Ethical Hacking Essentials Ultimate Exam, Exams of Technology

The Ethical Hacking Essentials Ultimate Exam is designed for aspiring cybersecurity professionals who want to validate their foundational knowledge in ethical hacking and penetration testing. This exam covers core concepts such as network security, vulnerability assessment, reconnaissance techniques, system hacking, malware threats, and social engineering. Candidates will be tested on their ability to identify security weaknesses, apply ethical hacking tools, and understand legal and ethical boundaries in cybersecurity practices. The exam emphasizes real-world attack scenarios, defensive strategies, and best practices for safeguarding digital systems. It is ideal for beginners entering the cybersecurity field or professionals aiming to enhance their ethical hacking skills.

Typology: Exams

2025/2026

Available from 05/02/2026

nicky-jone
nicky-jone 🇮🇳

2.9

(43)

28K documents

1 / 77

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Ethical Hacking Essentials Ultimate
Exam
**Question 1. Which component of the CIA triad primarily protects data from unauthorized
disclosure?**
A) Integrity
B) Availability
C) Confidentiality
D) Nonrepudiation
Answer: C
Explanation: Confidentiality ensures that only authorized subjects can view the information.
**Question 2. A security control that restricts physical entry to a server room using biometric scanners is
an example of a ______ control.**
A) Administrative
B) Physical
C) Technical
D) Managerial
Answer: B
Explanation: Physical controls protect against unauthorized physical access.
**Question 3. Under GDPR, which right allows individuals to have their personal data erased?**
A) Right to data portability
B) Right to be forgotten
C) Right to rectification
D) Right to restriction of processing
Answer: B
Explanation: The “right to be forgotten” permits deletion of personal data upon request.
**Question 4. In risk assessment, the formula Risk = Threat × Vulnerability × Asset Value is used to
calculate:**
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40
pf41
pf42
pf43
pf44
pf45
pf46
pf47
pf48
pf49
pf4a
pf4b
pf4c
pf4d

Partial preview of the text

Download Ethical Hacking Essentials Ultimate Exam and more Exams Technology in PDF only on Docsity!

Exam

Question 1. Which component of the CIA triad primarily protects data from unauthorized disclosure? A) Integrity B) Availability C) Confidentiality D) Non‑repudiation Answer: C Explanation: Confidentiality ensures that only authorized subjects can view the information. Question 2. A security control that restricts physical entry to a server room using biometric scanners is an example of a ______ control. A) Administrative B) Physical C) Technical D) Managerial Answer: B Explanation: Physical controls protect against unauthorized physical access. Question 3. Under GDPR, which right allows individuals to have their personal data erased? A) Right to data portability B) Right to be forgotten C) Right to rectification D) Right to restriction of processing Answer: B Explanation: The “right to be forgotten” permits deletion of personal data upon request. Question 4. In risk assessment, the formula Risk = Threat × Vulnerability × Asset Value is used to calculate:

Exam

A) Likelihood B) Impact C) Risk exposure D) Residual risk Answer: C Explanation: Multiplying these factors yields the overall risk exposure. Question 5. A “zero‑day” attack is characterized by: A) Exploiting a known vulnerability with an available patch B) Using social engineering to gain credentials C) Attacking a system before the vendor releases a fix D) Performing a denial‑of‑service attack on a website Answer: C Explanation: Zero‑day attacks target unknown or unpatched vulnerabilities. Question 6. Which hacker classification is most likely to disclose discovered vulnerabilities to the vendor without malicious intent? A) White hat B) Black hat C) Grey hat D) Suicide hacker Answer: A Explanation: White‑hat hackers work ethically and report issues responsibly. Question 7. The “Rules of Engagement” (RoE) in a penetration test primarily define: A) The tools the tester may use B) The legal jurisdiction of the test C) The scope, boundaries, and authorized activities

Exam

Question 11. The Common Vulnerability Scoring System (CVSS) base score is calculated using: A) Exploitability, Impact, and Scope metrics B) Asset value, Threat, and Vulnerability C) Likelihood, Impact, and Control effectiveness D) Confidentiality, Integrity, Availability metrics only Answer: A Explanation: CVSS base score uses Exploitability, Impact, and Scope to assess severity. Question 12. Heuristic analysis in antivirus software is used to: A) Match exact known signatures B) Detect unknown malware based on behavior patterns C) Encrypt files to prevent tampering D) Block all network traffic from unknown IPs Answer: B Explanation: Heuristics identify suspicious behavior of unknown threats. Question 13. Which authentication factor is “something you have”? A) Password B) Smart card C) Fingerprint D) PIN Answer: B Explanation: A smart card is a physical token representing “something you have”. Question 14. A “rainbow table” attack primarily exploits the lack of: A) Complex passwords

Exam

B) Account lockout policies C) Salting of stored password hashes D) Multi‑factor authentication Answer: C Explanation: Salts make precomputed rainbow tables ineffective. Question 15. NTLM authentication is vulnerable to which type of attack? A) Pass‑the‑hash B) Kerberos ticket‑granting ticket forgery C) OAuth token replay D) SAML assertion injection Answer: A Explanation: NTLM’s hash can be captured and reused in pass‑the‑hash attacks. Question 16. Implementing a “salt” for password hashing primarily provides: A) Faster verification B) Resistance to dictionary attacks C) Protection against hash collisions D) Increased hash length Answer: B Explanation: Salting ensures each password hash is unique, thwarting precomputed attacks. Question 17. Which psychological trigger is most effective in phishing emails that claim an urgent account suspension? A) Authority B) Scarcity C) Urgency D) Reciprocity

Exam

Question 21. An Intrusion Prevention System (IPS) differs from an IDS mainly because it: A) Logs events only B) Actively blocks malicious traffic C) Generates alerts without taking action D) Monitors only outbound traffic Answer: B Explanation: IPS can drop or block traffic in real time. Question 22. In the OWASP Top 10, “Broken Access Control” most commonly leads to: A) Cross‑site scripting B) Unauthorized data exposure C) Insecure deserialization D) Security misconfiguration Answer: B Explanation: Broken access control allows users to access resources they shouldn’t. Question 23. Which type of SQL injection returns data without directly displaying query results? A) In‑band (Union) B) Blind (Boolean‑based) C) Out‑of‑band (OOB) D) Error‑based Answer: B Explanation: Blind SQLi infers data through true/false responses. Question 24. Stored XSS attacks differ from reflected XSS because the malicious script is: A) Executed in the browser’s address bar B) Saved on the server and served to victims later

Exam

C) Delivered via email links only D) Limited to the same origin policy Answer: B Explanation: Stored XSS persists on the server, affecting multiple users. Question 25. The primary weakness of WEP compared to WPA2 is the use of: A) 802.1X authentication B) TKIP encryption C) RC4 stream cipher with static keys D) AES‑GCM encryption Answer: C Explanation: WEP’s RC4 with static keys is easily cracked. Question 26. An “evil twin” access point is used to: A) Increase Wi‑Fi range B) Perform a denial‑of‑service attack on legitimate APs C) Mimic a legitimate AP to capture credentials D) Broadcast a fake SSID for bandwidth throttling Answer: C Explanation: Evil twins lure users to connect and harvest data. Question 27. In Android, the “SafetyNet” API helps protect apps against: A) Physical device theft B) Rooting and tampering C) Network eavesdropping D) Battery drain attacks Answer: B

Exam

A) Data in transit vulnerability B) Misconfiguration leading to data exposure C) Insider threat D) Credential leakage Answer: B Explanation: Public read permissions expose stored data unintentionally. Question 32. Which container runtime security feature isolates processes using Linux namespaces? A) SELinux policies B) cgroups C) Namespaces D) AppArmor profiles Answer: C Explanation: Namespaces provide isolation of process resources in containers. Question 33. Black‑box penetration testing is characterized by: A) Full source‑code review before testing B) No prior knowledge of the target environment C) Access to internal network diagrams D) Limited to social engineering only Answer: B Explanation: Black‑box testers simulate an external attacker with zero knowledge. Question 34. The “pivoting” technique in penetration testing is used to: A) Escalate privileges on the original host B) Move laterally to other systems after initial compromise C) Bypass firewalls by tunneling traffic

Exam

D) Generate reports for stakeholders Answer: B Explanation: Pivoting allows the tester to explore internal network segments. Question 35. Which of the following is a hallmark of a “suicide hacker”? A) Publishing source code after a breach B) Conducting attacks solely for personal gain C) Targeting only government agencies D) Using only open‑source tools Answer: A Explanation: Suicide hackers often expose their methods publicly after an attack. Question 36. The principle of non‑repudiation is best achieved through: A) Encryption of data at rest B) Digital signatures and audit logs C) Redundant backups D) Network segmentation Answer: B Explanation: Digital signatures provide proof of origin, preventing denial. Question 37. Which administrative control helps enforce password complexity? A) Firewall rule set B) Security policy documentation C) Biometric scanner deployment D) VLAN segmentation Answer: B Explanation: Policies define required complexity and are enforced administratively.

Exam

B) UDP flood C) HTTP GET flood D) ICMP echo request flood Answer: B Explanation: UDP floods consume bandwidth and server resources. Question 42. A “honeypot” is primarily used for: A) Blocking malicious traffic B) Deceiving attackers and gathering intelligence C) Encrypting data in transit D) Accelerating network performance Answer: B Explanation: Honeypots act as decoys to lure and study attackers. Question 43. In a phishing email, the use of a legitimate‑looking domain (e.g., “secure‑bank.com”) exploits which social engineering principle? A) Reciprocity B) Authority C) Consistency D) Liking Answer: B Explanation: Authority makes recipients trust the apparent source. Question 44. Which of the following is a characteristic of a “worm” compared to a “virus”? A) Requires user interaction to spread B) Propagates automatically across networks C) Embeds itself in executable files D) Only targets mobile devices

Exam

Answer: B Explanation: Worms self‑replicate without user action. Question 45. The “confidentiality” aspect of the CIA triad can be compromised by which of the following? A) Data corruption B) System downtime C) Unauthorized data disclosure D) Log tampering Answer: C Explanation: Confidentiality is about preventing unauthorized access to information. Question 46. Which technical control can enforce encryption of data at rest on a Windows server? A) Group Policy B) BitLocker C) Network Access Control (NAC) D) Security Information and Event Management (SIEM) Answer: B Explanation: BitLocker encrypts disk volumes to protect stored data. Question 47. The GDPR principle of “data minimization” requires organizations to: A) Store all data for as long as possible B) Collect only data necessary for a specific purpose C) Encrypt every piece of data regardless of sensitivity D) Share data with third parties without consent Answer: B Explanation: Data minimization limits collection to what is strictly needed.

Exam

C) Frequent firmware updates D) Longer battery life Answer: B Explanation: Compromised IoT devices often generate suspicious network traffic. Question 52. In Kerberos authentication, the “Ticket Granting Ticket” (TGT) is encrypted with the: A) User’s password hash B) Service’s public key C) Domain controller’s private key D) Client’s RSA key pair Answer: A Explanation: The TGT is encrypted using the user’s secret derived from the password. Question 53. Which of the following attacks exploits the lack of input validation in web forms to execute arbitrary commands on the server? A) Cross‑site request forgery (CSRF) B) Command injection C) Clickjacking D) Session fixation Answer: B Explanation: Command injection runs unauthorized commands due to unsanitized input. Question 54. A “rainbow table” attack is mitigated by using which of the following techniques? A) Disabling SMB B) Implementing account lockout thresholds C) Adding a unique salt to each password hash D) Enforcing password length >12 characters Answer: C

Exam

Explanation: Salting makes precomputed tables ineffective. Question 55. Which of the following is NOT a typical characteristic of a “social engineering” attack? A) Exploiting technical vulnerabilities B) Manipulating human psychology C) Using urgency or authority cues D) Targeting trust relationships Answer: A Explanation: Social engineering focuses on people, not technical flaws. Question 56. The primary purpose of “MAC filtering” on a Wi‑Fi network is to: A) Encrypt wireless traffic B) Restrict network access to approved device MAC addresses C) Increase bandwidth efficiency D) Prevent ARP spoofing attacks Answer: B Explanation: MAC filtering allows only listed devices to associate. Question 57. In the context of mobile device management (MDM), “remote wipe” is used to: A) Install applications silently B) Reset the device’s password automatically C) Erase all data from a lost or stolen device D) Update the device’s firmware over the air Answer: C Explanation: Remote wipe protects data by deleting it from compromised devices. Question 58. Which OWASP Top 10 vulnerability involves insecure deserialization of untrusted data?

Exam

D) Spyware that records keystrokes continuously Answer: B Explanation: Logic bombs activate based on predefined conditions. Question 62. In a “Spear‑phishing” attack, the attacker typically: A) Sends generic phishing emails to large lists B) Targets a specific individual or organization with personalized content C) Uses malicious attachments only D) Exploits vulnerabilities in email servers Answer: B Explanation: Spear‑phishing tailors messages to a particular victim. Question 63. Which of the following is a primary advantage of using a “WAF” (Web Application Firewall)? A) Encrypts all outbound traffic B) Detects and blocks web‑based attacks such as XSS and SQLi C) Provides physical access control to the server room D) Performs network‑level packet filtering only Answer: B Explanation: WAFs inspect HTTP traffic for application‑layer threats. Question 64. The “principle of defense in depth” suggests that an organization should: A) Rely on a single, strong security control B) Implement multiple, layered security measures across different domains C) Focus solely on perimeter defenses D) Use only technical controls, ignoring administrative policies Answer: B Explanation: Multiple layers reduce the chance of a single point of failure.

Exam

Question 65. Which of the following is a characteristic of a “state‑sponsored” threat actor? A) Uses only open‑source tools B) Targets primarily financial gain C) Has access to extensive resources and zero‑day exploits D) Operates solely within their own country’s borders Answer: C Explanation: State actors often possess sophisticated capabilities. Question 66. In the context of wireless security, “PMKID” attacks target which component of WPA2? A) The pre‑shared key (PSK) directly B) The pairwise master key identifier used in the 4‑way handshake C) The MAC address filtering list D) The SSID broadcast setting Answer: B Explanation: PMKID attacks capture the identifier to derive the PSK offline. Question 67. Which of the following best describes “password spraying”? A) Trying many passwords against a single account B) Using a small list of common passwords against many accounts C) Applying rainbow tables to crack hashes D) Brute‑forcing a password with all possible characters Answer: B Explanation: Password spraying spreads a few passwords across many usernames. Question 68. Which of the following cloud services provides the highest level of abstraction from the underlying hardware?