










































































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
This practice exam includes advanced questions on ethical hacking methodologies, reconnaissance, vulnerability analysis, scanning, exploitation techniques, web app hacking, wireless attacks, malware, cloud security, and cryptography. Learners solve real penetration testing scenarios and master cybersecurity tools used by ethical hackers.
Typology: Exams
1 / 82
This page cannot be seen from the preview
Don't miss anything!











































































Question 1. Which component of the CIA triad ensures that sensitive data is protected from unauthorized disclosure? A) Confidentiality B) Integrity C) Availability D) Authenticity Answer: A Explanation: Confidentiality is the principle that ensures sensitive information is only accessible to authorized users and not exposed to unauthorized parties. Question 2. What is the primary goal of integrity in information security? A) Preventing unauthorized access B) Ensuring data accuracy and consistency C) Allowing data availability D) Encrypting all data Answer: B Explanation: Integrity focuses on maintaining the accuracy and consistency of data throughout its lifecycle, preventing unauthorized modifications. Question 3. Which security control involves personnel policies, procedures, and training? A) Physical control B) Administrative control C) Technical control D) Logical control Answer: B Explanation: Administrative controls are implemented through policies, procedures, and training to manage the human aspect of security.
Question 4. Which term describes the potential for harm resulting from exploiting a vulnerability? A) Risk B) Threat C) Asset D) Control Answer: A Explanation: Risk refers to the likelihood and impact of a threat exploiting a vulnerability, potentially causing harm to an asset. Question 5. In ethical hacking, which phase involves gathering information about the target using public sources? A) Scanning B) Reconnaissance C) Gaining Access D) Covering Tracks Answer: B Explanation: Reconnaissance is the phase where an attacker collects information from public sources to prepare for further attacks. Question 6. What is a zero-day attack? A) An attack that is detected by antivirus software B) An attack exploiting a vulnerability unknown to the vendor C) An attack that occurs after a patch is released D) An attack using outdated malware Answer: B
Answer: B Explanation: HIPAA governs the privacy and security of personal health information in the US. Question 10. What does GDPR stand for? A) General Data Protection Regulation B) Global Data Privacy Regulation C) Government Data Privacy Rule D) General Digital Protection Requirement Answer: A Explanation: GDPR is the General Data Protection Regulation, a European law protecting the privacy of individuals’ personal data. Question 11. Which type of hacker is authorized to test the security of systems? A) Black Hat B) White Hat C) Gray Hat D) Suicide Hacker Answer: B Explanation: White Hat hackers are ethical professionals authorized to test and improve system security. Question 12. What is the primary objective of passive reconnaissance? A) Directly contacting the target system B) Collecting information without interacting with the target C) Launching malware attacks D) Modifying system files
Answer: B Explanation: Passive reconnaissance gathers information without direct interaction, reducing the risk of detection. Question 13. Which tool is commonly used for DNS zone transfer? A) Nmap B) dig C) Wireshark D) John the Ripper Answer: B Explanation: The dig command is widely used to perform DNS queries, including zone transfers. Question 14. What is Google Dorking? A) Using malware to find vulnerabilities B) Advanced search queries to find sensitive information C) Sniffing network traffic D) Cracking passwords Answer: B Explanation: Google Dorking uses advanced search operators to discover sensitive data exposed on the web. Question 15. What is the main purpose of using Whois lookup? A) Discovering open ports B) Retrieving domain ownership information C) Cracking passwords D) Analyzing malware
D) Encrypting data Answer: B Explanation: Banner grabbing collects information from service banners to identify OS and software versions. Question 19. Which technique can evade intrusion detection systems by splitting malicious payloads into smaller packets? A) Spoofing B) Fragmentation C) Tunneling D) Replay attack Answer: B Explanation: Fragmentation divides payloads into smaller pieces to bypass IDS signature detection. Question 20. What does SNMP enumeration allow attackers to discover? A) Password hashes B) Network device information C) Encrypted files D) Session cookies Answer: B Explanation: SNMP enumeration provides access to device details like names, configurations, and status. Question 21. Which network protocol is commonly used for time synchronization and can be enumerated for vulnerabilities? A) SMTP B) NTP
Answer: B Explanation: NTP (Network Time Protocol) is used for time synchronization and can be targeted during enumeration. Question 22. What is the main purpose of Nessus in ethical hacking? A) Password cracking B) Vulnerability scanning C) Traffic sniffing D) Social engineering Answer: B Explanation: Nessus is a popular vulnerability scanner that identifies weaknesses in systems and networks. Question 23. What is the function of Wireshark? A) Scanning open ports B) Capturing and analyzing network packets C) Cracking passwords D) Deploying Trojans Answer: B Explanation: Wireshark is a network protocol analyzer used to capture and inspect traffic on a network. Question 24. What is CVE in vulnerability analysis? A) Common Vulnerabilities and Exposures B) Computer Virus Execution
B) Brute-force attack C) Phishing D) Replay attack Answer: B Explanation: Brute-force attacks attempt all possible combinations to crack passwords. Question 28. What tool is commonly used for password cracking using GPU acceleration? A) Hashcat B) Nmap C) Nessus D) Wireshark Answer: A Explanation: Hashcat is a powerful password-cracking tool leveraging GPU acceleration. Question 29. What is buffer overflow exploitation? A) Overwriting buffer boundaries to execute arbitrary code B) Encrypting data with a buffer C) Sniffing network traffic D) Cracking passwords Answer: A Explanation: Buffer overflow exploits occur when attackers overwrite memory boundaries, potentially executing malicious code. Question 30. Why do attackers deploy rootkits? A) To maintain persistent, hidden access to a system
B) To scan open ports C) To encrypt files D) To crack passwords Answer: A Explanation: Rootkits allow attackers to maintain stealthy, persistent access by hiding their presence. Question 31. Which method is used for covering tracks in system hacking? A) Clearing logs B) Banner grabbing C) DNS enumeration D) Brute-force attack Answer: A Explanation: Attackers clear logs to remove evidence of their activities and avoid detection. Question 32. What type of malware is designed to self-replicate and spread without user interaction? A) Trojan B) Worm C) Spyware D) Adware Answer: B Explanation: Worms self-replicate and spread across networks without needing user intervention. Question 33. What distinguishes ransomware from other malware types? A) Encrypts victim's data and demands payment B) Records keystrokes
B) Dynamic analysis C) Passive reconnaissance D) Banner grabbing Answer: B Explanation: Dynamic analysis executes malware in a sandbox to monitor its behavior and actions. Question 37. What is the primary defense against malware threats? A) Anti-malware software B) Social engineering C) Reconnaissance D) DNS zone transfer Answer: A Explanation: Anti-malware software is designed to detect, quarantine, and remove malicious threats from systems. Question 38. What is MAC flooding in network sniffing? A) Overloading a switch's MAC address table B) Poisoning ARP cache C) Manipulating DNS records D) Cracking passwords Answer: A Explanation: MAC flooding overwhelms a switch’s MAC table, causing it to broadcast traffic to all ports. Question 39. Which attack manipulates ARP cache to redirect traffic on a switched network? A) ARP poisoning
B) SYN flooding C) DNS spoofing D) Brute-force attack Answer: A Explanation: ARP poisoning corrupts the ARP cache, allowing attackers to intercept or redirect traffic. Question 40. What is the main purpose of DNS poisoning? A) Redirecting users to malicious sites B) Encrypting DNS queries C) Sniffing MAC addresses D) Blocking network traffic Answer: A Explanation: DNS poisoning alters DNS records to redirect legitimate traffic to malicious destinations. Question 41. Which tool is most commonly used for network packet sniffing? A) Wireshark B) Nessus C) Nmap D) John the Ripper Answer: A Explanation: Wireshark captures and analyzes network packets to help identify suspicious activity. Question 42. What is the main countermeasure against ARP spoofing attacks? A) Enabling port security B) Performing DNS zone transfers
C) Whaling D) Quid Pro Quo Answer: A Explanation: Baiting lures users with attractive offers to trick them into downloading malware or revealing information. Question 46. What is the main defense against social engineering attacks? A) Security awareness training B) Using Wireshark C) Buffer overflow exploitation D) DNS enumeration Answer: A Explanation: Training employees to recognize and respond to social engineering tactics is the most effective defense. Question 47. What is a DoS attack? A) Denial-of-Service, making resources unavailable to users B) Data Overwrite Service C) Domain Obfuscation Scan D) Device Output Signal Answer: A Explanation: DoS attacks overwhelm resources, making services unavailable to legitimate users. Question 48. How does a DDoS attack differ from a DoS attack? A) Uses multiple systems to launch the attack B) Encrypts traffic
C) Only targets DNS servers D) Uses phishing emails Answer: A Explanation: DDoS attacks use a distributed network of systems (botnet) to flood a target. Question 49. What is the purpose of a botnet in a DDoS attack? A) Coordinating multiple devices to generate attack traffic B) Encrypting all data C) Stealing passwords D) Scanning open ports Answer: A Explanation: Botnets are networks of compromised devices used to amplify DDoS attack traffic. Question 50. Which attack floods a server with TCP SYN packets, exhausting resources? A) SYN Flood B) UDP Flood C) ICMP Flood D) DNS Poisoning Answer: A Explanation: SYN Flood attacks send numerous SYN packets, exhausting server resources and denying service. Question 51. What is DrDoS? A) Distributed Reflection Denial-of-Service B) Domain Routing Denial-of-Service
C) TCP hijacking D) ARP poisoning Answer: A Explanation: Session fixation sets a known session ID before a user logs in, allowing attackers to hijack the session. Question 55. What is TCP/IP hijacking? A) Manipulating TCP/IP packets to take over a network session B) Cracking passwords C) Encrypting file systems D) Installing rootkits Answer: A Explanation: TCP/IP hijacking involves intercepting and manipulating TCP/IP packets to hijack a session. Question 56. Which countermeasure helps prevent session hijacking? A) Strong session management and encryption B) DNS zone transfer C) Brute-force attacks D) MAC flooding Answer: A Explanation: Secure session management and encryption protect against session hijacking and related attacks. Question 57. What is the purpose of IDS/IPS fragmentation evasion? A) Bypassing signature and anomaly detection B) Increasing network throughput
C) Cracking passwords D) Encrypting traffic Answer: A Explanation: Fragmentation evasion splits malicious payloads to avoid detection by IDS/IPS systems. Question 58. How can attackers evade firewalls? A) Using port tunneling and exploiting rule misconfigurations B) Installing anti-malware software C) Scanning open ports D) Deploying rootkits Answer: A Explanation: Attackers evade firewalls by tunneling traffic through allowed ports or exploiting misconfigured rules. Question 59. What is the purpose of a honeypot? A) Attracting and analyzing attacker behavior B) Cracking passwords C) Encrypting data D) Installing Trojans Answer: A Explanation: Honeypots are decoy systems designed to attract attackers and study their techniques. Question 60. Which cryptographic algorithm is symmetric? A) AES B) RSA