the following attack techniques involves altering the execution flow of a program by modifying its memory contents?** - A\) Buffer overflow - B\) SQL injection - C\) Cross-Site Scripting (XSS) - D\) Directory traversal **Which type of malware is designed to take control of a computer system and send sensitive information to an external party?** - A\) Spyware - B\) Ransomware - C\) Adware - D\) Rootkit **Which tool can be used to perform a man-in-the-middle attack by intercepting and modifying HTTP requests and responses?** - A\) Wireshark - B\) Burp Suite - C\) Nmap - D\) Metasploit **Which advanced attack technique involves using precomputed tables to expedite the cracking of password hashes?** - A\) Rainbow tables - B\) Brute force attack - C\) Dictionary attack - D\) Hybrid attack **Which type of vulnerability involves the improper handling of race conditions in multi-threaded applications?** - A\) Buffer overflow - B\) SQL injection - C\) Race condition - D\) Cross-site scripting **What is the primary purpose of the \'BeEF\' tool in penetration testing?** - A\) Network scanning - B\) Browser exploitation - C\) Password cracking - D\) Malware analysis **Which type of attack involves injecting malicious code into a web application through a web form and bypassing input validation?** - A\) SQL injection - B\) Cross-Site Scripting (XSS) - C\) Command injection - D\) Buffer overflow **What is the primary goal of an ARP spoofing attack?** - A\) To intercept and modify network traffic - B\) To perform a denial-of-service attack - C\) To discover hidden network devices - D\) To exploit SQL injection vulnerabilities **Which attack technique involves crafting malicious URLs that include encoded characters to bypass security filters?** - A\) URL encoding attack - B\) SQL injection - C\) Cross-Site Scripting (XSS) - D\) Path traversal **Which method is used to obscure the origin and nature of network traffic, often used by attackers to avoid detection?** - A\) Tunneling - B\) Encryption - C\) Obfuscation - D\) Polymorphism **What is the primary objective of the \'Responder\' tool in a penetration test?** - A\) To perform network scanning - B\) To capture and analyze NetBIOS, LLMNR, and MDNS traffic - C\) To brute force passwords - D\) To exploit SQL injection vulnerabilities **Which technique is used to evade antivirus detection by altering the appearance of malware?** - A\) Code obfuscation - B\) Network tunneling - C\) SQL injection - D\) Cross-Site Scripting (XSS) **What is the primary function of the \'Metasploit\' framework in ethical hacking?** - A\) Network vulnerability scanning - B\) Web application security testing - C\) Exploit development and execution - D\) Wireless network analysis **Which attack involves the use of crafted network packets to cause a target system to repeatedly allocate memory until it crashes?** - A\) Buffer overflow - B\) Denial of Service (DoS) - C\) Heap spraying - D\) Memory leak **Which method can be used to bypass security measures by injecting code into a dynamic link library (DLL)?** - A\) DLL injection - B\) SQL injection - C\) Cross-Site Scripting (XSS) - D\) Command injection **What is the primary purpose of the \'Nikto\' tool in web application security testing?** - A\) To scan web servers for vulnerabilities - B\) To intercept and modify HTTP/HTTPS traffic - C\) To perform brute force attacks - D\) To analyze network traffic **Which technique involves using a trusted third-party to mediate communication between a client and a server, often for the purpose of avoiding direct exposure?** - A\) Proxying - B\) Tunneling - C\) VPN - D\) IP masquerading **What is the primary objective of a \'Credential Stuffing\' attack?** - A\) To brute force login credentials - B\) To exploit SQL injection vulnerabilities - C\) To use stolen credentials across multiple sites - D\) To perform a denial-of-service attack **Which vulnerability involves exploiting the improper handling of untrusted data within an XML parser?** - A\) XML External Entity (XXE) injection - B\) SQL injection - C\) Cross-Site Scripting (XSS) - D\) Command injection **Which technique involves capturing network packets and replaying them to achieve unauthorized access?** - A\) Packet injection - B\) Replay attack - C\) ARP spoofing - D\) Man-in-the-middle attack **What is the primary goal of a \'Rainbow Table\' in password cracking?** - A\) To perform brute force attacks - B\) To use precomputed hash values for quick cracking - C\) To perform dictionary attacks - D\) To bypass encryption **Which type of malware specifically targets the firmware of a computer system to persist through reboots and evade detection?** - A\) Rootkit - B\) Bootkit - C\) Ransomware - D\) Spyware **What is the primary function of the \'Aircrack-ng\' suite in wireless network security?** - A\) To scan for network vulnerabilities - B\) To crack WEP and WPA-PSK keys - C\) To perform man-in-the-middle attacks - D\) To analyze network traffic **Which attack technique leverages vulnerabilities in the SMB protocol to execute remote code on a target system?** - A\) EternalBlue exploit - B\) ARP spoofing - C\) SQL injection - D\) Cross-Site Scripting (XSS) **What is the primary purpose of a \'Bait-and-Switch\' attack in cybersecurity?** - A\) To redirect users to malicious websites - B\) To steal login credentials - C\) To deliver malware through deceptive means - D\) To perform denial-of-service attacks **Which type of attack leverages the use of Unicode characters to obfuscate malicious payloads in web applications?** - A\) Unicode encoding attack - B\) SQL injection - C\) Cross-Site Scripting (XSS) - D\) Command injection **What is the primary objective of a \'Key Reinstallation Attack\' (KRACK) against WPA2?** - A\) To crack the encryption key - B\) To force the reinstallation of the encryption key - C\) To perform a denial-of-service attack - D\) To intercept and modify network traffic **Which type of vulnerability is associated with the improper implementation of OAuth 2.0 in web applications?** - A\) Cross-Site Request Forgery (CSRF) - B\) Insecure token storage - C\) SQL injection - D\) Command injection **What is the purpose of using the \'John the Ripper\' tool in cybersecurity?** - A\) To analyze network traffic - B\) To crack passwords - C\) To scan for web vulnerabilities - D\) To intercept and modify HTTP/HTTPS traffic **Which attack technique involves exploiting vulnerabilities in a system\'s memory allocation to execute arbitrary code?** - A\) Heap spraying - B\) Buffer overflow - C\) Stack smashing - D\) Use-after-free **What is the primary goal of a \'Drive-by Download\' attack?** - A\) To exploit vulnerabilities in web browsers - B\) To deliver malware through malicious websites - C\) To intercept network traffic - D\) To perform denial-of-service attacks **Which type of attack involves the use of rogue DNS servers to redirect traffic from legitimate websites to malicious ones?** - A\) DNS spoofing - B\) ARP spoofing - C\) Man-in-the-middle attack - D\) SQL injection **What is the primary function of the \'Snort\' tool in network security?** - A\) Intrusion detection and prevention - B\) Network vulnerability scanning - C\) Password cracking - D\) Web application security testing **Which type of attack involves sending specially crafted packets to a network device to disrupt its normal operations?** - A\) Denial of Service (DoS) - B\) Packet fragmentation - C\) Man-in-the-middle attack - D\) Cross-Site Scripting (XSS) **What is the primary objective of a \'Fileless Malware\' attack?** - A\) To persist in the system without being detected - B\) To encrypt files and demand a ransom - C\) To spread through network shares - D\) To steal login credentials **Which technique involves modifying the memory address of a running process to inject malicious code?** - A\) Process hollowing - B\) DLL injection - C\) Code injection - D\) SQL injection **What is the primary goal of a \'Session Fixation\' attack?** - A\) To force a user to use a known session ID - B\) To steal session cookies - C\) To bypass authentication mechanisms - D\) To perform a denial-of-service attack **Which type of vulnerability allows attackers to exploit the way web applications parse HTML to execute malicious scripts?** - A\) Cross-Site Scripting (XSS) - B\) SQL injection - C\) Cross-Site Request Forgery (CSRF) - D\) Command injection **What is the primary purpose of the \'Kali Linux\' distribution in cybersecurity?** - A\) Network administration - B\) Penetration testing - C\) Web development - D\) System administration **Which technique involves embedding a malicious payload within a seemingly legitimate file or document?** - A\) Steganography - B\) Code obfuscation - C\) Phishing - D\) Social engineering **What is the primary goal of a \'Credential Harvesting\' attack?** - A\) To steal login credentials - B\) To perform a denial-of-service attack - C\) To exploit SQL injection vulnerabilities - D\) To intercept network traffic **Which type of attack involves exploiting the way web browsers handle JavaScript to execute malicious code?** - A\) Cross-Site Scripting (XSS) - B\) SQL injection - C\) Cross-Site Request Forgery (CSRF) - D\) Command injection **What is the primary objective of a \'Command and Control\' (C2) server in a botnet attack?** - A\) To manage and control infected devices - B\) To spread malware - C\) To perform network scanning - D\) To intercept network traffic **Which attack technique involves modifying a legitimate website to include malicious content that redirects users to a different website?** - A\) URL redirection - B\) SQL injection - C\) Cross-Site Scripting (XSS) - D\) Command injection **Which type of vulnerability involves exploiting the way applications parse and process XML data?** - A\) XML External Entity (XXE) injection - B\) SQL injection - C\) Cross-Site Scripting (XSS) - D\) Command injection **What is the primary function of the \'Hydra\' tool in cybersecurity?** - A\) Password cracking - B\) Network scanning - C\) Web application security testing - D\) Malware analysis **Which technique involves injecting malicious code into an application\'s memory to take control of its execution flow?** - A\) Code injection - B\) SQL injection - C\) Cross-Site Scripting (XSS) - D\) Command injection **What is the primary objective of a \'Watering Hole\' attack?** - A\) To compromise a specific group of end users - B\) To steal login credentials - C\) To perform a denial-of-service attack - D\) To exploit SQL injection vulnerabilities **Which attack involves the use of malicious code to exploit vulnerabilities in the server-side code execution environment?** - A\) Server-Side Request Forgery (SSRF) - B\) Cross-Site Scripting (XSS) - C\) SQL injection - D\) Command injection **What is the primary goal of a \'Buffer Overflow\' attack?** - A\) To execute arbitrary code - B\) To steal login credentials - C\) To intercept network traffic - D\) To perform a denial-of-service attack **Which technique involves using legitimate tools to execute malicious payloads to avoid detection by security software?** - A\) Living off the land - B\) Code obfuscation - C\) SQL injection - D\) Cross-Site Scripting (XSS) **What is the primary objective of a \'Denial of Service\' (DoS) attack?** - A\) To disrupt the availability of services - B\) To steal login credentials - C\) To exploit SQL injection vulnerabilities - D\) To intercept network traffic **Which type of attack involves intercepting and modifying communications between two parties without their knowledge?** - A\) Man-in-the-middle attack - B\) SQL injection - C\) Cross-Site Scripting (XSS) - D\) Command injection **What is the primary function of the \'Nessus\' tool in network security?** - A\) Network vulnerability scanning - B\) Password cracking - C\) Web application security testing - D\) Intrusion detection and prevention 1. **Which type of vulnerability involves the improper handling of race conditions in multi-threaded applications?** - A\) Buffer overflow - B\) SQL injection - C\) Race condition - D\) Cross-site scripting 2. **What is the primary purpose of the \'BeEF\' tool in penetration testing?** - A\) Network scanning - B\) Browser exploitation - C\) Password cracking - D\) Malware analysis 3. **Which type of attack involves injecting malicious code into a web application through a web form and bypassing input validation?** - A\) SQL injection - B\) Cross-Site Scripting (XSS) - C\) Command injection - D\) Buffer overflow 4. **What is the primary goal of an ARP spoofing attack?** - A\) To intercept and modify network traffic - B\) To perform a denial-of-service attack - C\) To discover hidden network devices - D\) To exploit SQL injection vulnerabilities 5. **Which attack technique involves crafting malicious URLs that include encoded characters to bypass security filters?** - A\) URL encoding attack - B\) SQL injection - C\) Cross-Site Scripting (XSS) - D\) Path traversal 6. **Which method is used to obscure the origin and nature of network traffic, often used by attackers to avoid detection?** - A\) Tunneling - B\) Encryption - C\) Obfuscation - D\) Polymorphism 7. **What is the primary objective of the \'Responder\' tool in a penetration test?** - A\) To perform network scanning - B\) To capture and analyze NetBIOS, LLMNR, and MDNS traffic - C\) To brute force passwords - D\) To exploit SQL injection vulnerabilities 8. **Which technique is used to evade antivirus detection by altering the appearance of malware?** - A\) Code obfuscation - B\) Network tunneling - C\) SQL injection - D\) Cross-Site Scripting (XSS) 9. **What is the primary function of the \'Metasploit\' framework in ethical hacking?** - A\) Network vulnerability scanning - B\) Web application security testing - C\) Exploit development and execution - D\) Wireless network analysis 10. **Which attack involves the use of crafted network packets to cause a target system to repeatedly allocate memory until it crashes?** - A\) Buffer overflow - B\) Denial of Service (DoS) - C\) Heap spraying - D\) Memory leak 11. **Which method can be used to bypass security measures by injecting code into a dynamic link library (DLL)?** - A\) DLL injection - B\) SQL injection - C\) Cross-Site Scripting (XSS) - D\) Command injection 12. **What is the primary purpose of the \'Nikto\' tool in web application security testing?** - A\) To scan web servers for vulnerabilities - B\) To intercept and modify HTTP/HTTPS traffic - C\) To perform brute force attacks - D\) To analyze network traffic 13. **Which technique involves using a trusted third-party to mediate communication between a client and a server, often for the purpose of avoiding direct exposure?** - A\) Proxying - B\) Tunneling - C\) VPN - D\) IP masquerading 14. **What is the primary objective of a \'Credential Stuffing\' attack?** - A\) To brute force login credentials - B\) To exploit SQL injection vulnerabilities - C\) To use stolen credentials across multiple sites - D\) To perform a denial-of-service attack 15. **Which vulnerability involves exploiting the improper handling of untrusted data within an XML parser?** - A\) XML External Entity (XXE) injection - B\) SQL injection - C\) Cross-Site Scripting (XSS) - D\) Command injection 16. **Which technique involves capturing network packets and replaying them to achieve unauthorized access?** - A\) Packet injection - B\) Replay attack - C\) ARP spoofing - D\) Man-in-the-middle attack 17. **What is the primary goal of a \'Rainbow Table\' in password cracking?** - A\) To perform brute force attacks - B\) To use precomputed hash values for quick cracking - C\) To perform dictionary attacks - D\) To bypass encryption 18. **Which type of malware specifically targets the firmware of a computer system to persist through reboots and evade detection?** - A\) Rootkit - B\) Bootkit - C\) Ransomware - D\) Spyware 19. **What is the primary function of the \'Aircrack-ng\' suite in wireless network security?** - A\) To scan for network vulnerabilities - B\) To crack WEP and WPA-PSK keys - C\) To perform man-in-the-middle attacks - D\) To analyze network traffic 20. **Which attack technique leverages vulnerabilities in the SMB protocol to execute remote code on a target system?** - A\) EternalBlue exploit - B\) ARP spoofing - C\) SQL injection - D\) Cross-Site Scripting (XSS) 21. **What is the primary purpose of a \'Bait-and-Switch\' attack in cybersecurity?** - A\) To redirect users to malicious websites - B\) To steal login credentials - C\) To deliver malware through deceptive means - D\) To perform denial-of-service attacks 22. **Which type of attack leverages the use of Unicode characters to obfuscate malicious payloads in web applications?** - A\) Unicode encoding attack - B\) SQL injection - C\) Cross-Site Scripting (XSS) - D\) Command injection 23. **What is the primary objective of a \'Key Reinstallation Attack\' (KRACK) against WPA2?** - A\) To crack the encryption key - B\) To force the reinstallation of the encryption key - C\) To perform a denial-of-service attack - D\) To intercept and modify network traffic 24. **Which type of vulnerability is associated with the improper implementation of OAuth 2.0 in web applications?** - A\) Cross-Site Request Forgery (CSRF) - B\) Insecure token storage - C\) SQL injection - D\) Command injection 25. **What is the purpose of using the \'John the Ripper\' tool in cybersecurity?** - A\) To analyze network traffic - B\) To crack passwords - C\) To scan for web vulnerabilities - D\) To intercept and modify HTTP/HTTPS traffic 26. **Which attack technique involves exploiting vulnerabilities in a system\'s memory allocation to execute arbitrary code?** - A\) Heap spraying - B\) Buffer overflow - C\) Stack smashing - D\) Use-after-free 27. **What is the primary goal of a \'Drive-by Download\' attack?** - A\) To exploit vulnerabilities in web browsers - B\) To deliver malware through malicious websites - C\) To intercept network traffic - D\) To perform denial-of-service attacks 28. **Which type of attack involves the use of rogue DNS servers to redirect traffic from legitimate websites to malicious ones?** - A\) DNS spoofing - B\) ARP spoofing - C\) Man-in-the-middle attack - D\) SQL injection 29. **What is the primary function of the \'Snort\' tool in network security?** - A\) Intrusion detection and prevention - B\) Network vulnerability scanning - C\) Password cracking - D\) Web application security testing 30. **Which type of attack involves sending specially crafted packets to a network device to disrupt its normal operations?** - A\) Denial of Service (DoS) - B\) Packet fragmentation - C\) Man-in-the-middle attack - D\) Cross-Site Scripting (XSS) 31. **What is the primary objective of a \'Fileless Malware\' attack?** - A\) To persist in the system without being detected - B\) To encrypt files and demand a ransom - C\) To spread through network shares - D\) To steal login credentials 32. **Which technique involves modifying the memory address of a running process to inject malicious code?** - A\) Process hollowing - B\) DLL injection - C\) Code injection - D\) SQL injection 33. **What is the primary goal of a \'Session Fixation\' attack?** - A\) To force a user to use a known session ID - B\) To steal session cookies - C\) To bypass authentication mechanisms - D\) To perform a denial-of-service attack 34. **Which type of vulnerability allows attackers to exploit the way web applications parse HTML to execute malicious scripts?** - A\) Cross-Site Scripting (XSS) - B\) SQL injection - C\) Cross-Site Request Forgery (CSRF) - D\) Command injection 35. **What is the primary purpose of the \'Kali Linux\' distribution in cybersecurity?** - A\) Network administration - B\) Penetration testing - C\) Web development - D\) System administration 36. **Which technique involves embedding a malicious payload within a seemingly legitimate file or document?** - A\) Steganography - B\) Code obfuscation - C\) Phishing - D\) Social engineering 37. **What is the primary goal of a \'Credential Harvesting\' attack?** - A\) To steal login credentials - B\) To perform a denial-of-service attack - C\) To exploit SQL injection vulnerabilities - D\) To intercept network traffic 38. **Which type of attack involves exploiting the way web browsers handle JavaScript to execute malicious code?** - A\) Cross-Site Scripting (XSS) - B\) SQL injection - C\) Cross-Site Request Forgery (CSRF) - D\) Command injection 39. **What is the primary objective of a \'Command and Control\' (C2) server in a botnet attack?** - A\) To manage and control infected devices - B\) To spread malware - C\) To perform network scanning - D\) To intercept network traffic 40. **Which attack technique involves modifying a legitimate website to include malicious content that redirects users to a different website?** - A\) URL redirection - B\) SQL injection - C\) Cross-Site Scripting (XSS) - D\) Command injection 41. **Which type of vulnerability involves exploiting the way applications parse and process XML data?** - A\) XML External Entity (XXE) injection - B\) SQL injection - C\) Cross-Site Scripting (XSS) - D\) Command injection 42. **What is the primary function of the \'Hydra\' tool in cybersecurity?** - A\) Password cracking - B\) Network scanning - C\) Web application security testing - D\) Malware analysis 43. **Which technique involves injecting malicious code into an application\'s memory to take control of its execution flow?** - A\) Code injection - B\) SQL injection - C\) Cross-Site Scripting (XSS) - D\) Command injection 44. **What is the primary objective of a \'Watering Hole\' attack?** - A\) To compromise a specific group of end users - B\) To steal login credentials - C\) To perform a denial-of-service attack - D\) To exploit SQL injection vulnerabilities 45. **Which attack involves the use of malicious code to exploit vulnerabilities in the server-side code execution environment?** - A\) Server-Side Request Forgery (SSRF) - B\) Cross-Site Scripting (XSS) - C\) SQL injection - D\) Command injection 46. **What is the primary goal of a \'Buffer Overflow\' attack?** - A\) To execute arbitrary code - B\) To steal login credentials - C\) To intercept network traffic - D\) To perform a denial-of-service attack 47. **Which technique involves using legitimate tools to execute malicious payloads to avoid detection by security software?** - A\) Living off the land - B\) Code obfuscation - C\) SQL injection - D\) Cross-Site Scripting (XSS) 48. **What is the primary objective of a \'Denial of Service\' (DoS) attack?** - A\) To disrupt the availability of services - B\) To steal login credentials - C\) To exploit SQL injection vulnerabilities - D\) To intercept network traffic 49. **Which type of attack involves intercepting and modifying communications between two parties without their knowledge?** - A\) Man-in-the-middle attack - B\) SQL injection - C\) Cross-Site Scripting (XSS) - D\) Command injection 50. **What is the primary function of the \'Nessus\' tool in network security?** - A\) Network vulnerability scanning - B\) Password cracking - C\) Web application security testing - D\) Intrusion detection and prevention These questions are designed to challenge your understanding of advanced ethical hacking concepts, including sophisticated attack techniques, security mechanisms, and penetration testing tools. 2/2 4o give me something harder this is too easy ChatGPT Sure! Here are 50 more advanced and challenging CEH v12 questions: 1. **Which technique involves manipulating the memory allocation behavior of an application to cause a heap overflow and execute arbitrary code?** - A\) Buffer overflow - B\) Heap spraying - C\) Return-Oriented Programming (ROP) - D\) Use-after-free 2. **What is the purpose of a \'Side-Channel Attack\' in the context of cryptographic systems?** - A\) To exploit vulnerabilities in the implementation of cryptographic algorithms - B\) To decrypt data by brute force - C\) To eavesdrop on network communications - D\) To execute code on a remote server 3. **Which advanced technique involves altering the behavior of a hardware component to extract sensitive data?** - A\) Firmware reverse engineering - B\) Hardware Trojan - C\) Side-channel attack - D\) Physical tampering 4. **Which type of malware uses advanced evasion techniques to remain undetected and persist in a system for long periods?** - A\) Advanced Persistent Threat (APT) - B\) Rootkit - C\) Ransomware - D\) Polymorphic malware 5. **Which method involves intercepting cryptographic keys or other sensitive data by analyzing the physical implementation of a cryptosystem?** - A\) Differential Cryptanalysis - B\) Side-channel attack - C\) Timing attack - D\) Man-in-the-middle attack 6. **What is the primary goal of \'Heap Spraying\' in an exploit?** - A\) To fill the heap with predictable data - B\) To execute code in kernel mode - C\) To perform a buffer overflow - D\) To evade detection by antivirus software 7. **Which technique is used to subvert the control flow of a program by overwriting the return address of a function call?** - A\) Buffer overflow - B\) Return-Oriented Programming (ROP) - C\) Heap spraying - D\) Use-after-free 8. **What is the purpose of \'ROP (Return-Oriented Programming)\' in modern exploitation?** - A\) To execute arbitrary code without injecting new code - B\) To bypass network firewalls - C\) To exploit SQL injection vulnerabilities - D\) To perform denial-of-service attacks 9. **Which attack leverages the predictable nature of certain cryptographic algorithms to reduce the complexity of brute-force attacks?** - A\) Rainbow table attack - B\) Birthday attack - C\) Differential cryptanalysis - D\) Chosen-plaintext attack 10. **What is the primary objective of \'Timing Attacks\' against cryptographic systems?** - A\) To measure the time taken to execute cryptographic algorithms - B\) To intercept cryptographic keys during transmission - C\) To decrypt data by brute force - D\) To perform denial-of-service attacks 11. **Which technique involves the use of electromagnetic emissions to extract information from electronic devices?** - A\) Electromagnetic eavesdropping - B\) Side-channel attack - C\) Fault injection - D\) Timing attack 12. **What is the primary goal of \'Fault Injection Attacks\' on cryptographic systems?** - A\) To induce errors and analyze their effects - B\) To intercept network communications - C\) To decrypt data by brute force - D\) To execute arbitrary code on a remote server 13. **Which technique involves modifying the microcode or firmware of a hardware device to perform malicious actions?** - A\) Hardware Trojan - B\) Firmware reverse engineering - C\) Side-channel attack - D\) Electromagnetic eavesdropping 14. **What is the purpose of \'Cold Boot Attacks\' on encryption keys?** - A\) To retrieve encryption keys from RAM after a system reboot - B\) To exploit vulnerabilities in BIOS firmware - C\) To inject malicious code into the operating system - D\) To intercept network traffic 15. **Which advanced exploitation technique involves using flaws in the memory management of a virtual machine to escape to the host system?** - A\) Virtual machine escape - B\) Buffer overflow - C\) Return-Oriented Programming (ROP) - D\) Heap spraying 16. **What is the primary objective of \'Spectre and Meltdown\' vulnerabilities in modern processors?** - A\) To exploit speculative execution and gain access to sensitive data - B\) To perform a denial-of-service attack - C\) To inject malicious code into running processes - D\) To bypass network firewalls 17. **Which type of malware uses sophisticated techniques to hide its presence by intercepting and modifying system calls?** - A\) Rootkit - B\) Ransomware - C\) Worm - D\) Trojan 18. **What is the purpose of \'Rowhammer\' attacks on DRAM memory?** - A\) To flip bits in adjacent memory rows - B\) To intercept network traffic - C\) To execute arbitrary code - D\) To exploit SQL injection vulnerabilities 19. **Which technique involves the use of machine learning algorithms to automatically discover vulnerabilities in software?** - A\) Fuzzing - B\) Static analysis - C\) Heuristic analysis - D\) AI-driven vulnerability discovery 20. **What is the primary objective of \'BlueKeep\' vulnerability exploitation?** - A\) To execute remote code on vulnerable RDP services - B\) To perform a denial-of-service attack - C\) To inject malicious code into running processes - D\) To bypass network firewalls 21. **Which attack involves manipulating the branch prediction feature of modern processors to execute arbitrary code?** - A\) Branch target injection - B\) Side-channel attack - C\) Buffer overflow - D\) Heap spraying 22. **What is the primary goal of \'Polymorphic Malware\' in evading detection?** - A\) To change its code structure on each infection - B\) To intercept network traffic - C\) To encrypt data and demand a ransom - D\) To perform a denial-of-service attack 23. **Which advanced exploitation technique involves triggering a race condition to gain unauthorized access?** - A\) Time-of-Check to Time-of-Use (TOCTOU) attack - B\) Buffer overflow - C\) Return-Oriented Programming (ROP) - D\) Heap spraying 24. **What is the purpose of a \'Logic Bomb\' in malware?** - A\) To execute a payload at a specific time or event - B\) To intercept network traffic - C\) To encrypt data and demand a ransom - D\) To perform a denial-of-service attack 25. **Which attack exploits vulnerabilities in the handling of JavaScript objects to execute arbitrary code?** - A\) Use-after-free - B\) Cross-Site Scripting (XSS) - C\) SQL injection - D\) Buffer overflow 26. **What is the primary goal of \'Differential Cryptanalysis\' against cryptographic algorithms?** - A\) To analyze differences in ciphertexts to deduce the key - B\) To brute force encryption keys - C\) To intercept cryptographic keys during transmission - D\) To perform denial-of-service attacks 27. **Which technique involves analyzing memory dumps to extract sensitive information such as encryption keys?** - A\) Memory forensics - B\) Heap spraying - C\) Buffer overflow - D\) Use-after-free 28. **What is the purpose of \'Buffer Overflow Protection\' mechanisms such as DEP and ASLR?** - A\) To prevent execution of injected code - B\) To intercept network traffic - C\) To encrypt data and demand a ransom - D\) To perform a denial-of-service attack 29. **Which type of malware is designed to evade detection by modifying itself with each infection?** - A\) Polymorphic malware - B\) Rootkit - C\) Ransomware - D\) Trojan 30. **What is the primary objective of \'Timing Attacks\' in cryptanalysis?** - A\) To analyze the time taken to perform cryptographic operations - B\) To intercept network communications - C\) To decrypt data by brute force - D\) To perform denial-of-service attacks 31. **Which technique involves injecting faults into a cryptographic device to gain access to sensitive information?** - A\) Fault injection - B\) Side-channel attack - C\) Buffer overflow - D\) Return-Oriented Programming (ROP) 32. **What is the purpose of \'Cold Boot Attacks\' in accessing encryption keys?** - A\) To retrieve encryption keys from volatile memory - B\) To exploit vulnerabilities in BIOS firmware - C\) To inject malicious code into the operating system - D\) To intercept network traffic 33. **Which advanced attack involves exploiting the speculative execution feature of modern processors to leak sensitive data?** - A\) Spectre - B\) Meltdown - C\) Rowhammer - D\) Branch target injection 34. **What is the primary goal of \'Memory Corruption Attacks\' in exploitation?** - A\) To alter the normal execution flow of a program - B\) To intercept network traffic - C\) To encrypt data and demand a ransom - D\) To perform a denial-of-service attack 35. **Which technique involves analyzing the power consumption patterns of a device to extract cryptographic keys?** - A\) Power analysis attack - B\) Timing attack - C\) Side-channel attack - D\) Electromagnetic eavesdropping 36. **What is the primary purpose of \'Kernel Exploits\' in advanced attacks?** - A\) To gain privileged access to the operating system - B\) To intercept network traffic - C\) To encrypt data and demand a ransom - D\) To perform denial-of-service attacks 37. **Which advanced technique involves the use of multiple layers of encryption and obfuscation to evade detection and analysis?** - A\) Advanced Persistent Threat (APT) - B\) Polymorphic malware - C\) Steganography - D\) Code obfuscation 38. **What is the primary goal of \'Return-Oriented Programming (ROP)\' in modern exploitation techniques?** - A\) To execute arbitrary code using existing code snippets - B\) To bypass network firewalls - C\) To exploit SQL injection vulnerabilities - D\) To perform denial-of-service attacks 39. **Which attack technique leverages hardware vulnerabilities to execute arbitrary code on a target device?** - A\) Hardware Trojan - B\) Firmware reverse engineering - C\) Side-channel attack - D\) Fault injection 40. **What is the primary objective of \'Rowhammer\' attacks in DRAM memory exploitation?** - A\) To induce bit flips in adjacent memory cells - B\) To intercept network traffic - C\) To execute arbitrary code - D\) To exploit SQL injection vulnerabilities 41. **Which technique involves modifying the firmware of a device to perform malicious actions undetected?** - A\) Firmware reverse engineering - B\) Hardware Trojan - C\) Side-channel attack - D\) Electromagnetic eavesdropping 42. **What is the purpose of \'Fuzz Testing\' in software security?** - A\) To discover vulnerabilities by inputting random data - B\) To analyze network traffic - C\) To encrypt data and demand a ransom - D\) To perform denial-of-service attacks 43. **Which advanced attack involves exploiting timing variations in cryptographic operations to extract sensitive data?** - A\) Timing attack - B\) Power analysis attack - C\) Side-channel attack - D\) Electromagnetic eavesdropping 44. **What is the primary goal of \'Heap Spraying\' in modern exploitation techniques?** - A\) To fill the heap with predictable data for exploitation - B\) To execute code in kernel mode - C\) To perform a buffer overflow - D\) To evade detection by antivirus software 45. **Which type of malware specifically targets the firmware of a system to persist through reboots and avoid detection?** - A\) Bootkit - B\) Rootkit - C\) Ransomware - D\) Spyware 46. **What is the primary objective of \'Differential Cryptanalysis\' in cryptographic attacks?** - A\) To find differences in ciphertexts that reveal the encryption key - B\) To brute force encryption keys - C\) To intercept cryptographic keys during transmission - D\) To perform denial-of-service attacks 47. **Which technique involves analyzing electromagnetic emissions from electronic devices to extract sensitive information?** - A\) Electromagnetic eavesdropping - B\) Side-channel attack - C\) Fault injection - D\) Timing attack 48. **What is the purpose of \'Code Obfuscation\' in software development?** - A\) To make code harder to understand and reverse engineer - B\) To analyze network traffic - C\) To encrypt data and demand a ransom - D\) To perform denial-of-service attacks 49. **Which advanced technique involves modifying the microcode of a hardware device to perform malicious actions?** - A\) Hardware Trojan - B\) Firmware reverse engineering - C\) Side-channel attack - D\) Electromagnetic eavesdropping 50. **What is the primary goal of \'Return-Oriented Programming (ROP)\' in exploitation?** - A\) To execute arbitrary code without injecting new code - B\) To bypass network firewalls - C\) To exploit SQL injection vulnerabilities - D\) To perform denial-of-service attacks
