Ethical Hacking Essentials Complete Practice Test, Exams of Advanced Education

Ethical Hacking Essentials Complete Practice Test

Typology: Exams

2025/2026

Available from 01/30/2026

tizian-mwangi
tizian-mwangi 🇺🇸

4.1

(8)

29K documents

1 / 116

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
1 / 116
Ethical Hacking Essentials Complete Practice
Test
1.
The assurance that the systems responsible for delivering, storing, and
pro- cessing information are accessible when required by authorized users
is re- ferred to by which of the following elements of information security?:
Available
2.
Identify the element of information security that refers to the quality of
being genuine or uncorrupted as a characteristic of any communication,
documents,
or any data.: Authenticity
3. Mark, a professional hacker, targets his opponent's website. He finds
suscep- tible user inputs, injects malicious SQL code into the database,
and tampers with critical information.
Which of the following types of attack did Mark perform in the above
scenario?-
:
Active
Attack
4. Ruby, a hacker, visited her target company disguised as an aspiring
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40
pf41
pf42
pf43
pf44
pf45
pf46
pf47
pf48
pf49
pf4a
pf4b
pf4c
pf4d
pf4e
pf4f
pf50
pf51
pf52
pf53
pf54
pf55
pf56
pf57
pf58
pf59
pf5a
pf5b
pf5c
pf5d
pf5e
pf5f
pf60
pf61
pf62
pf63
pf64

Partial preview of the text

Download Ethical Hacking Essentials Complete Practice Test and more Exams Advanced Education in PDF only on Docsity!

1 / 116

Ethical Hacking Essentials Complete Practice

Test

  1. The assurance that the systems responsible for delivering, storing, and pro- cessing information are accessible when required by authorized users is re- ferred to by which of the following elements of information security?: Available
  2. Identify the element of information security that refers to the quality of being genuine or uncorrupted as a characteristic of any communication, documents, or any data.: Authenticity
  3. Mark, a professional hacker, targets his opponent's website. He finds suscep- tible user inputs, injects malicious SQL code into the database, and tampers with critical information. Which of the following types of attack did Mark perform in the above scenario?- : Active Attack
  4. Ruby, a hacker, visited her target company disguised as an aspiring

2 / 116 candidate seeking a job. She noticed that certain sensitive documents were thrown in the trash near an employee's desk. She collected these documents, which included critical information that helped her to perform further attacks. Identify the type of attack performed by Ruby in the above scenario.: Close in Attack

  1. James, a malware programmer, intruded into a manufacturing plant that produces computer peripheral devices. James tampered with the software inside devices ready to be delivered to clients. The tampered program creates a backdoor that allows unauthorized access to the systems. Identify the type of attack performed by James in the above scenario to gain unauthorized access to the delivered systems.: Distribution Attack
  2. Williams, an employee, was using his personal laptop within the organiza- tion's premises. He connected his laptop to the organization's internal network and began eavesdropping on the communication between other devices con- nected to the internal network. He sniffed critical information such as login credentials and other confidential data passing through the network.

4 / 116 from the victim machine without its user being aware and tries to deliver a payload affecting computer performance.: APT Attack

  1. Andrew, a professional hacker, drafts an email that appears to be legitimate and attaches malicious links to lure victims; he then distributes it through communication channels or mails to obtain private information like account numbers. Identify the type of attack vector employed by Andrew in the above scenario.- : Phishing
  2. Identify the civilian act designed to protect investors and the public by increasing the accuracy and reliability of corporate disclosures.: Sarbanes - Oxley Act
  3. Which of the following ISO/IEC standard specifies the requirements for es- tablishing, implementing, maintaining, and continually improving an informa- tion security management system within the context of an organization?: ISO/IEC 27001:
  4. An organization located in Europe maintains a large amount of user data by following all the security-related laws. It also follows GDPR

5 / 116 protection princi- ples, one of which states that the organization should only collect and process data necessary for the specified task. Which of the following GDPR protection principle is discussed in the above scenario?: Data Minimization

  1. Which of the following titles in The Digital Millennium Copyright Act (DMCA) allows the owner of a copy of a program to make reproductions or adaptations when these are necessary to use the program in conjunction with a system?: Title III: Computer Maintenance or Repair
  2. Which of the following countries has implemented "The Copyright Act 1968" and "The Patents Act 1990"?: Australia
  3. Given below are the various phases involved in the cyber kill chain method- ology.
  4. Installation
  5. Delivery
  6. Reconnaissance
  7. Actions on objectives
  8. Weaponization

7 / 116 Which of the following adversary behaviors was detected by Clara?: Unspecified proxy activities

  1. John, a professional hacker, was hired by a government agency to penetrate, gain top-secret information from, and damage other government agencies' information systems or networks. Based on the above scenario, which of the following classes of hacker does John fall in?: state-sponsored hackers
  2. Lionel, a professional hacker motivated by political beliefs, plans to employ various techniques to create fear of large-scale disruption of computer net- works. Which of the following types of threat actors does Lionel belong to in the above scenario?: Cyber Terrorists
  3. Which of the following types of threat actors helps both hackers find various vulnerabilities in a system and vendors improve products by checking limita- tions to make them more secure?: Gray Hats
  4. Allen, a CEO of a business organization, targeted his competitor. He pene- trated the target network by using APTs and stayed

8 / 116 undetected for years. He consequently gained access to critical information such as blueprints, formu- las, product designs, marketing strategies, and trade secrets. Identify the class of hackers to which Allen belongs in the above scenario.: In- dustrial spies

  1. Identify the type of threat actors that include groups of individuals or com- munities involved in organized, planned, and prolonged criminal activities and who exploit victims from distinct jurisdictions on the Internet, making them difficult to locate.: Criminal Syndicates
  2. Given below are the various phases of hacking.
  3. Reconnaissance
  4. Gaining access
  5. Maintaining access
  6. Clearing tracks
  7. Scanning What is the correct sequence of phases involved in hacking?: 1 -> 5 -> 2 -> 3 -> 4
  8. In which of the following phases of hacking does an attacker

10 / 116 tem, remain unnoticed, and remove evidence that might lead to prosecution?- : Clearing Tracks

  1. In which of the following hacking phases do attackers extract information such as live machines, port, port status, OS details, device type, and system uptime to launch further attacks?: Scanning
  2. Lopez, a penetration tester, executes different phases of the hacking cycle in her organization. She detects that the network is susceptible to password cracking, buffer overflows, denial of service, and session hijacking attacks. Identify the hacking phase Lopez was executing in the above scenario.: Gaining Access
  3. Peter, a professional hacker, managed to gain total control of his target system and was able to execute scripts in the trojan. He then used techniques such as steganography and tunneling to remain undetected and to avoid legal trouble. Which of the following hacking phase was Peter currently performing in the above scenario?: Clearing Tracks
  4. John, a security specialist, was requested by a client organization

11 / 116 to check whether the security testing process was performed according to standard. He implemented a security audit on the organization's network to ensure that the performed test was well-organized, efficient, and ethical. John has conducted the audit following the steps given below.

  1. Talk to the client and discuss the needs to be addressed during testing
  2. Analyze the results of the testing and prepare a report
  3. Organize an ethical hacking team and prepare a schedule for testing
  4. Conduct the test
  5. Prepare and sign NDA documents with the client
  6. Present the findings to the client Identify the correct sequence of the steps John has followed while performing the security audit.: 1 -> 5 -> 3 -> 4 -> 2 -> 6
  7. Identify the term that refers to IT professionals who employ their hacking skills for defensive purposes, such as auditing their systems for known vulner- abilities and testing the organization's network security for possible loopholes and vulnerabilities.: Ethical Hacker

13 / 116 val]" Which of the following Nbtstat parameters in the above syntax purges the name cache and reloads all #PRE-tagged entries from the Lmhosts file?: -R

  1. Identify the Nbtstat parameter that lists the contents of the NetBIOS name cache, the table of NetBIOS names, and their resolved IP addresses.: -c
  2. Jack, a professional hacker, was recruited by an agency to steal sensitive data from a rival company. From a remote location, he discovered vulnerabilities in the target company's network using a vulnerability scanner. He exploited them to intrude into the network and steal confidential data. Identify the threat source exploited by Jack in the above scenario.: External threats
  3. Elon, a disgruntled employee with access to sensitive data, intends to dam- age the organization's reputation. He shares all the critical information and blueprints with the competitor and benefits financially.

14 / 116 Identify the threat source in the above scenario.: Internal threat

  1. Sam, a new employee at an organization, received a phishing mail from an unauthorized source on his official email ID. As Sam was not trained on email security, he opened the email and clicked on the malicious link within the email, allowing the attacker to gain backdoor access to the office network. Identify the threat source in the above scenario.: Unintentional threats
  2. James, a student, was curious about hacking. Although he does not possess much knowledge about the subject, he initiated a DoS attack on a website using freely available tools on the Internet. As the website already has some sort of security controls, it detected unusual traffic and blocked James's IP address. Which of the following types of threat sources is discussed in the above sce- nario?: Unstructured external threats
  3. Daniel, an employee working from home, was assigned a task to complete within a half-day, but due to frequent power failures at his residential area, he failed to accomplish the task. Which of the following threats was demonstrated in the above scenario?: Natural

16 / 116 embedded in the link is executed without the knowledge or consent of the victim. Identify the technique employed by Jack to distribute malware in the above scenario. Jack, a professional hacker, created a malicious hyperlink and injected it into a website that appeared legitimate to trick users into clicking the link. When a victim clicked on a malicious link, the malware embedded in the link is executed without the knowledge or consent of the victim. Identify the technique employed by Jack to distribute malware in the above scenario.: Social engineered click-jacking

  1. Anisha, a shopping freak, frequently uses many online websites for pur- chasing products without checking their legitimacy. While doing so, she un- knowingly clicked on one of the shopping commercials expecting it to be authentic. However, this activity made her lose a huge amount of money from her account. Identify the technique employed to distribute malware in the above scenario.- : Malvertising
  2. Which of the following malware distribution techniques involves

17 / 116 mimicking legitimate institutions in an attempt to steal login credentials?: Spear-phishing sites

  1. Which of the following malware distribution techniques involves exploiting flaws in browser software to install malware by merely visiting a web page?: - Drive-by downloads
  2. Identify the technique used by the attacker that involves keyword stuffing, inserting doorway pages, page swapping, and adding unrelated keywords to get higher rankings for malware pages.: Black hat search engine optimization
  3. Benson, a professional hacker, uses a technique that can exploit browser vul- nerabilities. Using this technique, he is able to install malware simply by visiting a web page, and the victim system gets exploited whenever the webpage is being explored. Which of the following technique was mentioned in the above scenario?: Drive by downloads
  4. Identify the malware component that compresses the malware

19 / 116 information such as credit card/debit card details, account holder name, and CVV number. While in- vestigating the incident, Irin found that the systems are infected with financial fraudulent malware that targeted the payment equipment. Identify the type of malware detected by Irin in the above scenario.: Point-of- sale trojans

  1. Identify the trojan that targets websites and physically changes the under- lying HTML format, resulting in content modification.: Defacement trojans
  2. Which of the following types of trojan tricks regular computer users into downloading trojan-infected files to their systems through URL redirection and, post-download, connects back to the attacker using IRC channels?: Botnet trojans
  3. Serin, a professional hacker, injected a backdoor into a target system that specifically attacked the root or system OS. When the backdoor is executed, he will obtain administrator-level access to the target system. Identify the type of malware utilized by Serin in the above scenario.: Rootkit

20 / 116 trojans

  1. Which of the following types of trojan uses port number 445 to infect the target system entry and exit points for application traffic?: WannaCry
  2. Given below are various stages involved in the virus lifecycle.
  3. Replication
  4. Incorporation
  5. Launch
  6. Execution of the damage routine
  7. Design
  8. Detection Identify the correct sequence of stages involved in the virus lifecycle.: 5 -> 1 -> 3 -> 6 -> 2 -> 4
  9. In which of the following stages of the virus lifecycle does a user install antivirus updates and eliminate virus threats?: Execution of the damage routine
  10. Joy, a professional hacker, targeted an organization's system using