Ethical Hacking Past Paper PDF Week 1 & 2
Document Details
Indian Institute of Technology, Kharagpur
NPTEL
Tags
Summary
This document is a collection of past paper questions about ethical hacking from week 1 and 2 of a NPTEL course. It includes multiple-choice questions and short answer questions on topics including circuit switched networks, penetration testing models, virtual circuit-based packet transfer, and OSI layers.
Full Transcript
 Course Name: ETHICAL HACKING Assignment- Week 1 =============================================== TYPE OF QUESTION: MCQ/MSQ/SA ---------------------------- QUESTION 1: ----------- a. White box model. b. Black box model. c. Red box Model. d. Gray box model. e. None of...
 Course Name: ETHICAL HACKING Assignment- Week 1 =============================================== TYPE OF QUESTION: MCQ/MSQ/SA ---------------------------- QUESTION 1: ----------- a. White box model. b. Black box model. c. Red box Model. d. Gray box model. e. None of these. Correct Answer: b ----------------- QUESTION 2: ----------- a. A communication link can be shared by more than one connection. b. A communication link is dedicated to a connection and cannot be shared with other connections. c. The packet transfer delay between a pair of nodes may depend on the prevailing network traffic. d. The packet transfer delay between a pair of nodes is more or less constant during the entire period of the connection. e. It is efficient for bursty traffic. Correct Answer: b, d --------------------  QUESTION 3: ----------- Correct Answer: 160 to 170 -------------------------- QUESTION 4: ----------- a. It is a connection-oriented approach, where a route is established priori to transfer of packets. b. In this approach, each packets follows distinct path. c. The intermediate node can perform dynamic routing. d. All the packets reach in order to the destination. e. It is a true packet switched network. Correct Answer: a, d --------------------  QUESTION 5: ----------- a. Session layer b. Transport layer c. Network layer d. Datalink layer e. Physical layer Correct Answer: b ----------------- QUESTION 6: ----------- a. It allows cross-platform communications among heterogeneous networks. b. It is a scalable client-server architecture which allows network modification without disrupting the current services.  c. It can also represent any other protocol stack other than the TCP/IP suite such as Bluetooth connection. d. None of these. Correct Answer: c ----------------- QUESTION 7: ----------- a. It uniquely identifies a network interface of a computer system. b. It uniquely identifies a host in the network. c. It indicates how many hardware ports are there in the computer system. d. None of these. Correct Answer: b ----------------- QUESTION 8: ----------- Correct Answer: b -----------------  QUESTION 9: ----------- Correct Answer: 2050 -------------------- QUESTION 10: ------------ Correct Answer: 6 -----------------  Course Name: ETHICAL HACKING Assignment- Week 2 =============================================== TYPE OF QUESTION: MCQ/MSQ/SA ---------------------------- QUESTION 1: ----------- a. It is a process that divides packets into smaller fragments. b. Fragmentation is required due to intermediate networks with smaller maximum transmission unit (MTU). c. Each fragmented packet is considered as separate IP packet. d. IP fragmentation is typically done by layer-2 switches. e. None of these. Correct Answer: d ----------------- QUESTION 2: ----------- i. In transparent fragmentation, all fragmented packets are reassembled by an exit router. ii. In non-transparent fragmentation, all fragmented packets reassembled by host. a. Only (i) is true. b. Only (ii) is true. c. Both (i) and (ii) are true. d. Both (i) and (ii) are false. Correct Answer: c -----------------  QUESTION 3: ----------- a. Fragment offset. b. Flags. c. Header checksum. d. HLEN. e. Identification. Correct Answer: a, b, e ----------------------- QUESTION 4: ----------- Correct Answer: 28 ------------------ QUESTION 5: -----------  Correct Answer: 976 to 1000 --------------------------- QUESTION 6: ----------- a. Each host connected to the Internet is defined by an IP address. b. IP address consist of two parts: network number and host number. c. When a packet is routed to the destination network, only the host number is used. d. Class A address can have a maximum of 16,777,214 networks. e. None of these. Correct Answer: a, b -------------------- QUESTION 7: ----------- a. Process to process communication. b. Stream delivery service. c. Connection-oriented service. d. Unreliable service. e. Full duplex communication. f. None of these. Correct Answer: d -----------------  QUESTION 8: ----------- a. SYN=1 and ACK=1 represents a connection request message. b. SYN=1 and ACK=0 represents a connection confirmation message. c. RST bit is used to reject connection request. d. PUSH bit is used to indicate end of a message e. None of these. Correct Answer: a, b -------------------- QUESTION 9: ----------- Correct Answer: b -----------------  QUESTION 10: ------------ Correct Answer: c ----------------- 144.16.192.16 = 10010000 00010000 11000000 00010000 --------------------------------------------------- 144.16.192.31 = 10010000 00010000 11000000 00011111 ---------------------------------------------------  Course Name: ETHICAL HACKING Assignment- Week 3 =============================================== TYPE OF QUESTION: MCQ/MSQ/SA ---------------------------- QUESTION 1: ----------- a. IP protocol uses connection-oriented routing. b. IP protocol uses connection-less routing. c. IP protocol is a host-to-host layer. d. In connection-less routing, each packet is treated as an independent packet. e. None of these. Correct Answer: b, d -------------------- QUESTION 2: ----------- a. Direct delivery occurs when the destination host and deliverer are not present on same network. b. Indirect delivery occurs when the destination host and deliverer are present on same network. c. In direct delivery, hosts of same network can exchange packets without interference of router. d. In direct delivery, an incoming packet to the router is forwarded to the destination host present in the network. e. In an indirect delivery, the packet goes from router to router until it reaches the one connected to the same physical network as its final destination. f. None of these. Correct Answer: a, b --------------------  QUESTION 3: ----------- a. U b. G c. H d. D e. M Correct Answer: c ----------------- QUESTION 4: ----------- a. Autonomous systems are set of routers and networks managed by a single organization. b. In exterior routing protocol, all the participating routers are present in the same autonomous system. c. In interior routing protocol, the participating routers can be present in different autonomous systems. d. None of these. Correct Answer: b, c --------------------  QUESTION 5: ----------- a. Link State Request. b. Link Request Update. c. Link State Acknowledgement. d. Using TCP 3-way handshake protocol. e. None of these. Correct Answer: e ----------------- QUESTION 6: ----------- a. Unicast address. b. Broadcast address. c. Anycast address. d. None of these. Correct Answer: b -----------------  QUESTION 7: ----------- Correct Answer: d ----------------- QUESTION 8: ----------- a. Encapsulation b. Tunneling c. Decapsulation d. None of these Correct Answer: b ----------------- QUESTION 9: -----------  Correct Answer: 40 ------------------ QUESTION 10: ------------ **Destination** **Subnet Mask** **Interface** ----------------- ----------------- --------------- 144.25.0.0 255.255.0.0 Eth0 144.25.96.0 255.255.96.0 Eth1 144.25.64.0 255.255.192.0 Eth2 144.25.112.0 255.255.240.0 Eth3 Default 0.0.0.0 Def a. Eth0 b. Eth1 c. Eth2 d. Eth3 e. Def Correct Answer: d Detail Solution: ----------------------------------   Ethical Hacking Assignment- Week 4 ================================== TYPE OF QUESTION: MCQ/MSQ ------------------------- QUESTION 1: ----------- a. Hypervisor allows one host system to support multiple virtual machines by sharing the resources. b. Hypervisor allows one host system to support multiple virtual machines; however, it does not allow resource sharing. c. Kali-linux is a Debian-based Linux distribution that has collection of tools that are useful for penetration testing. d. Kali-linux is a hack-proof secured operating system. e. None of these. Correct Answer: b, d -------------------- QUESTION 2: ----------- a. Information about the target is collected indirectly. b. Information about the target is collected directly. c. There is a chance of detection in active reconnaissance. d. There is no chance of detection in active reconnaissance. Correct Answer: b, c --------------------  QUESTION 3: ----------- a. Whois b. YouTube c. Archive.org d. Netcraft e. Hydra Correct Answer: b, e -------------------- QUESTION 4: ----------- a. Registration details. b. Name servers. c. IP address. d. History of the website. e. None of these. Correct Answer: d -----------------  QUESTION 5: ----------- a. inurl b. intitle c. site d. exclude e. double quote ("") f. filetype Correct Answer: a ----------------- QUESTION 6: ----------- a. Usernames b. Computer names c. Operating system d. Open ports e. IP address of system f. Size of the network Correct Answer: a, b, e, f -------------------------- QUESTION 7: -----------  a. In ICMP sweep, the attacker sends out an ICMP ECHO request packet to the target, and waits for an ICMP ECHO reply response. b. In Non-Echo ICMP sweep, the attacker sends out an ICMP ECHO request packet to the target, and waits for an ICMP ECHO reply response. c. In ICMP sweep, if the attacker does not receive an ICMP ECHO reply then the host is considered as down. d. In ICMP sweep, if the attacker does not receive an ICMP ECHO reply then the host is considered as live. e. In Non-Echo ICMP sweep, if the attacker dose not receive an ICMP ECHO reply then the host is considered as down. Correct Answer: a, c -------------------- QUESTION 8: ----------- a. PE, PP b. PE, PM c. PS, PA d. PS, PU e. PA, PU Correct Answer: d, e -------------------- QUESTION 9: ----------- a. Information about the operating system running on the target system. b. The services running on the target system. c. The IP address of the target system.  d. None of these. Correct Answer: b ----------------- QUESTION 10: ------------ a. RST b. ACK c. SYN-ACK d. SYN e. RST/ACK Correct Answer: e Detailed Solution: ------------------------------------ QUESTION 11: ------------ a. sn, PE b. Pn, sP c. O, -sV d. sT, PP e. None of these. Correct Answer: c -----------------  QUESTION 12: ------------ Correct Answer: 100 ------------------- QUESTION 13: ------------ a. --F b. -p20 Correct Answer: a, b, c, e -------------------------- QUESTION 14: ------------ a. -F b. -p- c. -Pn d. -sn e. We cannot disable host discovery.  QUESTION 15: ------------ a. Do not release critical info in public. b. Encrypt password and sensitive information. c. Restrict zone transfer. d. Examine logs periodically. e. Use firewalls. f. All of these.  Course Name: ETHICAL HACKING Assignment- Week 5 =============================================== TYPE OF QUESTION: MCQ/MSQ/SA ---------------------------- QUESTION 1: ----------- a. -A b. -sC c. -pn d. -PE e. --sL  QUESTION 3: ----------- a. ssh-brute b. smb-os-discovery c. smb-brute d. http-slowloris-check e. None of these. QUESTION 4: -----------  QUESTION 6: ----------- a. Shoulder Surfing b. Social Engineering c. Dictionary Attack d. Brute-Force attack e. Rule Based Attack f. None of these. QUESTION 7: ----------- a. Hydra  b. Crunch c. Nessus d. None of these. QUESTION 8: ----------- a. Enumeration refers to collecting details of users and their privileges. b. User enumeration refers to collecting username and passwords. c. NMAP does not have any script for user enumeration. d. Hydra and crunch tool can be used for user enumeration. QUESTION 9: ----------- a. Vertical privilege escalation. b. Horizontal privilege escalation. c. Diagonal privilege escalation. d. Triangular privilege escalation. e. None of these.  QUESTION 10: ------------ a. Run user level application on least privileges. b. Keep the software updated. c. Regularly perform vulnerability scan. d. Institute a strong password policy. e. Avoid downloading files from untrusted/malicious websites. f. Ignore unknown mails. QUESTION 11: ------------ a. Malware are malicious software that damages or disables computer systems and gives limited or full control to the malware creator for the purpose of theft or fraud. b. Malware can get inside systems through file sharing or fake programs. c. Malware cannot replicate itself. d. Malwares can alter, corrupt, modify or delete some data/files. e. None of these. QUESTION 12: ------------  a. Use of firewall b. Avoid downloading files from untrusted/malicious websites c. Use of antivirus tools d. Keep computer and software updated. e. Ignoring unknown mails f. All of these QUESTION 13: ------------ a. Sniffing is a process of monitoring and capturing all data packets passing through a given network. b. The HTTPS packets are vulnerable to sniffing attack. c. In passive sniffing ARP packets are used to flood the switch's CAM table. d. None of these. QUESTION 14: ------------ a. arp -l b. arp -s c. arp -i d. arp --e e. None of these  QUESTION 15: ------------ a. ARP spoofing involve construction of large number of forged ARP request/reply packets. b. Using fake ARP messages, an attacker can divert all communications between two machines so that all traffic is exchanged via his/her PC. c. In MAC attack, CAM table are flooded with fake MAC address and IP pairs. d. MAC attack cannot change the behavior of the switch. e. MAC attack can fill the CAM table of adjacent switches. f. None of these.  Course Name: ETHICAL HACKING Assignment- Week 6 =============================================== TYPE OF QUESTION: MCQ/MSQ/SA ---------------------------- QUESTION 1: ----------- a. In this attack, an attacker passively captures a transaction and its reply. b. In this attack, some portion of message is altered on its way. c. In this attack, an attacker prevents access of resource to its legitimate users. d. In this attack, the attacker pretends as a legitimate entity. e. In this attack, the attacker analyzes the network traffic. Correct Answer: d ----------------- QUESTION 2: ----------- a. In private key encryption, separate keys are used by sender and receiver. b. In private key encryption, a single key is used by sender and receiver. c. In public key encryption, separate keys are used by sender and receiver. d. In public key encryption, a single key is used by sender and receiver. Correct Answer: b, c --------------------  QUESTION 3: ----------- i. In symmetric key cryptography, the security depends on secrecy of the key. ii. In symmetric key cryptography, the security depends on encryption/decryption algorithm. a. Only (i) is true b. Only (ii) is true c. Both (i) and (ii) are true. d. Both (i) and (ii) are false. Correct Answer: a ----------------- QUESTION 4: ----------- a. 25 and 50 b. 50 and 50 c. 100 and 50 d. 300 and 25 e. 300 and 50  Correct Answer: e ----------------- QUESTION 5: ----------- a. HAPPY YEAR b. HAPPU YAER c. HAPPY YEAR d. None of this Correct Answer: b ----------------- QUESTION 6: ----------- Correct Answer: 64 ------------------ QUESTION 7: -----------  a. 64 bit b. 128 bit c. 192 bit d. 256 bit e. 512 bit Correct Answer: b, c, d ----------------------- QUESTION 8: ----------- a. Receiver's public key b. Receiver's private key c. Sender's public key d. Sender's private key QUESTION 9: ----------- a. The security of RSA algorithm is dependent on prime factorization problem. b. RSA algorithm is vulnerable to man-in-the middle attack. c. Diffie-Hellman approach can be used for encryption/decryption of message. d. Symmetric encryption approaches are faster than asymmetric encryption. e. None of these.  Correct Answer: a, d -------------------- QUESTION 10: ------------ a. Conventional encryption approach such as private key. b. MD4 c. SHA-256 d. SHA-0 e. RIPEMD-128 Correct Answer: d -----------------  Course Name: ETHICAL HACKING Assignment- Week 7 =============================================== TYPE OF QUESTION: MCQ/MSQ/SA ---------------------------- QUESTION 1: ----------- a. h1 and h2 are equal, but m1 and m2 are unequal. b. m1 and m2 are equal, but h1 and h2 are unequal. c. None of these. Correct Answer: b ----------------- QUESTION 2: ----------- a. More than one different message can generate the same hash value. b. After encryption, the ciphertexts corresponding to two or more plaintexts are the same. c. The hash function generates the all zero string as the hash value. d. None of these. Correct Answer: a -----------------  QUESTION 3: ----------- a. The number of bits in H is much larger than the number of bits in M. b. The number of bits in H and M are almost equal. c. The number of bits in M is much larger than the number of bits in H. d. None of these. Correct Answer: c ----------------- QUESTION 4: ----------- a. It is difficult to find a message M such that HASH(M) = H, except for a few hash values H. b. Given a message M1, it is difficult to find another message M2 such that HASH(M1) = HASH(M2). c. It is difficult to find two messages M1 and M2 such that HASH(M1) and HASH(M2) and unequal. d. None of these. Correct Answer: b, c -------------------- QUESTION 5: ----------- a. Hashing realizes a one-to-one mapping.  b. Encryption realizes a one-to-one mapping. c. Hashing realizes a many-to-one mapping. d. Encryption realizes a many-to-one mapping. Correct Answer: b, c -------------------- QUESTION 6: ----------- a. MD5 b. Triple-DES c. SHA-1 d. AES Correct Answer: a, c -------------------- QUESTION 7: ----------- a. Computing a hash function is faster than computing symmetric-key encryption. b. Computing public-key encryption is slower than computing symmetric-key encryption. c. Computing public-key encryption is slower than computing hash function. d. Both public-key and symmetric-key encryption take approximately the same time. Correct Answer: a, b, c -----------------------  QUESTION 8: ----------- a. 64 bits, 56 bits b. 56 bits, 64 bits c. 64 bits, 64 bits d. 64 bits, 128 bits Correct Answer: a ----------------- QUESTION 9: ----------- a. Cryptographic hash function. b. Symmetric-key encryption. c. Biometric authentication. d. All of these Correct Answer: a ----------------- QUESTION 10: ------------ a. High-speed data transmission b. Data authentication c. Non repudiation d. None of these   Course Name: ETHICAL HACKING Assignment- Week 8 =============================================== TYPE OF QUESTION: MCQ/MSQ/SA ---------------------------- QUESTION 1: ----------- a. Hiding some text information within an image file. b. Hiding some text information within an audio clip. c. Hiding some secret information within an executable file. d. Encrypting an image file so that only the intended recipient can view it. Correct Answer: a, b, c ----------------------- QUESTION 2: ----------- a. Encrypting some information such that it will not be legible to an unauthorized person. b. A low-cost alternative to encryption and decryption. c. Secure way of communicating without sharing any key. d. None of these. Correct Answer: d ----------------- QUESTION 3: -----------  a. Biometrics that relate to human behavior. b. Biometrics that relate to human body. c. Biometrics that rely on the use of a powerful computer system. d. None of these Correct Answer: a ----------------- QUESTION 4: ----------- a. 100 Kbits b. 500 Kbits c. 1 Mbits d. None of these. Correct Answer: c ----------------- QUESTION 5: ----------- a. An attack on a system whereby stored files get modified or deleted. b. An attack that destroys users information from a system. c. An attack that destroys the stored password information in a system. d. None of these. Correct Answer: d -----------------  QUESTION 6: ----------- a. SYN flooding attack. b. Smurf denial-of-service attack. c. DNS spoofing attack. d. None of these. Correct Answer: b ----------------- QUESTION 7: ----------- a. SYN flooding attack. b. DNS spoofing attack. c. Smurf DoS attack. d. None of these. Correct Answer: a -----------------  QUESTION 8: ----------- a. A Botnet refers to a host connected to the Internet that is under control of the attacker. b. A Botnet host runs a number of bots that are repetitive code segments with some malicious intent. c. It relies on IP spoofing to mount attacks. d. All of these. Correct Answer: a, b -------------------- QUESTION 9: ----------- a. A host may have to send multiple DNS requests to several DNS servers. b. A host sends a single DNS request to its next higher-level DNS server. c. Name resolution happens iteratively within the host itself without sending any DNS request messages. d. None of these.  QUESTION 10: ------------ a. Packet Group Protocol b. Port Group Protocol c. Pretty Good Privacy d. All of these. Correct Answer: c -----------------  Course Name: ETHICAL HACKING Assignment Solution- Week 9 ======================================================== TYPE OF QUESTION: MCQ/MSQ/SA ---------------------------- [QUESTION 1:] ------------------------- a. It is a process of analyzing network activity by capturing network traffic. b. It is a process of finding the vulnerability in a network. c. It is a process used for user enumeration. d. None of these. Correct Answer: a ----------------- [QUESTION 2 :] -------------------------- i. Burp suite is a popular tool used for sniffing. ii. Using Burp suite we can perform password attack on web applications. a. Only (i) is true. b. Only (ii) is true. c. Both (i) and (ii) are true. d. Both (i) and (ii) are false. Correct Answer: c -----------------  [QUESTION 3:] ------------------------- a. It is used to mount password attack. b. It is used for manipulating and reissuing packets and to analyze their response. c. It is used for creating dictionary. d. None of these. Correct Answer: b ----------------- [QUESTION 4:] ------------------------- a. Restrict physical access to the network media. b. Permanently add the MAC address of gateway to ARP cache. c. Use encryption to protect confidential information. d. Use dynamic IP address and ARP entries. e. None of these. Correct Answer: d ----------------- a. Restrict the physical access to the network media to ensure that a packet sniffer cannot be installed; (b) Use encryption to protect confidential information; (c) Permanently add the MAC address of the gateway to the ARP cache; (d) Use static IP addresses and static ARP tables to prevent attackers from adding spoofed ARP entries for their machines to the network; (e) Turn off network identification broadcasts, and if possible, restrict the network to authorized users in order to protect the network from being discovered with sniffing tools; (f) Use the IPv6 instead of the IPv4 protocol; (g) Use encrypted sessions such as Secure Shell (ssh) instead of Telnet; (h) Use Secure Copy (scp) instead of a file transfer protocol (ftp); (i) Use Secure Socket Layer (SSL) for email connections.  [QUESTION 5:] ------------------------- a. Impersonation b. Piggybacking c. Shoulder surfing d. Pop-up windows e. Chain letters f. phishing Correct Answer: a, b, c ----------------------- [QUESTION 6:] ------------------------- a. Dnsenum b. Hydra c. Crunch d. SEToolkit e. Arpspoof Correct Answer: d -----------------  [QUESTION 7:] ------------------------- a. HTTP b. Telnet c. SSH d. SSL Correct Answer: c, d -------------------- [QUESTION 8:] ------------------------- a. Replicate servers to provide additional failsafe protection. b. Increase bandwidth on critical connections. c. Secure the infrastructure using approaches such as anti-spam, content filtering, anti-trojan, firewalls, and load balancing. d. Shut down all services until the attack has subsided. e. None of this. Correct Answer: a, b, c, d -------------------------- [QUESTION 9:] ------------------------- a. Hping3 tool b. "http-slowloris" nmap script c. LOIC tool d. Hydra and Crunch.  Correct Answer: d ----------------- [QUESTION 10:] -------------------------- Correct Answer: b -----------------  Course Name: ETHICAL HACKING Assignment- Week 10 ================================================ TYPE OF QUESTION: MCQ/MSQ/SA ---------------------------- QUESTION 1: ----------- a. It is an invasive type of attack. b. It is a non-invasive type of attack. c. The attacker has information about the implementation details. d. It relies on weakness of implementation Correct Answer: b ----------------- QUESTION 2: ----------- a. We obfuscate data in registers and buses. b. We add preventive measures against side-channel attacks. c. We provide authentication using physical unclonable functions. d. We use a very secure cryptographic algorithm. Correct Answer: a, b, c -----------------------  QUESTION 3: ----------- a. They exploit some weakness in the algorithm. b. They exploit some weakness in the implementation of the algorithm. c. They require physical access to the device. d. They only require the set of inputs/outputs to the algorithm. Correct Answer: b, c -------------------- QUESTION 4: ----------- a. Electromagnetic emissions. b. Time taken to execute an algorithm. c. The time and space complexities of an algorithm. d. Power consumed during computation. e. All of these. Correct Answer: a, b, d ----------------------- QUESTION 5: ----------- a. 4 and 4. b. 4 and 2.  c. 3 and 2. d. 3 and 1. e. None of these. Correct Answer: e ----------------- QUESTION 6: ----------- a. It measures variation in power consumption during a computation. b. It attacks the power supply and feeds power to the circuit. c. It relies on the use of a hardware Trojan in the circuit. d. All of these. Correct Answer: a ----------------- QUESTION 7: ----------- a. The computation times in the different branches of conditional statements must be unequal. b. The computation times in the different branches of conditional statements must be the same. c. We can use a random noise generator in the circuit. d. We obfuscate the scan chains in the circuit. Correct Answer: b, c --------------------  QUESTION 8: ----------- a. Perfect Universal Function b. Physically Unclonable Function c. Polynomially Unclonable Function d. None of these. Correct Answer: b ----------------- QUESTION 9: ----------- a. It incurs small hardware overhead. b. It is stealthy and usually difficult to detect. c. It relies on a number of malicious nodes to mount attacks. d. It is used to reduce power consumption. QUESTION 10: ------------ a. Use a structured programming language for implementation.  b. Mask the data representation. c. Introduce redundant computations as required. d. All of these. Correct Answer: b, c --------------------  Course Name: ETHICAL HACKING Assignment Solution- Week 11 ========================================================= TYPE OF QUESTION: MCQ/MSQ/SA ---------------------------- [QUESTION 1:] ------------------------- a. Exploit b. Payload c. Auxiliary d. Encoder e. msfvenum Correct Answer: b ----------------- [QUESTION 2:] ------------------------- a. msfconsole b. msfvenum c. Metasploit d. None of these. Correct Answer: a -----------------  [QUESTION 3:] ------------------------- a. Show targets b. Set payloads c. Set targets d. Show payloads e. None of these. Correct Answer: a ----------------- [QUESTION 4:] ------------------------- a. True b. False Correct Answer: a ----------------- [QUESTION 5:] ------------------------- a. getsystem b. hashdump c. getuser d. msfvenum  Correct Answer: b ----------------- [QUESTION 6:] ------------------------- a. Denial-of-Services b. Cross-Site-Scripting c. SQL Injection d. Session Hijacking e. None of these. Correct Answer: a, b, c, d -------------------------- [QUESTION 7:] ------------------------- a. Dirb b. SQL MAP c. Hydra d. Crunch e. None of these Correct Answer: a -----------------  [QUESTION 8:] ------------------------- a. It will print error message for incorrect user input. b. It will not print anything for incorrect user input. Correct Answer: a ----------------- [QUESTION 9:] ------------------------- a. \- - users b. \- - passwords c. \- - user-pass d. \- - user-privileges Correct Answer: b ----------------- [QUESTION 10:] -------------------------- i. It is stored in the database of web application. ii. It affects only a single client of the web application. a. Only (i) is true b. Only (ii) is true.  c. Both (i) and (ii) are true. d. Both (i) and (ii) are false. Correct Answer: a -----------------  Course Name: ETHICAL HACKING Assignment- Week 12 ================================================ TYPE OF QUESTION: MCQ/MSQ/SA ---------------------------- QUESTION 1: ----------- a. We can determine which host are alive. b. We can determine the services running on any target system. c. We can determine the OS of the target systems. d. We can create a dictionary. e. We can identify the vulnerabilities of the target system. Correct Answer: a, b, c, e -------------------------- QUESTION 2: ----------- a. Target is alive/up. b. Target is down. Correct Answer: a ----------------- QUESTION 3: -----------  a. --PE b. --PP c. --PM d. None of these. Correct Answer: d ----------------- QUESTION 4: ----------- a. ICMP Echo b. ICMP Non-Echo c. TCP Sweep d. UDP Sweep Correct Answer: a, b, c ----------------------- QUESTION 5: ----------- Correct Answer: 11 ------------------ QUESTION 6: -----------  a. --sL b. --sP c. --PO d. --sU e. --Pn Correct Answer: e ----------------- QUESTION 7: ----------- Correct Answer: a ----------------- QUESTION 8: ----------- Correct Answer: 1000 -------------------- QUESTION 9: -----------  a. True. b. False Correct Answer: a ----------------- QUESTION 10: ------------ a. --PE b. --PP c. --sV d. --O Correct Answer: c, d -------------------- \*\*\*\*\*\*\*\*END\*\*\*\*\*\*\* ---------------------------------
