questions.pdf

Full Transcript

1. What is the main objective of ethical hacking?

 A) To cause harm to the target system

 B) To protect the system by identifying vulnerabilities

 C) To steal confidential data

 D) To destroy the target’s infrastructure

2. Which of the following is NOT a type of hacker?

 A) Black Hat

 B) White Hat

 C) Blue Hat

 D) Red Hat

3. During which phase of ethical hacking does scanning occur?

 A) Reconnaissance

 B) Gaining Access

 C) Maintaining Access

 D) Scanning

4. What is a Zero-Day attack?

 A) An attack performed with no prior scanning

 B) An exploit that targets a previously unknown vulnerability

 C) An attack that takes zero seconds to complete

 D) An attack that erases all data on the system

5. What does a "payload" refer to in hacking terminology?

 A) The malicious code delivered by an exploit

 B) A system's backup process

 C) A protective measure in encryption

 D) The first phase of ethical hacking

6. Which port is commonly used for HTTPS?
  A) 80

 B) 25

 C) 22

 D) 443

7. What type of social engineering attack involves an attacker following someone into a restricted
area?

 A) Phishing

 B) Spear Phishing

 C) Tailgating

 D) Pretexting

8. Which scan method is used to identify live hosts by sending ICMP packets?

 A) SYN Scan

 B) XMAS Scan

 C) Ping Sweep

 D) ACK Scan

9. What is the main goal of a "Dumpster Diving" attack?

 A) To steal network credentials

 B) To intercept wireless traffic

 C) To find sensitive information in discarded documents

 D) To install malware on a target's system

10. In password cracking, which attack involves trying every possible combination of characters?

 A) Dictionary Attack

 B) Phishing

 C) Brute Force Attack

 D) Man-in-the-Middle Attack

11. Which tool is commonly used for port scanning?
  A) Wireshark

 B) Nmap

 C) Metasploit

 D) John the Ripper

12. Which payload in Metasploit helps in creating a remote connection with the target system?

 A) Single Payload

 B) Stager Payload

 C) Nonce Payload

 D) Bash Script

13. Which of the following is NOT a component of Metasploit?

 A) Armitage

 B) Payload

 C) Nmap

 D) Msfconsole

14. What does VPN stand for?

 A) Virtual Public Network

 B) Virtual Private Network

 C) Verified Public Network

 D) Verifiable Protocol Network

15. Which scanning method is designed to bypass firewalls by sending specific TCP flags?

 A) SYN Scan

 B) ACK Scan

 C) FIN Scan

 D) XMAS Scan

16. What is the primary goal of a "Rootkit"?

 A) To gather data packets on a network
  B) To provide unauthorized root-level access to a system

 C) To lock files using encryption

 D) To infect systems with a virus

17. Which of the following is a method of privilege escalation?

 A) SYN Flooding

 B) Vertical Privilege Escalation

 C) Phishing

 D) Spoofing

18. What is the purpose of IP Spoofing?

 A) To encrypt IP packets for secure communication

 B) To mask the source IP address of a malicious packet

 C) To create a fake network interface

 D) To provide access control to a network

19. Which of the following methods is used to detect open ports on a network?

 A) SYN Scan

 B) ARP Spoofing

 C) SQL Injection

 D) Rainbow Table

20. What does "Spear Phishing" target?

 A) Random individuals

 B) A specific organization or group of people

 C) Government institutions only

 D) High-level military personnel

21. What is the goal of maintaining access in the hacking process?

 A) To completely shut down the target system

 B) To retain access to the target system for future use
  C) To disrupt the system's network connection

 D) To scan for additional vulnerabilities

22. Which of the following attacks is an example of a Denial-of-Service (DoS) attack?

 A) SYN Flooding

 B) SQL Injection

 C) XSS

 D) Keylogging

23. What is a countermeasure to prevent password cracking attacks?

 A) Use weak passwords for easy memorization

 B) Encrypt passwords and implement multi-factor authentication

 C) Avoid using passwords altogether

 D) Store passwords in plain text for easy retrieval

24. Which of the following is considered a human-based social engineering technique?

 A) Phishing

 B) Tailgating

 C) XSS

 D) Port Scanning

25. What does the term “IP Spoofing” refer to?

 A) Tracking an IP address of a target system

 B) Modifying packet headers to conceal the source IP

 C) Encrypting IP addresses for secure transmission

 D) Blocking unauthorized IP addresses

26. What is the main purpose of a firewall in network security?

 A) To increase network speed

 B) To prevent unauthorized access to a network

 C) To allow all incoming and outgoing traffic
  D) To serve as a backup system

27. Which of the following is NOT an information security principle?

 A) Confidentiality

 B) Integrity

 C) Availability

 D) Visibility

28. What is the role of a honeypot in cybersecurity?

 A) To attract and trap potential attackers

 B) To encrypt sensitive data

 C) To serve as a firewall backup

 D) To increase bandwidth

29. Which of the following is NOT a type of port scan?

 A) SYN Scan

 B) ACK Scan

 C) IP Scan

 D) XMAS Scan

30. What is the primary advantage of using a VPN?

 A) Increases network bandwidth

 B) Ensures secure and encrypted data transmission

 C) Provides access to additional IP addresses

 D) Speeds up Internet access

31. In which layer of the OSI model does a SYN flood attack occur?

 A) Application Layer

 B) Transport Layer

 C) Network Layer

 D) Physical Layer
32. Which of the following techniques is used to detect the operating system on a remote target?

 A) OS Detection Scan

 B) SYN Flood

 C) SQL Injection

 D) Credential Harvesting

33. What is the purpose of a backdoor in hacking?

 A) To enhance encryption on a system

 B) To allow future access to a compromised system

 C) To improve system performance

 D) To detect and block malware attacks

34. What is the difference between a virus and a worm?

 A) A virus replicates itself, while a worm spreads through email

 B) A worm requires user action to replicate, while a virus spreads automatically

 C) A worm spreads automatically across networks, while a virus requires user interaction

 D) A virus spreads over networks, while a worm infects only local machines

35. What is the role of a proxy server in network security?

 A) It acts as an intermediary between the user and the internet

 B) It encrypts all data sent from the server

 C) It stores passwords securely

 D) It provides an alternate IP address for a secure connection

36. Which social engineering attack involves sending malicious software through mobile apps?

 A) Spear Phishing

 B) Dumpster Diving

 C) SMishing

 D) Shoulder Surfing

37. What is the main characteristic of a phishing attack?
  A) It physically compromises a network

 B) It attempts to steal personal information through deceptive emails

 C) It requires an insider to provide access

 D) It focuses on open ports to gain network access

38. What is the purpose of a SYN Scan?

 A) To prevent system failures

 B) To detect closed ports

 C) To identify open TCP ports on a target system

 D) To disrupt firewall functionality

39. What is the main goal of a SQL Injection attack?

 A) To steal data from a database

 B) To open a reverse shell

 C) To modify server code

 D) To send spam emails

40. What is the purpose of encryption in cybersecurity?

 A) To speed up system performance

 B) To protect data by converting it into a secure format

 C) To reduce network traffic

 D) To scan for vulnerabilities