Que - In which year the term hacking was coined?
a. 1965-67
b. 1955-60
c. 1970-80
d. 1980-82
Answer- 1955-60
Que - From where the term 'hacker' first came to existence?
a. MIT
b. Stanford University
c. California
d. Bell's Lab
Answer- MIT
Que - What is the one thing that old hackers were fond of or find interests in?
a. Breaking Other's system
b. Voracious thirst for knowledge
c. Cracking Phone calls
d. Learning new languages
Answer- Voracious thirst for knowledge
Que - In which year the first popular hacker conference took place?
a. 1994
b. 1995
c. 1993
d. 1992
Answer- 1993
Que - What is the name of the first hacker's conference?
a. DEFCON
b. OSCON
c. DEVCON
d. SECCON
Answer- DEFCON
Que - _______ is the oldest phone hacking techniques used by hackers to make free calls
a. Phishing
b. Spamming
c. Phreaking
d. Cracking
Answer- Phreaking
Que - In which year, first practical technology hacking came into origin?
a. 1878
b. 1890
c. 1895
d. 1876
Answer- 1878
Que - In which year, hacking became a practical crime and a matter of concern in the field of technology?
a. 1971
b. 1973
c. 1970
d. 1974
Answer- 1970
Que - Who was the first individual who performed a major hacking in the year 1971?
a. Steve Wozniak
b. Steve Jobs
c. Kevin Mitnick
d. John Draper
Answer- John Draper
Que - Name the hacker who breaks the ARPANET systems?
a. Jon von Neumann
b. Kevin Poulsen
c. Kevin Mitnick
d. John Draper
Answer- Kevin Poulsen
Que - Who coined the term "cyberspace"?
a. Andrew Tannenbaum
b. Scott Fahlman
c. William Gibson
d. Richard Stallman
Answer- William Gibson
Que - In which year computer scientists try to integrate encryption technique in TCP/IP protocol?
a. 1978
b. 1980
c. 1982
d. 1984
Answer- 1978
Que - In which year the Computer Fraud & Abuse Act was adopted in the United States?
a. 1983
b. 1984
c. 1987
d. 1988
Answer- 1984
Que - Who was the first individual to distribute computer worms through internet?
a. Vladimir Levin
b. Bill Landreth
c. Richard Stallman
d. Robert T. Morris
Answer- Robert T. Morris
Que - _____ is a powerful encryption tool released by Philip Zimmerman in the year 1991.
a. PGP (Protected Good Privacy)
b. AES (Advanced Encryption Standard)
c. PGP (Pretty Good Privacy)
d. DES (Data Encryption Standard)
Answer- PGP (Pretty Good Privacy)
Que - Hackers who help in finding bugs and vulnerabilities in a system & don't intend to crack a system are termed as ________
a. Black Hat hackers
b. White Hat Hackers
c. Grey Hat Hackers
d. Red Hat Hackers
Answer- White Hat Hackers
Que - Which is the legal form of hacking based on which jobs are provided in IT industries and firms?
a. Cracking
b. Non ethical Hacking
c. Ethical hacking
d. Hactivism
Answer- Ethical hacking
Que - They are nefarious hackers, and their main motive is to gain financial profit by doing cyber crimes. Who are "they" referred to here?
a. Gray Hat Hackers
b. White Hat Hackers
c. Hactivists
d. Black Hat Hackers
Answer- Black Hat Hackers
Que - ________ are the combination of both white as well as black hat hackers.
a. Grey Hat hackers
b. Green Hat hackers
c. Blue Hat Hackers
d. Red Hat Hackers
Answer- Grey Hat hackers
Que - The amateur or newbie in the field of hacking who don't have many skills about coding and in-depth working of security and hacking tools are called ________
a. Sponsored Hackers
b. Hactivists
c. Script Kiddies
d. Whistle Blowers
Answer- Script Kiddies
Que - Suicide Hackers are those _________
a. who break a system for some specific purpose with or without keeping in mind that they may suffer long term imprisonment due to their malicious activity
b. individuals with no knowledge of codes but an expert in using hacking tools
c. who know the consequences of their hacking activities and hence try to prevent them by erasing their digital footprints
d. who are employed in an organization to do malicious activities on other firms
Answer- who break a system for some specific purpose with or without keeping in mind that they may suffer long term imprisonment due to their malicious activity
Que - Criminal minded individuals who work for terrorist organizations and steal information of nations and other secret intelligence are _________
a. State sponsored hackers
b. Blue Hat Hackers
c. Cyber Terrorists
d. Red Hat Hackers
Answer- Cyber Terrorists
Que - One who disclose information to public of a company, organization, firm, government and private agency and he/she is the member or employee of that organization; such individuals are termed as ___________
a. Sponsored hackers
b. Crackers
c. Hactivist
d. Whistleblowers
Answer- Whistleblowers
Que - These types of hackers are the most skilled hackers in the hackers' community. Who are "they" referred to?
a. White hat Hackers
b. Elite Hackers
c. Licensed Penetration Testers
d. Red Hat Hackers
Answer- Elite Hackers
Que - _________ are those individuals who maintain and handles IT security in any firm or organization.
a. IT Security Engineer
b. Cyber Security Interns
c. Software Security Specialist
d. Security Auditor
Answer- IT Security Engineer
Que - Role of security auditor is to ____________
a. secure the network
b. probe for safety and security of organization's security components and systems
c. detects and prevents cyber attacks and threats to organization
d. does penetration testing on different web applications
Answer- probe for safety and security of organization's security components and systems
Que - ________ are senior level corporate employees who have the role and responsibilities of creating and designing secured network or security structures.
a. Ethical Hackers
b. Chief Technical Officer
c. IT Security Engineers
d. Security Architect
Answer- Security Architect
Que - __________ security consultants uses database security monitoring & scanning tools to maintain security to different data residing in the database / servers / cloud.
a. Database
b. Network
c. System
d. Hardware
Answer- Database
Que - Governments hired some highly skilled hackers. These types of hackers are termed as _______
a. Special Hackers
b. Government Hackers
c. Cyber Intelligence Agents
d. Nation / State sponsored hackers
Answer- Nation / State sponsored hackers
Que - Someone (from outside) who tests security issues for bugs before launching a system or application, and who is not a part of that organization or company are ______
a. Black Hat hacker
b. External penetration tester
c. Blue Hat hacker
d. White Hat Hacker
Answer- Blue Hat hacker
Que - The full form of Malware is ________
a. Malfunctioned Software
b. Multipurpose Software
c. Malicious Software
d. Malfunctioning of Security
Answer- Malicious Software
Que - Who deploy Malwares to a system or network?
a. Criminal organizations, Black hat hackers, malware developers, cyber-terrorists
b. Criminal organizations, White hat hackers, malware developers, cyber-terrorists
c. Criminal organizations, Black hat hackers, software developers, cyber-terrorists
d. Criminal organizations, gray hat hackers, Malware developers, Penetration testers
Answer- Criminal organizations, Black hat hackers, malware developers, cyber-terrorists
Que - _____________ is a code injecting method used for attacking the database of a system / website.
a. HTML injection
b. SQL Injection
c. Malicious code injection
d. XML Injection
Answer- SQL Injection
Que - XSS is abbreviated as __________
a. Extreme Secure Scripting
b. Cross Site Security
c. X Site Scripting
d. Cross Site Scripting
Answer- Cross Site Scripting
Que - This attack can be deployed by infusing a malicious code in a website's comment section. What is "this" attack referred to here?
a. SQL injection
b. HTML Injection
c. Cross Site Scripting (XSS)
d. Cross Site Request Forgery (XSRF)
Answer- Cross Site Scripting (XSS)
Que - When there is an excessive amount of data flow, which the system cannot handle, _____ attack takes place.
a. Database crash attack
b. DoS (Denial of Service) attack
c. Data overflow Attack
d. Buffer Overflow attack
Answer- Buffer Overflow attack
Que - Compromising a user's session for exploiting the user's data and do malicious activities or misuse user's credentials is called ___________
a. Session Hijacking
b. Session Fixation
c. Cookie stuffing
d. Session Spying
Answer- Session Hijacking
Que - Which of this is an example of physical hacking?
a. Remote Unauthorised access
b. Inserting malware loaded USB to a system
c. SQL Injection on SQL vulnerable site
d. DDoS (Distributed Denial of Service) attack
Answer- Inserting malware loaded USB to a system
Que - Which of them is not a wireless attack?
a. Eavesdropping
b. MAC Spoofing
c. Wireless Hijacking
d. Phishing
Answer- Phishing
Que - An attempt to harm, damage or cause threat to a system or network is broadly termed as ______
a. Cyber-crime
b. Cyber Attack
c. System hijacking
d. Digital crime
Answer- Cyber Attack
Que - Which method of hacking will record all your keystrokes?
a. Keyhijacking
b. Keyjacking
c. Keylogging
d. Keyboard monitoring
Answer- Keylogging
Que - _________ are the special type of programs used for recording and tracking user's keystroke.
a. Keylogger
b. Trojans
c. Virus
d. Worms
Answer- Keylogger
Que - These are a collective term for malicious spying programs used for secretly monitoring someone's activity and actions over a digital medium.
a. Malware
b. Remote Access Trojans
c. Keyloggers
d. Spyware
Answer- Spyware
Que - Stuxnet is a _________
a. Worm
b. Virus
c. Trojan
d. Antivirus
Answer- Worm
Que - ___________ is a violent act done using the Internet, which either threatens any technology user or leads to loss of life or otherwise harms anyone in order to accomplish political gain.
a. Cyber-warfare
b. Cyber campaign
c. Cyber-terrorism
d. Cyber attack
Answer- Cyber-terrorism
Que - In general how many key elements constitute the entire security structure?
a. 1
b. 2
c. 3
d. 4
Answer- 4
Que - According to the CIA Triad, which of the below-mentioned element is not considered in the triad?
a. Confidentiality
b. Integrity
c. Authenticity
d. Availability
Answer- Authenticity
Que - This is the model designed for guiding the policies of Information security within a company, firm or organization. What is "this" referred to here?
a. Confidentiality
b. Non-repudiation
c. CIA Triad
d. Authenticity
Answer- CIA Triad
Que - CIA triad is also known as ________
a. NIC (Non-repudiation, Integrity, Confidentiality)
b. AIC (Availability, Integrity, Confidentiality)
c. AIN (Availability, Integrity, Non-repudiation)
d. AIC (Authenticity, Integrity, Confidentiality)
Answer- AIC (Availability, Integrity, Confidentiality)
Que - When you use the word _____ it means you are protecting your data from getting disclosed.
a. Confidentiality
b. Integrity
c. Authentication
d. Availability
Answer- Confidentiality
Que - ______ means the protection of data from modification by unknown users.
a. Confidentiality
b. Integrity
c. Authentication
d. Non-repudiation
Answer- Integrity
Que - When integrity is lacking in a security system, _________ occurs.
a. Database hacking
b. Data deletion
c. Data tampering
d. Data leakage
Answer- Data tampering
Que - _______ of information means, only authorised users are capable of accessing the information.
a. Confidentiality
b. Integrity
c. Non-repudiation
d. Availability
Answer- Availability
Que - Why these 4 elements (confidentiality, integrity, authenticity & availability) are considered fundamental?
a. They help understanding hacking better
b. They are key elements to a security breach
c. They help understands security and its components better
d. They help to understand the cyber-crime better
Answer- They help understands security and its components better
Que - This helps in identifying the origin of information and authentic user. This referred to here as __________
a. Confidentiality
b. Integrity
c. Authenticity
d. Availability
Answer- Authenticity
Que - Data ___________ is used to ensure confidentiality.
a. Encryption
b. Locking
c. Deleting
d. Backup
Answer- Encryption
Que - Which of these is not a proper method of maintaining confidentiality?
a. Biometric verification
b. ID and password based verification
c. 2-factor authentication
d. switching off the phone
Answer- switching off the phone
Que - Data integrity gets compromised when _____ and _____ are taken control off.
a. Access control, file deletion
b. Network, file permission
c. Access control, file permission
d. Network, system
Answer- Access control, file permission
Que - ______ is the latest technology that faces an extra challenge because of CIA paradigm.
a. Big data
b. Database systems
c. Cloud storages
d. Smart dust
Answer- Big data
Que - One common way to maintain data availability is __________
a. Data clustering
b. Data backup
c. Data recovery
d. Data Altering
Answer- Data backup
Que - _______ is the practice and precautions taken to protect valuable information from unauthorised access, recording, disclosure or destruction.
a. Network Security
b. Database Security
c. Information Security
d. Physical Security
Answer- Information Security
Que - From the options below, which of them is not a threat to information security?
a. Disaster
b. Eavesdropping
c. Information leakage
d. Unchanged default password
Answer- Unchanged default password
Que - From the options below, which of them is not a vulnerability to information security?
a. flood
b. without deleting data, disposal of storage media
c. unchanged default password
d. latest patches and updates not done
Answer- flood
Que - _____ platforms are used for safety and protection of information in the cloud.
a. Cloud workload protection platforms
b. Cloud security protocols
c. AWS
d. One Drive
Answer- Cloud workload protection platforms
Que - Which of the following information security technology is used for avoiding browser-based hacking?
a. Anti-malware in browsers
b. Remote browser access
c. Adware remover in browsers
d. Incognito mode in a browser
Answer- Remote browser access
Que - The full form of EDR is _______
a. Endpoint Detection and recovery
b. Early detection and response
c. Endpoint Detection and response
d. Endless Detection and Recovery
Answer- Endpoint Detection and response
Que - _______ technology is used for analyzing and monitoring traffic in network and information flow.
a. Cloud access security brokers (CASBs)
b. Managed detection and response (MDR)
c. Network Security Firewall
d. Network traffic analysis (NTA)
Answer- Network traffic analysis (NTA)
Que - Compromising confidential information comes under _________
a. Bug
b. Threat
c. Vulnerability
d. Attack
Answer- Threat
Que - Lack of access control policy is a _____________
a. Bug
b. Threat
c. Vulnerability
d. Attack
Answer- Vulnerability
Que - Possible threat to any information cannot be ________________
a. reduced
b. transferred
c. protected
d. ignored
Answer- ignored
Que - How many basic processes or steps are there in ethical hacking?
a. 4
b. 5
c. 6
d. 7
Answer- 6
Que - ____________ is the information gathering phase in ethical hacking from the target user.
a. Reconnaissance
b. Scanning
c. Gaining access
d. Maintaining access
Answer- Reconnaissance
Que - Which of the following is not a reconnaissance tool or technique for information gathering?
a. Hping
b. NMAP
c. Google Dorks
d. Nexpose
Answer- Nexpose
Que - There are ______ subtypes of reconnaissance.
a. 2
b. 3
c. 4
d. 5
Answer- 2
Que - Which of the following is an example of active reconnaissance?
a. Searching public records
b. Telephone calls as a help desk or fake customer care person
c. Looking for the target's details in the database
d. Searching the target's details in paper files
Answer- Telephone calls as a help desk or fake customer care person
Que - Which of the following is an example of passive reconnaissance?
a. Telephonic calls to target victim
b. Attacker as a fake person for Help Desk support
c. Talk to the target user in person
d. Search about target records in online people database
Answer- Search about target records in online people database
Que - ________ phase in ethical hacking is known as the pre-attack phase.
a. Reconnaissance
b. Scanning
c. Gaining access
d. Maintaining access
Answer- Scanning
Que - While looking for a single entry point where penetration testers can test the vulnerability, they use ______ phase of ethical hacking.
a. Reconnaissance
b. Scanning
c. Gaining access
d. Maintaining access
Answer- Scanning
Que - Which of them do not comes under scanning methodologies?
a. Vulnerability scanning
b. Sweeping
c. Port Scanning
d. Google Dorks
Answer- Google Dorks
Que - Which of them is not a scanning tool?
a. NMAP
b. Nexpose
c. Maltego
d. Nessus
Answer- Maltego
Que - Which of the following comes after scanning phase in ethical hacking?
a. Scanning
b. Maintaining access
c. Reconnaissance
d. Gaining access
Answer- Gaining access
Que - In __________ phase the hacker exploits the network or system vulnerabilities.
a. Scanning
b. Maintaining access
c. Reconnaissance
d. Gaining access
Answer- Gaining access
Que - Which of the following is not done in gaining access phase?
a. Tunnelling
b. Buffer overflow
c. Session hijacking
d. Password cracking
Answer- Tunnelling
Que - Which of the below-mentioned penetration testing tool is popularly used in gaining access phase?
a. Maltego
b. NMAP
c. Metasploit
d. Nessus
Answer- Metasploit
Que - A _________ can gain access illegally to a system if the system is not properly tested in scanning and gaining access phase.
a. security officer
b. malicious hacker
c. security auditor
d. network analyst
Answer- malicious hacker
Que - In which phase, the hackers install backdoors so that his/her ownership with the victim's system can be retained later?
a. Scanning
b. Maintaining access
c. Maintaining Access
d. Gaining access
Answer- Maintaining Access
Que - _______ is the tool used for this purpose.
a. Powersploit
b. Aircrack-ng
c. Snort
d. Nmap
Answer- Powersploit
Que - Which of the following hacking tools and techniques hackers' do not use for maintaining access in a system?
a. Rootkits
b. Backdoors
c. Trojans
d. Wireshark
Answer- Wireshark
Que - In _______ phase, the hackers try to hide their footprints.
a. Scanning
b. Tracks clearing
c. Reconnaissance
d. Gaining access
Answer- Tracks clearing
Que - Which of them is not a track clearing technique?
a. Altering log files
b. Tunnelling
c. Port Scanning
d. Footprint removing
Answer- Port Scanning
Que - __________ is the last phase of ethical hacking process.
a. Scanning
b. Tracks clearing
c. Reconnaissance
d. Reporting
Answer- Reporting
Que - Which of the following is not a footprint-scanning tool?
a. SuperScan
b. TcpView
c. Maltego
d. OWASP Zed
Answer- Maltego
Que - ___________ is a special form of attack using which hackers' exploit - human psychology.
a. Cross Site Scripting
b. Insecure network
c. Social Engineering
d. Reverse Engineering
Answer- Social Engineering
Que - Which of the following do not comes under Social Engineering?
a. Tailgating
b. Phishing
c. Pretexting
d. Spamming
Answer- Spamming
Que - _________ involves scams where an individual (usually an attacker) lie to a person (the target victim) to acquire privilege data.
a. Phishing
b. Pretexting
c. Spamming
d. Vishing
Answer- Pretexting
Que - Which of the following is the technique used to look for information in trash or around dustbin container?
a. Pretexting
b. Baiting
c. Quid Pro Quo
d. Dumpster diving
Answer- Dumpster diving
Que - Which of the following is not an example of social engineering?
a. Dumpster diving
b. Shoulder surfing
c. Carding
d. Spear phishing
Answer- Carding
Que - In a phishing, attackers target the ________ technology to so social engineering.
a. Emails
b. WI-FI network
c. Operating systems
d. Surveillance camera
Answer- Emails
Que - Tailgating is also termed as ___________
a. Piggybacking
b. Pretexting
c. Phishing
d. Baiting
Answer- Piggybacking
Que - Physical hacking is not at all possible in hospitals, banks, private firms, and non-profit organizations.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- FALSE
Que - Stealing pen drives and DVDs after tailgating is an example of lack of _______ security.
a. network security
b. physical security
c. database security
d. wireless security
Answer- physical security
Que - ________ is the ability of an individual to gain physical access to an authorized area.
a. Network accessing
b. Database accessing
c. Remote accessing
d. Physical accessing
Answer- Physical accessing
Que - Which of the following is not considering the adequate measure for physical security?
a. Lock the drawers
b. Keep strong passwords for corporate laptops and mobile phones
c. Keep confidential organization's document file open in the desk
d. Hide your hand against camera while inserting the PIN code
Answer- Keep confidential organization's document file open in the desk
Que - Which of the following is not a physical security measure to protect against physical hacking?
a. Add front desk & restrict unknown access to the back room
b. Create a phishing policy
c. Analyze how employees maintain their physical data and data storage peripheral devices
d. Updating the patches in the software you're working at your office laptop.
Answer- Updating the patches in the software you're working at your office laptop.
Que - IT security department must periodically check for security logs and entries made during office hours.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Which of them is not an example of physical hacking?
a. Walk-in using piggybacking
b. Sneak-in
c. Break-in and steal
d. Phishing
Answer- Phishing
Que - Physical _________ is important to check & test for possible physical breaches.
a. penetration test
b. security check
c. hacking
d. access
Answer- penetration test
Que - ___________ ensures the integrity and security of data that are passing over a network.
a. Firewall
b. Antivirus
c. Pentesting Tools
d. Network-security protocols
Answer- Network-security protocols
Que - Which of the following is not a strong security protocol?
a. HTTPS
b. SSL
c. SMTP
d. SFTP
Answer- SMTP
Que - Which of the following is not a secured mail transferring methodology?
a. POP3
b. SSMTP
c. Mail using PGP
d. S/MIME
Answer- POP3
Que - __________ is a set of conventions & rules set for communicating two or more devices residing in the same network?
a. Security policies
b. Protocols
c. Wireless network
d. Network algorithms
Answer- Protocols
Que - TSL (Transport Layer Security) is a cryptographic protocol used for securing HTTP/HTTPS based connection.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - HTTPS is abbreviated as _________
a. Hypertexts Transfer Protocol Secured
b. Secured Hyper Text Transfer Protocol
c. Hyperlinked Text Transfer Protocol Secured
d. Hyper Text Transfer Protocol Secure
Answer- Hyper Text Transfer Protocol Secure
Que - SSL primarily focuses on _______
a. integrity and authenticity
b. integrity and non-repudiation
c. authenticity and privacy
d. confidentiality and integrity
Answer- integrity and authenticity
Que - In SSL, what is used for authenticating a message?
a. MAC (Message Access Code)
b. MAC (Message Authentication Code)
c. MAC (Machine Authentication Code)
d. MAC (Machine Access Code)
Answer- MAC (Message Authentication Code)
Que - __________ is used for encrypting data at network level.
a. IPSec
b. HTTPS
c. SMTP
d. S/MIME
Answer- IPSec
Que - S/MIME is abbreviated as __________________
a. Secure/Multimedia Internet Mailing Extensions
b. Secure/Multipurpose Internet Mailing Extensions
c. Secure/Multimedia Internet Mail Extensions
d. Secure/Multipurpose Internet Mail Extensions
Answer- Secure/Multipurpose Internet Mail Extensions
Que - Users are able to see a pad-lock icon in the address bar of the browser when there is _______ connection.
a. HTTP
b. HTTPS
c. SMTP
d. SFTP
Answer- HTTPS
Que - Why did SSL certificate require in HTTP?
a. For making security weak
b. For making information move faster
c. For encrypted data sent over HTTP protocol
d. For sending and receiving emails unencrypted
Answer- For encrypted data sent over HTTP protocol
Que - SFTP is abbreviated as ________
a. Secure File Transfer Protocol
b. Secured File Transfer Protocol
c. Secure Folder Transfer Protocol
d. Secure File Transferring Protocol
Answer- Secure File Transfer Protocol
Que - PCT is abbreviated as ________
a. Private Connecting Technology
b. Personal Communication Technology
c. Private Communication Technique
d. Private Communication Technology
Answer- Private Communication Technology
Que - Authentication in PCT requires _____ keys.
a. 1
b. 2
c. 3
d. 4
Answer- 2
Que - The latest version of TLS is _____
a. version 1.1
b. version 1.2
c. version 2.1
d. version 1.3
Answer- version 1.2
Que - SIP is abbreviated as __________
a. Session Initiation Protocol
b. Secured Initiation Protocol
c. Secure Initiation Protocol
d. Session Integration Protocol
Answer- Session Initiation Protocol
Que - In which of the following cases Session Initiation Protocol is not used?
a. Instant Messaging
b. Voice over LTE (VoLTE)
c. Internet telephony
d. Data Transferring
Answer- Data Transferring
Que - SRTP is abbreviated as ________
a. Secure Relay Transport Protocol
b. Secure Real-time Transferring Protocol
c. Secure Real-time Transport Protocol
d. Secure Real-time Transportation Protocol
Answer- Secure Real-time Transport Protocol
Que - ESP is abbreviated as ____________
a. Encapsulating Security Payload
b. Encapsulating Secure Protocol
c. Encrypted Secure Payload
d. Encapsulating Secure Payload
Answer- Encapsulating Secure Payload
Que - ________ is the entity for issuing digital certificates.
a. Certificate Authority (CA)
b. Cert Authority (CA)
c. Cert Authorization (CA)
d. Certificate Authorization (CA)
Answer- Certificate Authority (CA)
Que - IKE is abbreviated as Internet Key Exchange.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - ________ is any action that might compromise cyber-security.
a. Threat
b. Vulnerability
c. Exploit
d. Attack
Answer- Threat
Que - Existence of weakness in a system or network is called _______
a. Threat
b. Vulnerability
c. Exploit
d. Attack
Answer- Vulnerability
Que - When any IT product, system or network is in need for testing for security reasons, then the term used is called _________
a. Threat
b. Vulnerability
c. Target of Evaluation
d. Attack
Answer- Target of Evaluation
Que - An/A ________ is an act that violates cyber-security.
a. Threat
b. Vulnerability
c. Exploit
d. Attack
Answer- Attack
Que - ________ is a way to breach the security by using the vulnerability of that system.
a. Threat
b. Vulnerability
c. Exploit
d. Attack
Answer- Exploit
Que - _________ is an act of hacking by the means of which a political or social message is conveyed.
a. Hacktivism
b. Whistle-blowing
c. Surveillance
d. Pseudonymization
Answer- Hacktivism
Que - _______ is the method of developing or creating a structurally similar yet unauthentic and illegitimate data of any firm or company.
a. Data copying
b. Data masking
c. Data breaching
d. Data duplicating
Answer- Data masking
Que - Data masking is also known as _________
a. Data obfuscation
b. Data copying
c. Data breaching
d. Data duplicating
Answer- Data obfuscation
Que - ________ automates an action or attack so that repetitive tasks are done at a faster rate.
a. Auto-bots
b. Cookie-bots
c. Robots
d. Bots
Answer- Bots
Que - Backdoors are also known as ____________
a. Trap doors
b. Front doors
c. Cover doors
d. Back entry
Answer- Trap doors
Que - Adware are pre-chosen _______ developed to display ads.
a. banner
b. software
c. malware
d. shareware
Answer- software
Que - ________ is an attack technique occurs when excess data gets written to a memory block.
a. Over buffering
b. Buffering
c. Buffer overflow
d. Memory full
Answer- Buffer overflow
Que - Finding & publishing any user's identity with the help of different personal details is called ________
a. Doxing
b. Data breaching
c. Personal data copying
d. Secure File Transferring Protocol
Answer- Doxing
Que - In IP address, IP is abbreviated as __________
a. Internet Program
b. Internet Protocol
c. Intuition Programs
d. Internet Pathway
Answer- Internet Protocol
Que - Whaling is the technique used to take deep and _________ information about any individual.
a. sensitive
b. powerful
c. useless
d. casual
Answer- sensitive
Que - _________ are a specific section of any virus or malware that performs illicit activities in a system.
a. Malicious programs
b. Worms
c. Spyware
d. Payload
Answer- Payload
Que - ____________ is a scenario when information is accessed without authorization.
a. Data infiltration
b. Data Hack
c. Information compromise
d. Data Breach
Answer- Data Breach
Que - ____________ is an attempt to steal, spy, damage or destroy computer systems, networks or their associated information.
a. Cyber-security
b. Cyber attack
c. Digital hacking
d. Computer security
Answer- Cyber attack
Que - ___________ is a device which secretly collects data from credit / debit cards.
a. Card Skimmer
b. Data Stealer
c. Card Copier
d. Card cloner
Answer- Card Skimmer
Que - _____________ is a technique used when artificial clicks are made which increases revenue because of pay-per-click.
a. Clickjacking
b. Clickfraud
c. Keylogging
d. Click-hacking
Answer- Clickfraud
Que - __________ is the practice implemented to spy someone using technology for gathering sensitive information.
a. Cyber espionage
b. Cyber-spy
c. Digital Spying
d. Spyware
Answer- Cyber espionage
Que - ____________ is the way or technique through which majority of the malware gets installed in our system.
a. Drive-by click
b. Drive-by redirection
c. Drive-by download
d. Drive-by injecting USB devices
Answer- Drive-by download
Que - ______ is the term used for toolkits that are purchased and used for targeting different exploits.
a. Exploit bag
b. Exploit set
c. Exploit Toolkit
d. Exploit pack
Answer- Exploit pack
Que - Identity theft is the term used when a cyber-thief uses anybody's personal information to impersonate the victim for their benefit.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - _________ is the hacking approach where cyber-criminals design fake websites or pages for tricking or gaining additional traffic.
a. Cyber-replication
b. Mimicking
c. Website-Duplication
d. Pharming
Answer- Cyber-replication
Que - RAM-Scraping is a special kind of malware that looks (scrape) for sensitive data in the hard drive.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - When you book online tickets by swiping your card, the details of the card gets stored in ______
a. database system
b. point-of-sale system
c. servers
d. hard drives
Answer- point-of-sale system
Que - Point-of-sale intrusion does not deal with financial details and credit card information.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- FALSE
Que - _______ are deadly exploits where the vulnerability is known and found by cyber-criminals but not known and fixed by the owner of that application or company.
a. Unknown attacks
b. Secret attacks
c. Elite exploits
d. Zero-day exploits
Answer- Zero-day exploits
Que - Zero-day exploits are also called __________
a. zero-day attacks
b. hidden attacks
c. un-patched attacks
d. un-fixed exploits
Answer- zero-day attacks
Que - There are ______ major types of ports in computers.
a. 1
b. 2
c. 3
d. 4
Answer- 2
Que - PS2 and DVI are examples of Logical ports.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- FALSE
Que - Physical ports are usually referred to as ___________
a. jacks
b. cables
c. interfaces
d. hardware plugs
Answer- interfaces
Que - ____________ are logical numbers assigned for logical connections.
a. Logical ports
b. Physical ports
c. Networking cables
d. IP address
Answer- Logical ports
Que - Number of logical ports ranges from _____ to _____
a. 0, 255
b. 1, 65535
c. 1, 65536
d. 0, 65536
Answer- 0, 65536
Que - Logical ports are also known as ________________
a. numbered ports
b. virtual numbering
c. virtual ports
d. network protocol ports
Answer- virtual ports
Que - Virtual ports help software in sharing without interference all hardware resources.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - ________ needs some control for data flow on each and every logical port.
a. Antivirus
b. Network firewall
c. Intrusion Detection Systems (IDS)
d. Anti-malware
Answer- Network firewall
Que - The logical port is associated with the type of protocol used along with the IP address of the host.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Which of the following is the port number for FTP data?
a. 20
b. 21
c. 22
d. 23
Answer- 20
Que - Which of the following is the port number for FTP control?
a. 20
b. 21
c. 22
d. 23
Answer- 21
Que - Which of the following is the port number for SSH (Secure Shell)?
a. 20
b. 21
c. 22
d. 23
Answer- 22
Que - Which of the following is the port number for Telnet?
a. 20
b. 21
c. 22
d. 23
Answer- 23
Que - Which of the following is the port number for SMTP service?
a. 29
b. 27
c. 25
d. 23
Answer- 25
Que - Which of the following are the port numbers for IPSec service?
a. 50, 51
b. 49, 50
c. 51, 52
d. 23, 24
Answer- 50, 51
Que - Which of the following are the port numbers for DHCP?
a. 66, 67
b. 67, 68
c. 65, 66
d. 68, 69
Answer- 65, 66
Que - Which of the following is the port number for TFTP service?
a. 69
b. 70
c. 71
d. 72
Answer- 69
Que - Port 80 handles unencrypted web traffic.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Why it is important to know which service is using which port number?
a. For database security
b. For reporting data security to the auditor
c. For understanding which data is going through secured traffic and which is not
d. For checking unused data traffic
Answer- For understanding which data is going through secured traffic and which is not
Que - Which of the following is the port number for SFTP service?
a. 21
b. 22
c. 23
d. 69
Answer- 22
Que - Which of the following is the port number for HTTP?
a. 79
b. 80
c. 81
d. 82
Answer- 80
Que - TACACS+ uses TCP port 49.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Which of the following is the port number for Kerberos?
a. 87
b. 88
c. 89
d. 86
Answer- 88
Que - Which of the following is the port number for POP3?
a. 110
b. 111
c. 112
d. 113
Answer- 110
Que - Which of the following is the port number for SNMP?
a. 160
b. 161
c. 162
d. 163
Answer- 161
Que - Which of the following is the port number for SNMP - Trap?
a. 160
b. 161
c. 162
d. 163
Answer- 162
Que - Firewalls can be of _______ kinds.
a. 1
b. 2
c. 3
d. 4
Answer- 3
Que - _________________ is the kind of firewall is connected between the device and the network connecting to internet.
a. Hardware Firewall
b. Software Firewall
c. Stateful Inspection Firewall
d. Microsoft Firewall
Answer- Hardware Firewall
Que - _________ is software that is installed using internet connection or they come by-default with operating systems.
a. Hardware Firewall
b. Software Firewall
c. Stateful Inspection Firewall
d. Microsoft Firewall
Answer- Software Firewall
Que - Which of the following is not a software firewall?
a. Windows Firewall
b. Outpost Firewall Pro
c. Endian Firewall
d. Linksys Firewall
Answer- Linksys Firewall
Que - Firewall examines each ____________ that are entering or leaving the internal network.
a. emails users
b. updates
c. connections
d. data packets
Answer- data packets
Que - A firewall protects which of the following attacks?
a. Phishing
b. Dumpster diving
c. Denial of Service (DoS)
d. Shoulder surfing
Answer- Denial of Service (DoS)
Que - There are ______ types of firewall.
a. 5
b. 4
c. 3
d. 2
Answer- 4
Que - Packet filtering firewalls are deployed on ________
a. routers
b. switches
c. hubs
d. repeaters
Answer- routers
Que - In the ______________ layer of OSI model, packet filtering firewalls are implemented.
a. Application layer
b. Session layer
c. Presentation layer
d. Network layer
Answer- Network layer
Que - The __________ defines the packet filtering firewall rules.
a. Access Control List
b. Protocols
c. Policies
d. Ports
Answer- Access Control List
Que - ACL stands for _____________
a. Access Condition List
b. Anti-Control List
c. Access Control Logs
d. Access Control List
Answer- Access Control List
Que - When a packet does not fulfil the ACL criteria, the packet is _________
a. resend
b. dropped
c. destroyed
d. acknowledged as received
Answer- dropped
Que - Network administrators can create their own ACL rules based on _______ ________ and _______
a. Address, Protocols and Packet attributes
b. Address, Protocols and security policies
c. Address, policies and Packet attributes
d. Network topology, Protocols and data packets
Answer- Address, Protocols and Packet attributes
Que - One advantage of Packet Filtering firewall is __________
a. more efficient
b. less complex
c. less costly
d. very fast
Answer- less costly
Que - Packet filtering firewalls work effectively in _________ networks.
a. very simple
b. smaller
c. large
d. very large complex
Answer- smaller
Que - Packet filtering firewalls are vulnerable to __________
a. hardware vulnerabilities
b. MiTM
c. phishing
d. spoofing
Answer- spoofing
Que - Circuit-level gateway firewalls are installed in _______ layer of OSI model.
a. Application layer
b. Session layer
c. Presentation layer
d. Network layer
Answer- Session layer
Que - Which of these comes under the advantage of Circuit-level gateway firewalls?
a. They maintain anonymity and also inexpensive
b. They are light-weight
c. They're expensive yet efficient
d. They preserve IP address privacy yet expensive
Answer- They maintain anonymity and also inexpensive
Que - Which of the following is a disadvantage of Circuit-level gateway firewalls?
a. They're expensive
b. They're complex in architecture
c. They do not filter individual packets
d. They're complex to setup
Answer- They do not filter individual packets
Que - _____________ gateway firewalls are deployed in application-layer of OSI model.
a. Packet Filtering Firewalls
b. Circuit Level Gateway Firewalls
c. Application-level Gateway Firewalls
d. Stateful Multilayer Inspection Firewalls
Answer- Application-level Gateway Firewalls
Que - Application level gateway firewalls protect the network for specific _____________
a. application layer protocol
b. session layer protocol
c. botnet attacks
d. network layer protocol
Answer- application layer protocol
Que - Application level gateway firewalls are also used for configuring cache-servers.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - ___________ firewalls are a combination of other three types of firewalls.
a. Packet Filtering
b. Circuit Level Gateway
c. Application-level Gateway
d. Stateful Multilayer Inspection
Answer- Stateful Multilayer Inspection
Que - Stateful Multilayer Inspection firewall cannot perform which of the following?
a. Filter network layer packets
b. Check for legitimate session
c. Scans for illicit data packets at the presentation layer
d. Evaluate packets at application lager
Answer- Scans for illicit data packets at the presentation layer
Que - We can also implement ____________ in Stateful Multilayer Inspection firewall.
a. external programs
b. algorithms
c. policies
d. algorithms and external programs
Answer- algorithms
Que - One advantage of Stateful Multilayer Inspection firewall is __________
a. costlier but easy to understand
b. large to manage
c. complex internal architecture
d. large to manage but efficient
Answer- complex internal architecture
Que - Packet filtering firewalls are also called ____________
a. first generation firewalls
b. second generation firewalls
c. third generation firewalls
d. fourth generation firewalls
Answer- first generation firewalls
Que - Stateful Multilayer firewalls are also called ____________
a. first generation firewalls
b. second generation firewalls
c. third generation firewalls
d. fourth generation firewalls
Answer- second generation firewalls
Que - Application layer firewalls are also called ____________
a. first generation firewalls
b. second generation firewalls
c. third generation firewalls
d. fourth generation firewalls
Answer- third generation firewalls
Que - VPN is abbreviated as __________
a. Visual Private Network
b. Virtual Protocol Network
c. Virtual Private Network
d. Virtual Protocol Networking
Answer- Virtual Private Network
Que - __________ provides an isolated tunnel across a public network for sending and receiving data privately, as if the computing devices were directly connected to the private network.
a. Visual Private Network
b. Virtual Protocol Network
c. Virtual Protocol Networking
d. Virtual Private Network
Answer- Virtual Private Network
Que - Which of the statements are not true to classify VPN systems?
a. Protocols used for tunnelling the traffic
b. Whether VPNs are providing site-to-site or remote access connection
c. Securing the network from bots and malwares
d. Levels of security provided for sending and receiving data privately
Answer- Securing the network from bots and malwares
Que - What types of protocols are used in VPNs?
a. Application level protocols
b. Tunnelling protocols
c. Network protocols
d. Mailing protocols
Answer- Application level protocols
Que - VPNs uses encryption techniques to maintain security and privacy which communicating remotely via public network.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - There are _________ types of VPNs.
a. 3
b. 2
c. 5
d. 4
Answer- 2
Que - Site-to-site VPNs are also known as ________
a. Switch-to-switch VPNs
b. Peer-to-Peer VPNs
c. Point-to-point VPNs
d. Router-to-router VPNs
Answer- Router-to-router VPNs
Que - _________ type of VPNs are used for home private and secure connectivity.
a. Remote access VPNs
b. Site-to-site VPNs
c. Peer-to-Peer VPNs
d. Router-to-router VPNs
Answer- Remote access VPNs
Que - Which types of VPNs are used for corporate connectivity across companies residing in different geographical location?
a. Remote access VPNs
b. Site-to-site VPNs
c. Peer-to-Peer VPNs
d. Country-to-country VPNs
Answer- Site-to-site VPNs
Que - Site-to-Site VPN architecture is also known as _________
a. Remote connection based VPNs
b. Peer-to-Peer VPNs
c. Extranet based VPN
d. Country-to-country VPNs
Answer- Extranet based VPN
Que - There are ________ types of VPN protocols.
a. 3
b. 4
c. 5
d. 6
Answer- 6
Que - For secure connection, Remote access VPNs rely on ___________ and ____________
a. IPSec, SSL
b. L2TP, SSL
c. IPSec, SSH
d. SSH, SSL
Answer- IPSec, SSL
Que - A ______ can hide a user's browsing activity.
a. Firewall
b. Antivirus
c. Incognito mode
d. VPN
Answer- VPN
Que - __________ masks your IP address.
a. Firewall
b. Antivirus
c. VPN
d. Incognito mode
Answer- VPN
Que - _________ are also used for hides user's physical location.
a. Firewall
b. Antivirus
c. Incognito mode
d. VPN
Answer- VPN
Que - Using VPN, we can access _______________
a. Access sites that are blocked geographically
b. Compromise other's system remotely
c. Hide our personal data in the cloud
d. Encrypts our local drive files while transferring
Answer- Access sites that are blocked geographically
Que - _________ is one of the most secured Linux OS that provides anonymity and incognito option for securing its user data.
a. Fedora
b. Tails
c. Ubuntu
d. OpenSUSE
Answer- Tails
Que - Which of the following OS does not comes under a secured Linux OS list?
a. Qubes OS
b. Tails
c. Tin Hat
d. Ubuntu
Answer- Ubuntu
Que - ____________ is a Debian-Linux based OS that has 2 VMs (Virtual Machines) that help in preserving users' data private.
a. Fedora
b. Ubuntu
c. Whonix
d. Kubuntu
Answer- Whonix
Que - Subgraph OS is a Debian based Linux distro which provides hardcore anonymity and is approved by Edward Snowden.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Which of the following comes under secured Linux based OS?
a. Ubuntu
b. Fedora
c. Kubuntu
d. Tails
Answer- Tails
Que - Using the ______ account of a UNIX system, one can carry out administrative functions.
a. root
b. administrative
c. user
d. client
Answer- root
Que - In your Linux-based system, you have to log-in with your root account for managing any feature of your system.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- FALSE
Que - In a Linux-based system, the accounts may be members of 1 or more than one group.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - MAC is abbreviated as _______________
a. Machine Access Control
b. Mandatory Accounts Control
c. Mandatory Access Controlling
d. Mandatory Access Control
Answer- Mandatory Access Control
Que - _______________ in a system is given so that users can use dedicated parts of the system for which they've been given access to.
a. Machine Access Control
b. Mandatory Accounts Control
c. Mandatory Access Control
d. Mandatory Access Controlling
Answer- Mandatory Access Control
Que - DTE is abbreviated as ___________________
a. Domain and Type Enforcing
b. Domain and Type Enforcement
c. DNS and Type Enforcement
d. DNS and Type Enforcing
Answer- Domain and Type Enforcement
Que - RBAC is abbreviated as ______________
a. Rule-Based Accessing Control
b. Role-Based Access Control
c. Rule-Based Access Control
d. Role-Based Accessing Control
Answer- Role-Based Access Control
Que - A __________ is a sequential segment of the memory location that is allocated for containing some data such as a character string or an array of integers.
a. stack
b. queue
c. external storage
d. buffer
Answer- buffer
Que - In a _____________ attack, the extra data that holds some specific instructions in the memory for actions is projected by a cyber-criminal or penetration tester to crack the system.
a. Phishing
b. MiTM
c. Buffer-overflow
d. Clickjacking
Answer- Buffer-overflow
Que - How many types of buffer-overflow attack are there?
a. 4
b. 2
c. 5
d. 3
Answer- 2
Que - Let suppose a search box of an application can take at most 200 words, and you've inserted more than that and pressed the search button; the system crashes. Usually this is because of limited __________
a. buffer
b. external storage
c. processing power
d. local storage
Answer- buffer
Que - ______________ is a widespread app's coding mistake made by developers which could be exploited by an attacker for gaining access or malfunctioning your system.
a. Memory leakage
b. Buffer-overrun
c. Less processing power
d. Inefficient programming
Answer- Buffer-overrun
Que - Buffer-overflow is also known as ______________
a. buffer-overrun
b. buffer-leak
c. memory leakage
d. data overflow
Answer- buffer-overrun
Que - Buffer-overflow may remain as a bug in apps if __________ are not done fully.
a. boundary hacks
b. memory checks
c. boundary checks
d. buffer checks
Answer- boundary checks
Que - Applications developed by programming languages like ____ and ______ have this common buffer-overflow error.
a. C, Ruby
b. Python, Ruby
c. C, C++
d. Tcl, C
Answer- C, C++
Que - Why apps developed in languages like C, C++ is prone to Buffer-overflow?
a. No string boundary checks in predefined functions
b. No storage check in the external memory
c. No processing power check
d. No database check
Answer- No string boundary checks in predefined functions
Que - Old operating systems like _______ and NT-based systems have buffer-overflow attack a common vulnerability.
a. Windows 7
b. Chrome
c. IOS12
d. UNIX
Answer- UNIX
Que - Buffer-overflow attack can take place if a machine can execute a code that resides in the data/stack segment.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Among the two types ____________buffer-overflow is complex to execute and the least common attack that may take place.
a. memory-based
b. queue-based
c. stack-based
d. heap-based
Answer- heap-based
Que - _____________ buffer overflows, which are more common among attackers.
a. Memory-based
b.
Queue-based
c. Stack-based
d. Heap-based
Answer- Stack-based
Que - With the lack of boundary check, the program ends abnormally and leads to ___________ error.
a. logical
b. segmentation
c. compile-time
d. syntax
Answer- segmentation
Que - In an application that uses heap, the memory for data is allocated ____________
a. logical
b. dynamically
c. statically
d. at the beginning of the program
Answer- dynamically
Que - In an application that uses stack, the memory for data is allocated ____________
a. logical
b. dynamically
c. statically
d. at the end of the program
Answer- statically
Que - Malicious code can be pushed into the _________ during ______________ attack.
a. stack, buffer-overflow
b. queue, buffer-overflow
c. memory-card, buffer-overflow
d. external drive, buffer-overflow
Answer- stack, buffer-overflow
Que - Variables that gets created dynamically when a function (such as malloc()) is called is created in the form of _______ data-structure.
a. array
b. queue
c. stack
d. heap
Answer- heap
Que - How many primary ways are there for detecting buffer-overflow?
a. 6
b. 3
c. 2
d. 5
Answer- 2
Que - Testing for buffer-overflow in a system can be done manually and has two possible ways.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Attackers commonly target ____________ for fetching IP address of a target or victim user.
a. websites
b. web pages
c. ip tracker
d. emails
Answer- websites
Que - Developing a fake or less useful website and is meant to just fetch the IP address is very easily done by attackers.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - What common web scripting languages are used by attackers to fetch various details from its surfing users?
a. Tcl and C
b. C++ and HTML
c. HTML and Python
d. Perl and JavaScript
Answer- Perl and JavaScript
Que - ______________ is the first phase of ethical hacking.
a. DNS poisoning
b. Footprinting
c. ARP-poisoning
d. Enumeration
Answer- Enumeration
Que - Enumeration is done to gain information. Which of the following cannot be achieved using enumeration?
a. IP Tables
b. SNMP data, if not secured appropriately
c. Private chats
d. List of username and password policies
Answer- Private chats
Que - Enumeration does not depend on which of the following services?
a. DNS enumeration
b. SNMP enumeration
c. NTP enumeration
d. HTTPS enumeration
Answer- HTTPS enumeration
Que - __________ suite is used for NTP enumeration.
a. DNS
b. NTP
c. HTTP
d. SNMP
Answer- NTP
Que - enum4linux is used to enumerate _______________
a. Linux systems
b. Windows systems
c. Chrome systems
d. Mac systems
Answer- Linux systems
Que - ___________ is used that tries for guessing the usernames by using SMTP service.
a. smtp-user-enum
b. smtp-enum
c. snmp-enum
d. snmp-user-enum
Answer- smtp-user-enum
Que - To stop your system from getting enumerated, you have to disable all services.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Even our emails contain the IP address of the sender which helps in the enumeration. We can get this IP from ___________ from within the email.
a. forward' option
b. show original' option
c. Show full email'
d. View Original' option
Answer- show original' option
Que - __________________is a computing action used in which usernames & info about user-groups, shares as well as services of networked computers can be regained.
a. Hardware enumeration
b. System enumeration
c. Network enumeration
d. Cloud enumeration
Answer- Network enumeration
Que - Network enumeration is the finding of __________ or devices on a network.
a. hosts
b. servers
c. network connection
d. cloud storage
Answer- hosts
Que - A _______________ is a computer program implemented for recovering usernames & info on groups, shares as well as services of networked computers.
a. hardware enumerator
b. software enumerator
c. network enumerator
d. cloud enumerator
Answer- network enumerator
Que - Network enumerator is also known as ________________
a. hardware scanner
b. software enumerator
c. program enumerator
d. network scanner
Answer- network scanner
Que - An ethical hacker must need to have the skills of understanding the problem, networking knowledge and to know how the technology works.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - _________ persistence and up-to-date with the latest technological updates and their flaws are some of the major qualities; an ethical hacker must need to have.
a. Lack of understanding
b. Weak programming skills
c. High patience
d. Low perseverance
Answer- High patience
Que - ________________ enables a hacker to open a piece of program or application and re-build it with further features & capabilities.
a. Social engineering
b. Reverse engineering
c. Planting malware
d. Injecting code
Answer- Reverse engineering
Que - Which of the following do not comes under the intangible skills of hackers?
a. Creative thinking
b. Problem-solving capability
c. Persistence
d. Smart attacking potential
Answer- Smart attacking potential
Que - Why programming language is important for ethical hackers and security professionals?
a. Only to write malware
b. For solving problems and building tool and programs
c. To teach programming
d. To develop programs to harm others
Answer- For solving problems and building tool and programs
Que - Understanding of ___________ is also important for gaining access to a system through networks.
a. os
b. email-servers
c. networking
d. hardware
Answer- networking
Que - For hacking a database or accessing and manipulating data which of the following language the hacker must know?
a. SQL
b. HTML
c. Tcl
d. F
Answer- SQL
Que - Information Gathering about the system or the person or about organization or network is not important.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- FALSE
Que - ________________ is an ethical hacking technique used for determining what operating system (OS) is running on a remote computer.
a. Footprinting
b. Cyber-printing
c. OS fingerprinting
d. OS penetration testing
Answer- OS fingerprinting
Que - How many types of fingerprinting are there in ethical hacking?
a. 5
b. 4
c. 3
d. 2
Answer- 2
Que - _______________________ is gained if you send especially skilled packets to a target machine.
a. Active fingerprinting
b. Passive fingerprinting
c. OS fingerprinting
d. Network fingerprinting
Answer- Active fingerprinting
Que - _______________________ is based on sniffer traces from the remote system.
a. Active fingerprinting
b. Passive fingerprinting
c. OS fingerprinting
d. Network fingerprinting
Answer- Passive fingerprinting
Que - How many basic elements are there for OS fingerprinting?
a. 2
b. 3
c. 4
d. 5
Answer- 4
Que - Which of the following do not comes under the important element of OS fingerprinting?
a. TTL
b. TOS
c. DF bits
d. Firewall
Answer- Firewall
Que - By analyzing the factors like TTL, DF bits, Window Size and TOS of a packet, an ethical hacker may verify the operating system remotely.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - ______________ is a common tool used for doing OS fingerprinting.
a. Hping
b. Wireshark
c. Nmap
d. Nessus
Answer- Nmap
Que - To secure your system from such type of attack, you have to hide your system behind any VPN or proxy server.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - A _____________ is a network scanning practice through which hackers can use to conclude to a point which IP address from a list of IP addresses is mapping to live hosts.
a. ping-based hacking
b. ping sweep
c. ping-range
d. pinging
Answer- ping sweep
Que - Ping sweep is also known as ________________
a. ICMP sweep
b. SNMP sweep
c. SGNP sweep
d. SICMP sweep
Answer- ICMP sweep
Que - The _____________ command is used on Linux for getting the DNS and host-related information.
a. dnslookup
b. lookup
c. nslookup
d. infolookup
Answer- nslookup
Que - ___________________ is the method used to locate all the DNS-servers and their associated records for an organization.
a. DNS enumeration
b. DNS hacking
c. DNS cracking
d. DNS server hacking
Answer- DNS enumeration
Que - Which of the following operations DNSenum cannot perform?
a. Perform reverse lookups
b. Get the host's addresses
c. Get extra names and sub-domains through Google scraping
d. Get the admin password
Answer- Get the admin password
Que - The configuration of DNS needs to be done in a secure way.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - ________________ are piece of programs or scripts that allow hackers to take control over any system.
a. Exploits
b. Antivirus
c. Firewall by-passers
d. Worms
Answer- Exploits
Que - The process of finding vulnerabilities and exploiting them using exploitable scripts or programs are known as _____________
a. infiltrating
b. exploitation
c. cracking
d. hacking
Answer- exploitation
Que - Which of them is not a powerful vulnerability detecting tool?
a. Nessus
b. Nexpose
c. Metasploit
d. Nmap
Answer- Nmap
Que - __________ is the specific search engine for exploits where anyone can find all the exploits associated to vulnerability.
a. Google
b. Bing
c. Exploit-db
d. Exploit-engine
Answer- Exploit-db
Que - Which of the following are not a vulnerability-listed site/database?
a. Exploit-db
b. Common Vulnerabilities and Exposures (CVE)
c. National Vulnerability Database (NVD)
d. Bing Vulnerability database (BVD)
Answer- Bing Vulnerability database (BVD)
Que - There are __________ types of exploits based on their working.
a. two
b. three
c. four
d. Five
Answer- two
Que - How many types of exploits are there based on their nature from hacking's perspective?
a. 4
b. 3
c. 2
d. 5
Answer- 2
Que - Known exploits have a confirmation of and measures can be taken against it to resolve them.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Unknown exploits are those exploits that have not yet been reported openly and hence present a straightforward attack at firms and the government agencies.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - A ____________ is a set of changes done to any program or its associated data designed for updating, fixing, or improving it.
a. scratch
b. patch
c. fixer
d. resolver
Answer- patch
Que - Fixing of security vulnerabilities in a system by additional programs is known as __________ patches.
a. hacking
b. database
c. server
d. security
Answer- security
Que - Known bugs can be solved or removed by __________________ develop by the vendors of the application.
a. removing the application
b. changing the software
c. installing security patches
d. installing database patches
Answer- installing security patches
Que - ___________________ are some very frequent updates that come for every anti-virus.
a. Patch update
b. Data update
c. Code update
d. Definition update
Answer- Definition update
Que - National Vulnerability Database (NVD) is _________________ repository of data regarding vulnerability standards.
a. U.S. government
b. India government
c. Russian government
d. China Government
Answer- U.S. government
Que - CVE is a directory of lists of publicly recognized information security vulnerabilities as well as exposures.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Which of the following is not a type of cyber crime?
a. Data theft
b. Forgery
c. Damage to data and systems
d. Installing antivirus for protection
Answer- Installing antivirus for protection
Que - Cyber-laws are incorporated for punishing all criminals only.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- FALSE
Que - Cyber-crime can be categorized into ________ types.
a. 4
b. 3
c. 2
d. 6
Answer- 2
Que - Which of the following is not a type of peer-to-peer cyber-crime?
a. Phishing
b. Injecting Trojans to a target victim
c. MiTM
d. Credit card details leak in deep web
Answer- Credit card details leak in deep web
Que - Which of the following is not an example of a computer as weapon cyber-crime?
a. Credit card fraudulent
b. Spying someone using keylogger
c. IPR Violation
d. Pornography
Answer- Spying someone using keylogger
Que - Which of the following is not done by cyber criminals?
a. Unauthorized account access
b. Mass attack using Trojans as botnets
c. Email spoofing and spamming
d. Report vulnerability in any system
Answer- Report vulnerability in any system
Que - Accessing computer without prior authorization is a cyber-crimes that come under _______
a. Section 65
b. Section 66
c. Section 68
d. Section 70
Answer- Section 66
Que - Cracking digital identity of any individual or doing identity theft, comes under __________ of IT Act.
a. Section 65
b. Section 66
c. Section 68
d. Section 70
Answer- Section 66
Que - Accessing Wi-Fi dishonestly is a cyber-crime.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Download copy, extract data from an open system done fraudulently is treated as _________
a. cyber-warfare
b. cyber-security act
c. data-backup
d. cyber-crime
Answer- cyber-crime
Que - Which of the following attach is not used by LC4 to recover Windows password?
a. Brute-force attack
b. Dictionary attack
c. MiTM attack
d. Hybrid attacks
Answer- MiTM attack
Que - ____________is the world's most popular vulnerability scanner used in companies for checking vulnerabilities in the network.
a. Wireshark
b. Nessus
c. Snort
d. WebInspect
Answer- Nessus
Que - _____________ is a tool which can detect registry issues in an operating system.
a. Network Stumbler
b. Ettercap
c. Maltego
d. LANguard Network Security Scanner
Answer- LANguard Network Security Scanner
Que - Network Stumbler is a Windows Wi-Fi monitoring tool.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - ToneLoc is abbreviated as __________
a. Tone Locking
b. Tone Locator
c. Tone Locker
d. Tune Locator
Answer- Tone Locker
Que - __________ is a debugger and exploration tool.
a. Netdog
b. Netcat
c. Tcpdump
d. BackTrack
Answer- Netcat
Que - __________ is a popular command-line packet analyser.
a. Wireshark
b. Snort
c. Metasploit
d. Tcpdump
Answer- Tcpdump
Que - ________________ is a platform that essentially keeps the log of data from networks, devices as well as applications in a single location.
a. EventLog Analyser
b. NordVPN
c. Wireshark
d. PacketFilter Analyzer
Answer- EventLog Analyser
Que - ______________ is competent to restore corrupted Exchange Server Database files as well as recovering unapproachable mails in mailboxes.
a. Outlook
b. Nessus
c. Mailbox Exchange Recovery
d. Mail Exchange Recovery toolkit
Answer- Mailbox Exchange Recovery
Que - ________________ helps in protecting businesses against data breaches that may make threats to cloud.
a. Centrify
b. Mailbox Exchange Recovery
c. Nessus
d. Dashline
Answer- Centrify
Que - __________ is a popular corporate security tool that is used to detect the attack on email with cloud only services.
a. Cain and Abel
b. Proofpoint
c. Angry IP Scanner
d. Ettercap
Answer- Proofpoint
Que - _____________ helps in protecting corporate data, communications and other assets.
a. Snort
b. CipherCloud
c. Burp Suit
d. Wireshark
Answer- CipherCloud
Que - _________ framework made cracking of vulnerabilities easy like point and click.
a. .Net
b. Metasploit
c. Zeus
d. Ettercap
Answer- Metasploit
Que - Nmap is abbreviated as Network Mapper.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - __________ is a popular tool used for discovering networks as well as in security auditing.
a. Ettercap
b. Metasploit
c. Nmap
d. Burp Suit
Answer- Nmap
Que - Which of this Nmap do not check?
a. services different hosts are offering
b. on what OS they are running
c. what kind of firewall is in use
d. what type of antivirus is in use
Answer- what type of antivirus is in use
Que - Which of the following deals with network intrusion detection and real-time traffic analysis?
a. John the Ripper
b. L0phtCrack
c. Snort
d. Nessus
Answer- Snort
Que - Wireshark is a ____________ tool.
a. network protocol analysis
b. network connection security
c. connection analysis
d. defending malicious packet-filtering
Answer- network protocol analysis
Que - Which of the below-mentioned tool is used for Wi-Fi hacking?
a. Wireshark
b. Nessus
c. Aircrack-ng
d. Snort
Answer- Aircrack-ng
Que - Aircrack-ng is used for ____________
a. Firewall bypassing
b. Wi-Fi attacks
c. Packet filtering
d. System password cracking
Answer- Wi-Fi attacks
Que - _____________ is a popular IP address and port scanner.
a. Cain and Abel
b. Snort
c. Angry IP Scanner
d. Ettercap
Answer- Angry IP Scanner
Que - _______________ is a popular tool used for network analysis in multiprotocol diverse network.
a. Snort
b. SuperScan
c. Burp Suit
d. EtterPeak
Answer- EtterPeak
Que - ____________ scans TCP ports and resolves different hostnames.
a. SuperScan
b. Snort
c. Ettercap
d. QualysGuard
Answer- SuperScan
Que - ___________ is a web application assessment security tool.
a. LC4
b. WebInspect
c. Ettercap
d. QualysGuard
Answer- WebInspect
Que - Which of the following attack-based checks WebInspect cannot do?
a. cross-site scripting
b. directory traversal
c. parameter injection
d. injecting shell code
Answer- injecting shell code
Que - ________ is a password recovery and auditing tool.
a. LC3
b. LC4
c. Network Stumbler
d. Maltego
Answer- LC4
Que - L0phtCrack is formerly known as LC3.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- FALSE
Que - ___________ is a weakness that can be exploited by attackers.
a. System with Virus
b. System without firewall
c. System with vulnerabilities
d. System with strong password
Answer- System with vulnerabilities
Que - _________ is the sum of all the possible points in software or system where unauthorized users can enter as well as extract data from the system.
a. Attack vector
b. Attack surface
c. Attack point
d. Attack arena
Answer- Attack surface
Que - ____________ is the cyclic practice for identifying & classifying and then solving the vulnerabilities in a system.
a. Bug protection
b. Bug bounty
c. Vulnerability measurement
d. Vulnerability management
Answer- Vulnerability management
Que - Risk and vulnerabilities are the same things.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- FALSE
Que - _____________ is a special type of vulnerability that doesn't possess risk.
a. Vulnerabilities without risk
b. Vulnerabilities without attacker
c. Vulnerabilities without action
d. Vulnerabilities no one knows
Answer- Vulnerabilities without risk
Que - A/An __________ is a piece of software or a segment of command that usually take advantage of a bug to cause unintended actions and behaviors.
a. malware
b. trojan
c. worms
d. exploit
Answer- exploit
Que - There are ________ types of exploit.
a. 3
b. 2
c. 5
d. 4
Answer- 2
Que - Remote exploits is that type of exploits acts over any network to exploit on security vulnerability.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - ________ type of exploit requires accessing to any vulnerable system for enhancing privilege for an attacker to run the exploit.
a. Local exploits
b. Remote exploits
c. System exploits
d. Network exploits
Answer- Local exploits
Que - ___________ is a technique used by penetration testers to compromise any system within a network for targeting other systems.
a. Exploiting
b. Cracking
c. Hacking
d. Pivoting
Answer- Pivoting
Que - A _________ is a software bug that attackers can take advantage to gain unauthorized access in a system.
a. System error
b. Bugged system
c. Security bug
d. System virus
Answer- Security bug
Que - Security bugs are also known as _______
a. security defect
b. security problems
c. system defect
d. software error
Answer- security defect
Que - __________ is the timeframe from when the loophole in security was introduced till the time when the bug was fixed.
a. Time-frame of vulnerability
b. Window of vulnerability
c. Time-lap of vulnerability
d. Entry-door of vulnerability
Answer- Window of vulnerability
Que - ISMS is abbreviated as __________
a. Information Server Management System
b. Information Security Management Software
c. Internet Server Management System
d. Information Security Management System
Answer- Information Security Management System
Que - A zero-day vulnerability is a type of vulnerability unknown to the creator or vendor of the system or software.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - What is the ethics behind training how to hack a system?
a. To think like hackers and know how to defend such attacks
b. To hack a system without the permission
c. To hack a network that is vulnerable
d. To corrupt software or service using malware
Answer- To think like hackers and know how to defend such attacks
Que - Performing a shoulder surfing in order to check other's password is ____________ ethical practice.
a. a good
b. not so good
c. very good social engineering practice
d. a bad
Answer- a bad
Que - ___________ has now evolved to be one of the most popular automated tools for unethical hacking.
a. Automated apps
b. Database software
c. Malware
d. Worms
Answer- Malware
Que - Leaking your company data to the outside network without prior permission of senior authority is a crime.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - _____________ is the technique used in business organizations and firms to protect IT assets.
a. Ethical hacking
b. Unethical hacking
c. Fixing bugs
d. Internal data-breach
Answer- Ethical hacking
Que - The legal risks of ethical hacking include lawsuits due to __________ of personal data.
a. stealing
b. disclosure
c. deleting
d. hacking
Answer- disclosure
Que - Before performing any penetration test, through legal procedure, which key points listed below is not mandatory?
a. Know the nature of the organization
b. Characteristics of work done in the firm
c. System and network
d. Type of broadband company used by the firm
Answer- Type of broadband company used by the firm
Que - An ethical hacker must ensure that proprietary information of the firm does not get leaked.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - After performing ____________ the ethical hacker should never disclose client information to other parties.
a. hacking
b. cracking
c. penetration testing
d. exploiting
Answer- penetration testing
Que - __________ is the branch of cyber security that deals with morality and provides different theories and a principle regarding the view-points about what is right and wrong.
a. Social ethics
b. Ethics in cyber-security
c. Corporate ethics
d. Ethics in black hat hacking
Answer- Ethics in black hat hacking
Que - ________ helps to classify arguments and situations, better understand a cyber-crime and helps to determine appropriate actions.
a. Cyber-ethics
b. Social ethics
c. Cyber-bullying
d. Corporate behaviour
Answer- Cyber-ethics
Que - A penetration tester must identify and keep in mind the ___________ & ___________ requirements of a firm while evaluating the security postures.
a. privacy and security
b. rules and regulations
c. hacking techniques
d. ethics to talk to seniors
Answer- privacy and security
Que - ___________ is an activity that takes place when cyber-criminals infiltrates any data source and takes away or alters sensitive information.
a. Data-hack
b. Data-stealing
c. Database altering
d. Data breach
Answer- Data breach
Que - Which of these is not a step followed by cyber-criminals in data breaching?
a. Research and info-gathering
b. Attack the system
c. Fixing the bugs
d. Exfiltration
Answer- Fixing the bugs
Que - What types of data are stolen by cyber-criminals in most of the cases?
a. Data that will pay once sold
b. Data that has no value
c. Data like username and passwords only
d. Data that is old
Answer- Data that will pay once sold
Que - Which of the companies and organizations do not become the major targets of attackers for data stealing?
a. Business firms
b. Medical and Healthcare
c. Government and secret agencies
d. NGOs
Answer- NGOs
Que - ___________ will give you an USB which will contain ___________ that will take control of your system in the background.
a. Attackers, Trojans
b. White hat hackers, antivirus
c. White hat hackers, Trojans
d. Attackers, antivirus
Answer- Attackers, Trojans
Que - An attacker, who is an employee of your firm may ___________ to know your system password.
a. do peeping
b. perform network jamming
c. do shoulder surfing
d. steal your laptop
Answer- do shoulder surfing
Que - You may throw some confidential file in a dustbin which contains some of your personal data. Hackers can take your data from that thrown-away file also, using the technique _________
a. Dumpster diving
b. Shoulder surfing
c. Phishing
d. Spamming
Answer- Dumpster diving
Que - ATM Skimmers are used to take your confidential data from your ATM cards.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - _____________ will encrypt all your system files and will ask you to pay a ransom in order to decrypt all the files and unlock the system.
a. Scareware
b. Ransomware
c. Adware
d. Spyware
Answer- Ransomware
Que - ______________ are special malware programs written by elite hackers and black hat hackers to spy your mobile phones and systems.
a. Scareware
b. Ransomware
c. Adware
d. Spyware
Answer- Spyware
Que - The antivirus or PC defender software in a system helps in detecting virus and Trojans.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Clicking a link which is there in your email which came from an unknown source can redirect you to ____________ that automatically installs malware in your system.
a. that vendor's site
b. security solution site
c. malicious site
d. software downloading site
Answer- malicious site
Que - An attacker may use automatic brute forcing tool to compromise your ____________
a. username
b. employee ID
c. system / PC name
d. password
Answer- password
Que - The attacker will use different bots (zombie PCs) to ping your system and the name of the attack is _________________
a. Distributed Denial-of-Service (DDoS)
b. Permanent Denial-of-Service (PDoS)
c. Denial-of-Service (DoS)
d. Controlled Denial-of-Service (CDoS)
Answer- Distributed Denial-of-Service (DDoS)
Que - Illicit hackers may enter your personal area or room or cabin to steal your laptop, pen drive, documents or other components to make their hands dirty on your confidential information.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - _____________ is a malicious method used by cyber-criminals to trick a user into clicking on something different from what the user wants.
a. Click-hacking
b. Click-fraud
c. Clickjacking
d. Using torrent links
Answer- Clickjacking
Que - Through the clickjacking attack, the employee's confidential ______________ may get leaked or stolen.
a. information
b. papers
c. hardcopy files
d. media files
Answer- information
Que - Which of the following is not a proper aspect of user integration?
a. Employee's authentication
b. Physical authorization
c. Access control
d. Representing users in the database
Answer- Physical authorization
Que - It is very important to block unknown, strange and ______________ within the corporate network.
a. infected sites
b. programs
c. unwanted files
d. important folders
Answer- infected sites
Que - Every employee of the firm must need to have some basic knowledge of cyber-security and types of hacking and how they are done.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Use of _______________ can bring external files and worms and virus along with it to the internal systems.
a. smart-watch
b. pen drive
c. laptop
d. iPod
Answer- pen drive
Que - A ____________ takes over your system's browser settings and the attack will redirect the websites you visit some other websites of its preference.
a. MiTM
b. Browser hacking
c. Browser Hijacker
d. Cookie-stealing
Answer- Browser Hijacker
Que - ________________ has become a popular attack since last few years, and the attacker target board members, high-ranked officials and managing committee members of an organization.
a. Spyware
b. Ransomware
c. Adware
d. Shareware
Answer- Ransomware
Que - ________________ important and precious file is a solution to prevent your files from ransomware.
a. Deleting all
b. Keeping backup of
c. Not saving
d. Keeping in pen drive
Answer- Keeping backup of
Que - ___________ is the technique to obtain permission from a company for using, manufacturing & selling one or more products within a definite market area.
a. algorithm-licensing
b. code-licensing
c. item licensing
d. product licensing
Answer- product licensing
Que - Which of the following do not comes under security measures for cloud in firms?
a. Firewall
b. Antivirus
c. Load Balancer
d. Encryption
Answer- Antivirus
Que - It is important to limit ____________ to all data and information as well as limit the authority for installing software.
a. work-load
b. employee access
c. admin permission
d. installing unwanted apps
Answer- employee access
Que - One must isolate payment systems and payment processes from those computers that you think are used by ____________ or may contain ____________
a. strangers, keyloggers
b. strangers, antivirus
c. unknown, firewalls
d. unknown, antivirus
Answer- strangers, keyloggers
Que - If you're working in your company's system/laptop and suddenly a pop-up window arise asking you to update your security application, you must ignore it.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- FALSE
Que - The ____________ model is 7-layer architecture where each layer is having some specific functionality to perform.
a. TCP/IP
b. Cloud
c. OSI
d. OIS
Answer- OSI
Que - The full form of OSI is OSI model is ______________
a. Open Systems Interconnection
b. Open Software Interconnection
c. Open Systems Internet
d. Open Software Internet
Answer- Open Systems Interconnection
Que - Which of the following is not physical layer vulnerability?
a. Physical theft of data & hardware
b. Physical damage or destruction of data & hardware
c. Unauthorized network access
d. Keystroke & Other Input Logging
Answer- Unauthorized network access
Que - In __________________ layer, vulnerabilities are directly associated with physical access to networks and hardware.
a. physical
b. data-link
c. network
d. application
Answer- physical
Que - Loss of power and unauthorized change in the functional unit of hardware comes under problems and issues of the physical layer.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Which of the following is not a vulnerability of the data-link layer?
a. MAC Address Spoofing
b. VLAN circumvention
c. Switches may be forced for flooding traffic to all VLAN ports
d. Overloading of transport-layer mechanisms
Answer- Overloading of transport-layer mechanisms
Que - ____________ is data-link layer vulnerability where stations are forced to make direct communication with another station by evading logical controls.
a. VLAN attack
b. VLAN Circumvention
c. VLAN compromisation method
d. Data-link evading
Answer- VLAN Circumvention
Que - ________________may be forced for flooding traffic to all VLAN ports allowing interception of data through any device that is connected to a VLAN.
a. Switches
b. Routers
c. Hubs
d. Repeaters
Answer- Switches
Que - Which of the following is not a vulnerability of the network layer?
a. Route spoofing
b. Identity & Resource ID Vulnerability
c. IP Address Spoofing
d. Weak or non-existent authentication
Answer- Weak or non-existent authentication
Que - Which of the following is an example of physical layer vulnerability?
a. MAC Address Spoofing
b. Physical Theft of Data
c. Route spoofing
d. Weak or non-existent authentication
Answer- Physical Theft of Data
Que - Which of the following is an example of data-link layer vulnerability?
a. MAC Address Spoofing
b. Physical Theft of Data
c. Route spoofing
d. Weak or non-existent authentication
Answer- MAC Address Spoofing
Que - Which of the following is an example of network layer vulnerability?
a. MAC Address Spoofing
b. Physical Theft of Data
c. Route spoofing
d. Weak or non-existent authentication
Answer- Route spoofing
Que - Which of the following is an example of physical layer vulnerability?
a. MAC Address Spoofing
b. Route spoofing
c. Weak or non-existent authentication
d. Keystroke & Other Input Logging
Answer- Keystroke & Other Input Logging
Que - Which of the following is an example of data-link layer vulnerability?
a. Physical Theft of Data
b. VLAN circumvention
c. Route spoofing
d. Weak or non-existent authentication
Answer- VLAN circumvention
Que - Which of the following is not a transport layer vulnerability?
a. Mishandling of undefined, poorly defined
b. The Vulnerability that allows "fingerprinting" & other enumeration of host information
c. Overloading of transport-layer mechanisms
d. Unauthorized network access
Answer- Unauthorized network access
Que - Which of the following is not session layer vulnerability?
a. Mishandling of undefined, poorly defined
b. Spoofing and hijacking of data based on failed authentication attempts
c. Passing of session-credentials allowing intercept and unauthorized use
d. Weak or non-existent authentication mechanisms
Answer- Mishandling of undefined, poorly defined
Que - Failed sessions allow brute-force attacks on access credentials. This type of attacks are done in which layer of the OSI model?
a. Physical layer
b. Data-link Layer
c. Session layer
d. Presentation layer
Answer- Session layer
Que - Transmission mechanisms can be subject to spoofing & attacks based on skilled modified packets.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Which of the following is not an example of presentation layer issues?
a. Poor handling of unexpected input can lead to the execution of arbitrary instructions
b. Unintentional or ill-directed use of superficially supplied input
c. Cryptographic flaws in the system may get exploited to evade privacy
d. Weak or non-existent authentication mechanisms
Answer- Weak or non-existent authentication mechanisms
Que - Which of the following is not a vulnerability of the application layer?
a. Application design bugs may bypass security controls
b. Inadequate security controls force "all-or-nothing" approach
c. Logical bugs in programs may be by chance or on purpose be used for crashing programs
d. Overloading of transport-layer mechanisms
Answer- Overloading of transport-layer mechanisms
Que - Which of the following is an example of Transport layer vulnerability?
a. weak or non-existent mechanisms for authentication
b. overloading of transport-layer mechanisms
c. poor handling of unexpected input
d. highly complex application security controls
Answer- overloading of transport-layer mechanisms
Que - Which of the following is an example of session layer vulnerability?
a. weak or non-existent mechanisms for authentication
b. overloading of transport-layer mechanisms
c. poor handling of unexpected input
d. highly complex application security controls
Answer- weak or non-existent mechanisms for authentication
Que - Which of the following is an example of presentation layer vulnerability?
a. weak or non-existent mechanisms for authentication
b. overloading of transport-layer mechanisms
c. highly complex application security controls
d. poor handling of unexpected input
Answer- poor handling of unexpected input
Que - Which of the following is an example of application layer vulnerability?
a. Cryptographic flaws lead to the privacy issue
b. Very complex application security controls
c. MAC Address Spoofing
d. Weak or non-existent authentication
Answer- Very complex application security controls
Que - TCP/IP is extensively used model for the World Wide Web for providing network communications which are composed of 4 layers that work together.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - TCP/IP is composed of _______ number of layers.
a. 2
b. 3
c. 4
d. 5
Answer- 4
Que - Trusted TCP/IP commands have the same needs & go through the identical verification process. Which of them is not a TCP/IP command?
a. ftp
b. rexec
c. tcpexec
d. telnet
Answer- tcpexec
Que - Connection authentication is offered for ensuring that the remote host has the likely Internet Protocol (IP) ___________ & _________
a. address, name
b. address, location
c. network, name
d. network, location
Answer- address, name
Que - Application layer sends & receives data for particular applications using Hyper Text Transfer Protocol (HTTP), and Simple Mail Transfer Protocol (SMTP).
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - TLS vulnerability is also known as Return of Bleichenbacher's Oracle Threat
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - RoBOT is abbreviated as ___________
a. Return of Bleichenbacher's Oracle Team
b. Rise of Bleichenbacher's Oracle Threat
c. Return of Bleichenbacher's Operational Threat
d. Return of Bleichenbacher's Oracle Threat
Answer- Return of Bleichenbacher's Oracle Threat
Que - There are __________ different versions of IP popularly used.
a. 2
b. 3
c. 4
d. 5
Answer- 2
Que - ____________ is an attack where the attacker is able to guess together with the sequence number of an in progress communication session & the port number.
a. TCP Spoofing
b. TCP Blind Spoofing
c. IP Spoofing
d. IP Blind Spoofing
Answer- TCP Blind Spoofing
Que - ___________ is an attack technique where numerous SYN packets are spoofed with a bogus source address which is then sent to an inundated server.
a. SYN flooding attack
b. ACK flooding attack
c. SYN & ACK flooding attack
d. Packet flooding attack
Answer- SYN flooding attack
Que - Which of them is not an attack done in the network layer of the TCP/IP model?
a. MITM attack
b. DoS attack
c. Spoofing attack
d. Shoulder surfing
Answer- Shoulder surfing
Que - Which of them is not an appropriate method of router security?
a. Unused ports should be blocked
b. Unused interfaces and services should be disabled
c. Routing protocol needs to be programmed by security experts
d. Packet filtering needs to be enabled
Answer- Routing protocol needs to be programmed by security experts
Que - Which 2 protocols are used in the Transport layer of the TCP/IP model?
a. UDP and HTTP
b. TCP and UDP
c. HTTP and TCP
d. ICMP and HTTP
Answer- TCP and UDP
Que - Which of the protocol is not used in the network layer of the TCP/IP model?
a. ICMP
b. IP
c. IGMP
d. HTTP
Answer- HTTP
Que - ____________ protocol attack is done in the data-link layer.
a. HTTP
b. DNS
c. TCP/IP
d. POP
Answer- DNS
Que - _____________ is the illicit transmission of data from inside an organization or personal system to an external location or recipient.
a. Database hacking
b. Data leakage
c. Data cracking
d. Data revealing
Answer- Data leakage
Que - Data leakage threats do not usually occur from which of the following?
a. Web and email
b. Mobile data storage
c. USB drives and laptops
d. Television
Answer- Television
Que - Data leakage is popularly known as ___________
a. data theft
b. data crack
c. low and slow data theft
d. slow data theft
Answer- low and slow data theft
Que - There are __________ major types of data leakage.
a. 2
b. 3
c. 4
d. 5
Answer- 3
Que - Unauthorized data leakage doesn't essentially mean intended or malicious.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Unintentional data leakage can still result in the same penalties and reputational damage.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - When leakage of data is done purposely or because of the lack of employee's concern toward confidential data is called ___________ done by employees of an organization.
a. Ill-intentional data leakage
b. Malfunctioned in database
c. A malfunction in online data
d. ill-intension of an outsider
Answer- Ill-intentional data leakage
Que - Which of them is not an example of physical data leakage?
a. dumpster diving
b. shoulder surfing
c. printers and photocopiers
d. phishing
Answer- phishing
Que - ______________ is the unauthorized movement of data.
a. Data exfiltration
b. Data infiltration
c. Data cracking
d. Database hacking
Answer- Data exfiltration
Que - Which of them is an example of physical data leakage?
a. Dumpster diving
b. MiTM
c. DDoS
d. Phishing
Answer- Dumpster diving
Que - Which of them is not an example of data leakage done using electronic communication with malicious intent?
a. Phishing
b. Spoofed Email
c. Attacks using malware
d. Dumpster diving
Answer- Dumpster diving
Que - The three steps of data loss prevention are - Identify, Discover and______________
a. Classify
b. Clarify
c. Deletion
d. Detection
Answer- Classify
Que - Which of the following is not a step of data-loss prevention?
a. Identify
b. Manage
c. Classify
d. Discover
Answer- Manage
Que - Mapping of data-flow in an organization is very useful in understanding the risk better due to actual & potential data leakage.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Data leakage prevention is based on factors like access controls, persistent, encryption, alerting, tokenization, blocking dynamic data masking, etc.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Data leakage threats are done by internal agents. Which of them is not an example of an internal data leakage threat?
a. Data leak by 3rd Party apps
b. Data leak by partners
c. Data leak by employees
d. Data leak from stolen credentials from the desk
Answer- Data leak by 3rd Party apps
Que - _____________ focuses on the detection & prevention of sensitive data exfiltration and lost data.
a. Data loss prevention
b. Data loss measurement
c. Data stolen software
d. Data leak prevention
Answer- Data loss prevention
Que - ________________ is a component of the reconnaissance stage that is used to gather possible information for a target computer system or network.
a. Fingerprinting
b. 3D printing
c. Footprinting
d. Data printing
Answer- Footprinting
Que - How many types of footprinting are there?
a. 5
b. 4
c. 3
d. 2
Answer- 2
Que - ________________ is one of the 3 pre-attacking phase.
a. Fingerprinting
b. 3D printing
c. Footprinting
d. Data printing
Answer- Footprinting
Que - A/An ______________ spends 85% of his/her time in profiling an organization and rest amount in launching the attack.
a. security analyst
b. attacker
c. auditor
d. network engineer
Answer- attacker
Que - _______________ is necessary to methodically & systematically ensure all pieces of information related to target.
a. Fingerprinting
b. 3D printing
c. Footprinting
d. Data printing
Answer- Footprinting
Que - Which of the following is not a spot from where attackers seek information?
a. Domain name
b. IP address
c. System enumeration
d. Document files
Answer- Document files
Que - Which of them is not an information source over the internet for target attackers?
a. Whois
b. YouTube
c. Nslookup
d. Archive sites
Answer- YouTube
Que - Footprinting is used to collect information such as namespace, employee info, phone number and emails, job details.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Spywares can be used to steal _______________ from the attacker's browser.
a. browsing history
b. company details
c. plug-ins used
d. browser details
Answer- browsing history
Que - https://archive.org is a popular site where one can enter a domain name in its search box for finding out how the site was looking at a given date.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Information about people is available people search sites. Which of them is an example of people data searching site?
a. people.com
b. indivinfo.org
c. intelius.com
d. peopleinfo.org
Answer- intelius.com
Que - You can attain a series of IP addresses allotted to a particular company using __________ site.
a. https://www.ipdata.org/
b. https://www.arin.net/
c. https://www.ipip.com/
d. https://www.goipaddr.net/
Answer- https://www.arin.net/
Que - ARIN is abbreviated as _____________
a. American Registry for Internet Numbers
b. American Registry for IP Numbers
c. All Registry for Internet Numbers
d. American Registry for IP Numbering
Answer- American Registry for Internet Numbers
Que - Using spyware is an example of _________ type of information gathering.
a. active
b. passive
c. active & passive
d. non-passive
Answer- active
Que - Collecting freely available information over the internet is an example of ____________ type of information gathering.
a. active
b. passive
c. active & passive
d. non-passive
Answer- passive
Que - ____________ is the term used for gathering information about your competitors from online resources, researches, and newsgroups.
a. Competitive Intelligence gathering
b. Cognitive Intelligence gathering
c. Cyber Intelligence gathering
d. Competitors Info gathering
Answer- Competitive Intelligence gathering
Que - The ______________ intelligence gathering is non-interfering & subtle in nature.
a. cognitive
b. competitive
c. cyber
d. concrete
Answer- competitive
Que - In the world of data, where data is considered the oil and fuel of modern technology _____________ is both a product and a process.
a. Competitive Intelligence gathering
b. Cognitive Intelligence gathering
c. Cyber Intelligence gathering
d. Competitors Info gathering
Answer- Competitive Intelligence gathering
Que - Which of them is not a proper step in competitive intelligence data processing?
a. Data gathering
b. Data analysis
c. Information security
d. Network analysis
Answer- Network analysis
Que - Which one of the following is a proper step in competitive intelligence data processing?
a. Competitors' data compromising
b. Data hacking
c. Data analysis
d. Competitors' data stealing
Answer- Data analysis
Que - There are __________ types of cognitive hacking and information gathering which is based on the source type, from where data is fetched.
a. 6
b. 5
c. 4
d. 3
Answer- 3
Que - ______________ is important to grab a quick understanding and analyzing about your competitors or target user's need.
a. Competitive Intelligence gathering
b. Cognitive Intelligence gathering
c. Cyber Intelligence gathering
d. Competitors Info gathering
Answer- Competitive Intelligence gathering
Que - Which of them is not a reason for competitive information gathering?
a. Compare your product with competitors
b. Analyze the market position of yours with competitors
c. Fetching confidential plans about your competitors
d. Pull out a list of your competitive firms in the market
Answer- Fetching confidential plans about your competitors
Que - Competitive information gathering if done in the form of active attack using malware or by other illicit means can put your hired hacker or your company at stake.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Predict and analyze the tactics of competitors from data taken out from online data sources is a crime.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- FALSE
Que - https://www.bidigital.com/ci/ is a website which is used for _________________
a. Competitive Intelligence gathering
b. Cognitive Intelligence gathering
c. Cyber Intelligence gathering
d. Competitors Info gathering
Answer- Competitive Intelligence gathering
Que - Which of the following is a site used for Competitive Intelligence gathering?
a. https://www.bidigital.gov/
b. https://www.cig.com/ci/
c. https://www.coginfo.com/ci/
d. https://www.bidigital.com/ci/
Answer- https://www.bidigital.com/ci/
Que - Which of the following is not an example of a firm that provides info regarding competitive intelligence gathering?
a. Carratu International
b. CI Center
c. Microsoft CI
d. Marven Consulting Group
Answer- Microsoft CI
Que - Using _____________ for doing competitive information gathering is a crime.
a. Spyware
b. Antivirus
c. Anti-malware
d. Adware
Answer- Spyware
Que - Competitive Intelligence gathering is both a ___________ and a ____________
a. process, product
b. process, item
c. product & data to sell to 3rd party
d. data to sell to a 3rd party and a product
Answer- process, product
Que - There are _______ types of scanning.
a. 2
b. 3
c. 4
d. 5
Answer- 3
Que - Which of the following is not an objective of scanning?
a. Detection of the live system running on network
b. Discovering the IP address of the target system
c. Discovering the services running on target system
d. Detection of spyware in a system
Answer- Detection of spyware in a system
Que - For discovering the OS running on the target system, the scanning has a specific term. What is it?
a. Footprinting
b. 3D Printing
c. Fingerprinting
d. screen-printing
Answer- Fingerprinting
Que - Which of them is not a scanning methodology?
a. Check for live systems
b. Check for open ports
c. Identifying the malware in the system
d. Identifying of services
Answer- Identifying the malware in the system
Que - ICMP scanning is used to scan _______________
a. open systems
b. live systems
c. malfunctioned systems
d. broken systems
Answer- live systems
Que - In live system scanning, it is checked which hosts are up in the network by pinging the systems in the network.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Which of them do not comes under NETBIOS information?
a. Name of the system / PC
b. Workgroup name
c. MAC address
d. RAM space
Answer- RAM space
Que - A ______________ is a simple network scanning technique used for determining which range of IP address map to live hosts.
a. scan sweep
b. ping sweep
c. scan ping
d. host ping
Answer- ping sweep
Que - Ping sweep is also known as ________________
a. ICMP Sweep
b. ICMP Call
c. IGMP Sweep
d. ICMP pinging
Answer- ICMP Sweep
Que - If any given address is running live, it will return an ICMP ECHO reply.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - __________ scanning is done when a series of messages are sent by someone keeping in mind to break into a computer.
a. Network
b. Port
c. Vulnerability
d. System
Answer- Port
Que - ____________ scanning is a procedure to identify active hosts on your network.
a. Network
b. Port
c. Vulnerability
d. System
Answer- Network
Que - _____________ scanning is an automatic process for identifying vulnerabilities of the system within a network.
a. Network
b. Port
c. Vulnerability
d. System
Answer- Vulnerability
Que - Which of them is not a standard scanning type or terminology?
a. Network
b. Port
c. Vulnerability
d. System
Answer- System
Que - In port scanning, a port is always associated with the _____________ (typically of host system) & the type of ____________ employed for communication.
a. IP address, protocol
b. MAC address, protocol
c. IP address, IMEI number
d. MAC address, network model
Answer- IP address, protocol
Que - ________________ is a tool which uses traceroute-like techniques for analyzing IP packet responses.
a. Firewalk
b. Firesweep
c. PingSweeper
d. ICMPwalker
Answer- Firewalk
Que - In port scanning, a _________ is always associated with an IP address (usually of the host system) & the type of protocol (UDP or TCP) employed for communication.
a. address
b. port
c. system
d. network
Answer- port
Que - Firewalk tool employs a technique to determine the ___________ rules in place on the ___________ forwarding device.
a. filter, packet
b. filter, port
c. routing, packet
d. routing, port
Answer- filter, packet
Que - Firewalk works by sending ________ & ________ packets.
a. UDP, HTTP
b. TCP, HTTP
c. ICMP, TCP
d. UDP, TCP
Answer- UDP, TCP
Que - Using 3-way handshake, it is possible to check for open ports.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Which of them is not a standard flag used in TCP communication between client and server?
a. Synchronize
b. Acknowledgment
c. Finish
d. Start
Answer- Start
Que - How many standard flags are used in a TCP communication?
a. 4
b. 5
c. 6
d. 7
Answer- 6
Que - Which of the following is not a valid scanning method?
a. Xmas Tree scan
b. SYN Stealth scan
c. Null Scan
d. Cloud scan
Answer- Cloud scan
Que - ___________ is a command-line TCP/IP packet assembler and analyzer tool.
a. IGMP Ping
b. Hping2
c. Nmap
d. Maltego
Answer- Hping2
Que - Which of the following is not a feature of Hping2 tool?
a. Firewall testing
b. Port scanning
c. Network testing
d. Server malware scanning
Answer- Server malware scanning
Que - _________________is quite an esoteric process for preventing session creation through a particular port.
a. Port knocking
b. Port cracking
c. Port hacking
d. Port-jacking
Answer- Port knocking
Que - Which one of them is not a network scanner?
a. NMAP
b. Qualys
c. SoftPerfect
d. Netcat
Answer- Netcat
Que - Which of them is not a port scanning tool?
a. Netcat
b. Unicornscan
c. Maltego
d. Angry IP Scanner
Answer- Maltego
Que - Which of them is not a vulnerability scanning tool?
a. Nexpose
b. Nessus Professional
c. Snort
d. Nikto Web scanner
Answer- Snort
Que - There are _______ major ways of stealing email information.
a. 2
b. 3
c. 4
d. 5
Answer- 4
Que - Which of them is not a major way of stealing email information?
a. Stealing cookies
b. Reverse Engineering
c. Password Phishing
d. Social Engineering
Answer- Reverse Engineering
Que - ____________ is the method for keeping sensitive information in email communication & accounts secure against unofficial access, loss, or compromise.
a. Email security
b. Email hacking
c. Email protection
d. Email safeguarding
Answer- Email security
Que - _____________ is a famous technological medium for the spread of malware, facing problems of spam, & phishing attacks.
a. Cloud
b. Pen drive
c. Website
d. Email
Answer- Email
Que - Which of them is not a proper method for email security?
a. Use Strong password
b. Use email Encryption
c. Spam filters and malware scanners
d. Click on unknown links to explore
Answer- Click on unknown links to explore
Que - If a website uses a cookie, or a browser contains the cookie, then every time you visit that website, the browser transfers the cookie to that website.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - The stored cookie which contains all your personal data about that website can be stolen away by _____________ using _____________ or trojans.
a. attackers, malware
b. hackers, antivirus
c. penetration testers, malware
d. penetration testers, virus
Answer- attackers, malware
Que - If the data stored in the _____________ is not encrypted, then after cookie stealing, attackers can see information such as username and password stored by the cookie.
a. memory
b. quarantine
c. cookies
d. hard drive
Answer- cookies
Que - Which of the following is a non-technical type of intrusion or attack technique?
a. Reverse Engineering
b. Malware Analysis
c. Social Engineering
d. Malware Writing
Answer- Social Engineering
Que - Which of them is an example of grabbing email information?
a. Cookie stealing
b. Reverse engineering
c. Port scanning
d. Banner grabbing
Answer- Cookie stealing
Que - _____________ is the technique used for tricking users to disclose their username and passwords through fake pages.
a. Social Engineering
b. Phishing
c. Cookie Stealing
d. Banner Grabbing
Answer- Phishing
Que - Using email hacking illicit hackers can send & spread ___________ virus _____________ and spam emails.
a. trojans, redirected malicious URLs
b. antivirus, patches
c. cracked software, redirected malicious URLs
d. malware, security patches
Answer- trojans, redirected malicious URLs
Que - Unsolicited Bulk E-mails (UBI) are called __________
a. SMS
b. MMS
c. Spam emails
d. Malicious emails
Answer- Spam emails
Que - Fraudulent email messages are some fake email messages that seem legitimate which ask for your bank details and reply those emails with updated confidential information.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Which of the following is a micro-virus that can bring down the confidentiality of an email (specifically)?
a. Zeus
b. Stuxnet
c. Reaper Exploit
d. Friday the 13
Answer- Reaper Exploit
Que - Email users who use IE as their _________________ are vulnerable to Reaper Exploit.
a. Web engine
b. Rendering engine
c. Game engine
d. HTML engine
Answer- HTML engine
Que - _______________ needs to be turned off in order to prevent from this attack.
a. Email scripting
b. Email attachments
c. Email services
d. Third party email programs
Answer- Email scripting
Que - Which of the following is a tool to monitor outgoing traffic of target PC's email and intercept all the emails sent from it?
a. Wireshark
b. Advanced Stealth Email Redirector
c. MS Outlook
d. Cisco Jabber
Answer- Advanced Stealth Email Redirector
Que - Advanced SER is abbreviated as ___________
a. Advanced Stealth Electronic Redirector
b. Advanced Security Email Redirector
c. Advanced Stealth Email Redirector
d. Advanced Stealth Email Recorder
Answer- Advanced Stealth Email Redirector
Que - Which of the following will not help in preserving email security?
a. Create a strong password
b. Connect your email to a phone number
c. Use two-factor authentication for password verification and login
d. Click on unknown links and sites
Answer- Click on unknown links and sites
Que - Once the email is compromised, all other sites and services online associated with this email can be compromised.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - _____________ is an encryption program or add-ons which provides cryptographic privacy & authentication for email communication.
a. Powerful Good Privacy
b. Pretty Good Privacy
c. Pretty Good Encryption
d. Pretty Strong Encryption
Answer- Pretty Good Privacy
Que - PGP is abbreviated as _______________
a. Pretty Good Privacy
b. Powerful Good Privacy
c. Protocol Giving Privacy
d. Pretty Good Protocol
Answer- Pretty Good Privacy
Que - Which of them is not an example of business email security tool?
a. Microsoft Office Trust Center
b. Sendinc
c. Hushmail Business
d. Cisco Jabber
Answer- Cisco Jabber
Que - Which of them is not an example of business email security tool?
a. Enlocked
b. RPost Office
c. MS Outlook
d. Sendinc
Answer- MS Outlook
Que - ________________ is a free extension of browser that enables you in decrypting as well as encrypting emails.
a. Enlocked
b. MS Outlook
c. Cisco Jabber
d. Mailvelope
Answer- Mailvelope
Que - Which of the following is not an email related hacking tool?
a. Email Finder Pro
b. Sendinc
c. Mail PassView
d. Mail Password
Answer- Sendinc
Que - _______________ is targeted bulk email marketing software.
a. Email Spider Toolkit
b. Email Spider Easy
c. Email Crawler Easy
d. Email Spider Toolkit
Answer- Email Spider Easy
Que - ______________ is a tool that is integrated with top 90 search engines to grab quick search for email addresses and other details.
a. Email Spider Toolkit
b. Email Spider Easy
c. Email Crawler Easy
d. Email Spider Toolkit
Answer- Email Spider Easy
Que - MegaHackerZ helps crackers to crack email passwords.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Password cracking in system hacking is of ________ types.
a. 2
b. 3
c. 4
d. 5
Answer- 4
Que - There are ________ major types of passwords.
a. 4
b. 5
c. 6
d. 7
Answer- 7
Que - In _______________ attacks an attacker do not contact with authorizing party for stealing password.
a. passive online
b. active online
c. offline
d. non-electronic
Answer- passive online
Que - Which of the following is an example of passive online attack?
a. Phishing
b. Social Engineering
c. Spamming
d. Wire sniffing
Answer- Wire sniffing
Que - Which of the following is not an example of a passive online attack?
a. MiTM
b. Reply Attack
c. Phishing
d. Wire sniffing
Answer- Phishing
Que - Which of the following do not comes under hurdles of passive online attack for hackers?
a. Hard to perpetrate
b. Computationally complex
c. Time taking, so patience has to be there
d. Tools not available
Answer- Tools not available
Que - Which of the following case comes under victims' list of an active online attack?
a. Strong password based accounts
b. Unsecured HTTP users
c. Open authentication points
d. Logged in systems and services
Answer- Open authentication points
Que - In _______________ password grabbing attack the attacker directly tries different passwords 1-by-1 against victim's system/account.
a. passive online
b. active online
c. offline attack
d. non-electronic
Answer- active online
Que - Which of them is not a disadvantage of active online attack?
a. Takes a long time
b. Easily and automatically detected
c. Need high network bandwidth
d. Need the patience to crack
Answer- Easily and automatically detected
Que - _________________ can be alternatively termed as password guessing attack.
a. passive online
b. active online
c. offline attack
d. non-electronic
Answer- active online
Que - ________________ attacks are carried out from a location other than the real computer where the password reside or was used.
a. passive online
b. active online
c. offline password
d. non-electronic
Answer- offline password
Que - _______________ attacks always need physical access to the system that is having password file or the hacker needs to crack the system by other means.
a. online
b. offline
c. password
d. non-electronic
Answer- offline
Que - Which of the following is not an example of offline password attack?
a. Dictionary attack
b. Rainbow attacks
c. Brute force attack
d. Spamming attack
Answer- Spamming attack
Que - Passwords need to be kept encrypted to protect from such offline attacks.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Saving passwords in the browser is a good habit.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- FALSE
Que - Which of the following is not an advantage of dictionary attack?
a. Very fast
b. Time-saving
c. Easy to perform
d. Very tough and inefficient
Answer- Very tough and inefficient
Que - A _______________ is a process of breaking a password protected system or server by simply & automatically entering every word in a dictionary as a password.
a. Dictionary attack
b. Phishing attack
c. Social engineering attack
d. MiTM attack
Answer- Dictionary attack
Que - Which of the following comes under the advantage of dictionary attack?
a. Time-consuming
b. Moderate efficient
c. Very fast
d. Complex to carry-out
Answer- Very fast
Que - The hybrid attack is a combination of dictionary attack followed by inserting entropy & performs brute force.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Brute force attack is ______________
a. fast
b. inefficient
c. slow
d. complex to understand
Answer- slow
Que - A _____________ attack one of the simplest processes of gaining access to any password-protected system.
a. Clickjacking
b. Brute force
c. Eavesdropping
d. Waterhole
Answer- Brute force
Que - ____________ attack is a combination of Dictionary attack & brute force attack.
a. Syllable
b. Syllabi
c. Database
d. Phishing
Answer- Syllable
Que - Attackers can use the _______________ when he/she gets some information or hint regarding password he/she wants to crack.
a. Syllable attack
b. Rule-based attack
c. Offline attack
d. Hybrid attack
Answer- Rule-based attack
Que - _______________ are based on dictionary attack techniques.
a. Hybrid attacks
b. Network attacks
c. TCP attacks
d. Database attacks
Answer- Hybrid attacks
Que - _____________ are based on dictionary attack techniques where the dictionary attack is mixed with some numerals and special symbols.
a. Syllable attack
b. Rule-based attack
c. Offline attack
d. Hybrid attack
Answer- Hybrid attack
Que - Which of the following is not an example of non-technical attack techniques?
a. Shoulder surfing
b. Keyboard sniffing
c. Phishing
d. Social engineering
Answer- Phishing
Que - __________ passwords are next level of security.
a. BIOS
b. CMOS
c. SMOS
d. BOIS
Answer- BIOS
Que - BIOS is abbreviated as _______________
a. Basic Input Output Server
b. Basic Internet Output Systems
c. Basic Input Output System
d. Battery-based Input Output System
Answer- Basic Input Output System
Que - Most computers have BIOS which can be configured so that it can ask for a password once the system starts.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Find out, select & uninstall all ________________ programs from your computer.
a. useful
b. pre-installed
c. unwanted
d. utility
Answer- unwanted
Que - As a backup for securing your device, it is necessary to create a _____________
a. backup point
b. copy of files in separate drives
c. copy of files in the same drives
d. restore point
Answer- restore point
Que - The _______________ is a security app by Microsoft which is a built-in one into Windows OS that is designed to filter network data from your Windows system & block harmful communications or the programs which are initiating them.
a. Windows Security Essentials
b. Windows Firewall
c. Windows app blocker
d. Windows 10
Answer- Windows Firewall
Que - _____________ are essential because they frequently comprises of critical patches to security holes.
a. System software
b. Utility Software
c. Software executables
d. Software updates
Answer- Software updates
Que - The ______________ account and the __________ account have the same file privileges, but their working and functionalities have difference.
a. system, administrator
b. system, user
c. group, user
d. user, administrator
Answer- system, administrator
Que - ________________ is an anti-malware tool found in newer OS which is designed for protecting computers from viruses, spyware & other malware.
a. Norton Antivirus
b. Windows Defender
c. Anti-malware
d. Microsoft Security Essentials
Answer- Windows Defender
Que - ____________ is an application which now comes built-in Windows OS & it allows Windows users to encrypt all drive for security purpose.
a. MS Windows Defender
b. MSE
c. BitLocker
d. MS Office
Answer- BitLocker
Que - A __________ is a dedicatedly designed chip on an endpoint device which stores RSA encryption keys particular to the host system for the purpose of hardware authentication.
a. Trusted Platform Mode
b. Trusted Protocol Module
c. Trusted Privacy Module
d. Trusted Platform Module
Answer- Trusted Platform Module
Que - Which of the following is not an appropriate way of targeting a mobile phone for hacking?
a. Target mobile hardware vulnerabilities
b. Target apps' vulnerabilities
c. Setup Keyloggers and spyware in smart-phones
d. Snatch the phone
Answer- Snatch the phone
Que - Which of the following is not an OS for mobile?
a. Palm
b. Windows
c. Mango
d. Android
Answer- Mango
Que - Mobile Phone OS contains open APIs that may be _____________ attack.
a. useful for
b. vulnerable to
c. easy to
d. meant for
Answer- vulnerable to
Que - ____________ gets propagated through networks and technologies like SMS, Bluetooth, wireless medium, USBs and infrared to affect mobile phones.
a. Worms
b. Antivirus
c. Malware
d. Multimedia files
Answer- Malware
Que - ____________ is the protection of smart-phones, phablets, tablets, and other portable tech-devices, & the networks to which they connect to, from threats & bugs.
a. OS Security
b. Database security
c. Cloud security
d. Mobile security
Answer- Mobile security
Que - Mobile security is also known as ____________
a. OS Security
b. Wireless security
c. Cloud security
d. Database security
Answer- Wireless security
Que - DDoS in mobile systems wait for the owner of the _____________ to trigger the attack.
a. worms
b. virus
c. botnets
d. programs
Answer- botnets
Que - Hackers cannot do which of the following after compromising your phone?
a. Steal your information
b. Rob your e-money
c. Shoulder surfing
d. Spying
Answer- Shoulder surfing
Que - Hackers cannot do which of the following after compromising your phone?
a. Shoulder surfing
b. Accessing your voice mail
c. Steal your information
d. Use your app credentials
Answer- Shoulder surfing
Que - App permissions can cause trouble as some apps may secretly access your memory card or contact data.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Activate _____________ when you're required it to use, otherwise turn it off for security purpose.
a. Flash Light
b. App updates
c. Bluetooth
d. Rotation
Answer- Bluetooth
Que - Try not to keep ________________ passwords, especially fingerprint for your smart-phone, because it can lead to physical hacking if you're not aware or asleep.
a. Biometric
b. PIN-based
c. Alphanumeric
d. Short
Answer- Biometric
Que - Which of the following tool is used for Blackjacking?
a. BBAttacker
b. BBProxy
c. Blackburried
d. BBJacking
Answer- BBProxy
Que - BBProxy tool is used in which mobile OS?
a. Android
b. Symbian
c. Raspberry
d. Blackberry
Answer- Blackberry
Que - Which of the following is not a security issue for PDAs?
a. Password theft
b. Data theft
c. Reverse engineering
d. Wireless vulnerability
Answer- Reverse engineering
Que - ____________________ is the anticipation of unauthorized access or break to computers or data by means of wireless networks.
a. Wireless access
b. Wireless security
c. Wired Security
d. Wired device apps
Answer- Wireless security
Que - Which among them has the strongest wireless security?
a. WEP
b. WPA
c. WPA2
d. WPA3
Answer- WPA3
Que - Which among the following is the least strong security encryption standard?
a. WEP
b. WPA
c. WPA2
d. WPA3
Answer- WEP
Que - _________ is an old IEEE 802.11 standard from the year 1999.
a. WPA2
b. WPA3
c. WEP
d. WPA
Answer- WEP
Que - _______________ is the central node of 802.11 wireless operations.
a. WPA
b. Access Point
c. WAP
d. Access Port
Answer- Access Point
Que - AP is abbreviated as _____________
a. Access Point
b. Access Port
c. Access Position
d. Accessing Port
Answer- Access Point
Que - ___________________ is alike as that of Access Point (AP) from 802.11, & the mobile operators uses it for offering signal coverage.
a. Base Signal Station
b. Base Transmitter Station
c. Base Transceiver Station
d. Transceiver Station
Answer- Base Transceiver Station
Que - BTS stands for ___________________
a. Basement Transceiver Server
b. Base Transmitter Station
c. Base Transceiver Server
d. Base Transceiver Station
Answer- Base Transceiver Station
Que - There are __________ types of wireless authentication modes.
a. 2
b. 3
c. 4
d. 5
Answer- 2
Que - When a wireless user authenticates to any AP, both of them go in the course of four-step authentication progression which is called _____________
a. AP-handshaking
b. 4-way handshake
c. 4-way connection
d. wireless handshaking
Answer- 4-way handshake
Que - WPS stands for __________________
a. WiFi Protected System
b. WiFi Protected Setup
c. WiFi Protocol Setup
d. Wireless Protected Setup
Answer- WiFi Protected Setup
Que - It is recommended to use WPA2 or WPA3 encryption standard as they are strong and more secure.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - ___________ is a process of wireless traffic analysis that may be helpful for forensic investigations or during troubleshooting any wireless issue.
a. Wireless Traffic Sniffing
b. WiFi Traffic Sniffing
c. Wireless Traffic Checking
d. Wireless Transmission Sniffing
Answer- Wireless Traffic Sniffing
Que - Which of the following is a Wireless traffic Sniffing tool?
a. Maltego
b. BurpSuit
c. Nessus
d. Wireshark
Answer- Wireshark
Que - ___________________ began to show up few years back on wireless access points as a new way of adding or connecting new devices.
a. WPA2
b. WPA
c. WPS
d. WEP
Answer- WPS
Que - There are _________ types of computer virus.
a. 5
b. 7
c. 10
d. 12
Answer- 10
Que - Which of the following is not a type of virus?
a. Boot sector
b. Polymorphic
c. Multipartite
d. Trojans
Answer- Trojans
Que - A computer ________ is a malicious code which self-replicates by copying itself to other programs.
a. program
b. virus
c. application
d. worm
Answer- virus
Que - Which of them is not an ideal way of spreading the virus?
a. Infected website
b. Emails
c. Official Antivirus CDs
d. USBs
Answer- Official Antivirus CDs
Que - In which year Apple II virus came into existence?
a. 1979
b. 1980
c. 1981
d. 1982
Answer- 1981
Que - In mid-1981, the 1st virus for Apple computers with the name _________ came into existence.
a. Apple I
b. Apple II
c. Apple III
d. Apple Virus
Answer- Apple II
Que - The virus hides itself from getting detected by ______ different ways.
a. 2
b. 3
c. 4
d. 5
Answer- 3
Que - _______________ infects the master boot record and it is challenging and a complex task to remove this virus.
a. Boot Sector Virus
b. Polymorphic
c. Multipartite
d. Trojans
Answer- Boot Sector Virus
Que - ________________ gets installed & stays hidden in your computer's memory. It stays involved to the specific type of files which it infects.
a. Boot Sector Virus
b. Direct Action Virus
c. Polymorphic Virus
d. Multipartite Virus
Answer- Direct Action Virus
Que - Direct Action Virus is also known as ___________
a. Non-resident virus
b. Boot Sector Virus
c. Polymorphic Virus
d. Multipartite Virus
Answer- Non-resident virus
Que - ______________ infects the executables as well as the boot sectors.
a. Non-resident virus
b. Boot Sector Virus
c. Polymorphic Virus
d. Multipartite Virus
Answer- Multipartite Virus
Que - ______________ are difficult to identify as they keep on changing their type and signature.
a. Non-resident virus
b. Boot Sector Virus
c. Polymorphic Virus
d. Multipartite Virus
Answer- Polymorphic Virus
Que - ____________ deletes all the files that it infects.
a. Non-resident virus
b. Overwrite Virus
c. Polymorphic Virus
d. Multipartite Virus
Answer- Overwrite Virus
Que - _____________ is also known as cavity virus.
a. Non-resident virus
b. Overwrite Virus
c. Polymorphic Virus
d. Space-filler Virus
Answer- Space-filler Virus
Que - Which of the below-mentioned reasons do not satisfy the reason why people create a computer virus?
a. Research purpose
b. Pranks
c. Identity theft
d. Protection
Answer- Protection
Que - A ___________ is a small malicious program that runs hidden on infected system.
a. Virus
b. Trojan
c. Shareware
d. Adware
Answer- Trojan
Que - ____________ works in background and steals sensitive data.
a. Virus
b. Shareware
c. Trojan
d. Adware
Answer- Trojan
Que - By gaining access to the Trojaned system the attacker can stage different types of attack using that ____________ program running in the background.
a. Trojan
b. Virus
c. Antivirus
d. Anti-malware
Answer- Trojan
Que - Trojan creators do not look for _______________
a. Credit card information
b. Confidential data
c. Important documents
d. Securing systems with such programs
Answer- Securing systems with such programs
Que - Which of them is not a proper way of getting into the system?
a. IM
b. Attachments
c. Official product sites
d. Un-trusted sites, freeware and pirated software
Answer- Official product sites
Que - Which of the following port is not used by Trojans?
a. UDP
b. TCP
c. SMTP
d. MP
Answer- MP
Que - Trojans do not do one of the following. What is that?
a. Deleting Data
b. Protecting Data
c. Modifying Data
d. Copying Data
Answer- Protecting Data
Que - Some Trojans carry ransomware with them to encrypt the data and ask for ransom.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Once activated, ___________ can enable ____________to spy on the victim, steal their sensitive information & gain backdoor access to the system.
a. virus, cyber-criminals
b. malware, penetration testers
c. trojans, cyber-criminals
d. virus, penetration testers
Answer- trojans, cyber-criminals
Que - Trojans can not ______________
a. steal data
b. self-replicate
c. steal financial information
d. steal login credentials
Answer- self-replicate
Que - A _______________ provides malicious users remote control over the targeted computer.
a. DDoS-Trojan
b. Backdoor Trojan
c. Trojan-Banker
d. Trojan-Downloader
Answer- Backdoor Trojan
Que - _______________ programs are specially designed for stealing your account data for online banking systems, e-payment services & credit/debit cards.
a. DDoS-Trojan
b. Backdoor Trojan
c. Trojan-Banker
d. Trojan-Downloader
Answer- Trojan-Banker
Que - ______________ perform automated DoS (Denial of Service) attacks on a targeted web address.
a. DDoS-Trojan
b. Backdoor Trojan
c. Trojan-Banker
d. Trojan-Downloader
Answer- DDoS-Trojan
Que - Trojan-Downloader is a special type of trojans which can download & install new versions of malicious programs.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - ____________ work in background & keeps on downloading other malicious programs when the system is online.
a. DDoS-Trojan
b. Backdoor Trojan
c. Trojan-Banker
d. Trojan-Downloader
Answer- Trojan-Downloader
Que - Which of the below-mentioned reasons do not satisfy the reason why people create a computer virus?
a. Research purpose
b. Pranks
c. Identity theft
d. Protection
Answer- Protection
Que - A/an ___________ is a program that steals your logins & passwords for instant messaging applications.
a. IM - Trojans
b. Backdoor Trojans
c. Trojan-Downloader
d. Ransom Trojan
Answer- IM - Trojans
Que - _____________ can modify data on your system - so that your system doesn't run correctly or you can no longer access specific data, or it may even ask for ransom in order to give your access.
a. IM - Trojans
b. Backdoor Trojans
c. Trojan-Downloader
d. Ransom Trojan
Answer- Ransom Trojan
Que - The ______________ can cost you money, by sending text messages from your mobile phone numbers.
a. IM - Trojans
b. Backdoor Trojans
c. SMS Trojan
d. Ransom Trojan
Answer- SMS Trojan
Que - Trojan-Spy programs can keep an eye on how you are using your system.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - A ___________ is a method in which a computer security mechanism is bypassed untraceable for accessing the computer or its information.
a. front-door
b. backdoor
c. clickjacking
d. key-logging
Answer- backdoor
Que - A _________________ may be a hidden part of a program, a separate infected program a Trojan in disguise of an executable or code in the firmware of any system's hardware.
a. crypter
b. virus
c. backdoor
d. key-logger
Answer- backdoor
Que - Backdoors cannot be designed as ______________
a. the hidden part of a program
b. as a part of Trojans
c. embedded code of the firmware
d. embedded with anti-malware
Answer- embedded with anti-malware
Que - Trojans having backdoors are harmless.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- FALSE
Que - The threat of backdoors started when ____________ & ____________ OSs became widely accepted.
a. single-user, Windows
b. multiuser, networked
c. single-user, UNIX
d. multiuser, UNIX
Answer- multiuser, networked
Que - Backdoors are also known as ______________
a. Malware-doors
b. Trojan-backups
c. Front-doors
d. Trapdoors
Answer- Trapdoors
Que - __________ is a powerful RAT build using the language Delphi 7.
a. Stuxnet
b. T-Bomb
c. Beast
d. Zeus
Answer- Beast
Que - Which of the following is a remote Trojan?
a. Troya
b. DaCryptic
c. BankerA
d. Game-Troj
Answer- Troya
Que - A ___________ consists of at least one bot server or controller and one or more client-bots.
a. Virus
b. Trojan
c. Botnet
d. Adware
Answer- Botnet
Que - Botnets are managed by ______________
a. Bot-holders
b. Bot-herders
c. Bot-trainers
d. Bot-creators
Answer- Bot-herders
Que - A _____________ is a number of Internet-connected systems, where each of them is running one or more bots.
a. Trojan
b. Virus
c. Worms
d. Botnet
Answer- Botnet
Que - _____________ are implemented to carry out distributed DDoS attacks, steal data, send spam messages & permits the hacker to access various devices & its connection.
a. Trojan
b. Virus
c. Botnet
d. Worms
Answer- Botnet
Que - Botnets are not used for ______________
a. Perform DDoS
b. Steal bulk amount of sensitive data
c. Spamming
d. Encrypting for ransom
Answer- Encrypting for ransom
Que - The owner of botnets can control the botnet using ___________________ software.
a. trojans
b. command and control
c. servers
d. infected servers
Answer- command and control
Que - The full form of C&C is ____________
a. command and control
b. copy and cut
c. command and capture
d. copy and control
Answer- command and control
Que - The word "botnet" is a blend of the words _____________ & ___________
a. robot, network
b. rocket, network
c. bot, network
d. bot, internet
Answer- robot, network
Que - Botnets are not the logical connection of which of the following?
a. Smart-phones
b. IoT devices
c. Computer systems
d. Modems
Answer- Modems
Que - Infected computers and other systems within the botnet are called __________
a. killers
b. vampires
c. zombies
d. gargoyles
Answer- zombies
Que - The bot program allows the bot-herders to perform all operations from a ___________ location.
a. local
b. open
c. corporate
d. remote
Answer- remote
Que - Nowadays, most botnets rely on existing _______________ networks for communication.
a. server-to-server
b. peer-to-peer
c. client-to-server
d. host-to-server
Answer- peer-to-peer
Que - Which of the following is not an example of a botnet program?
a. Zeus
b. GameOver
c. ZeroAccess
d. MyDoom
Answer- MyDoom
Que - Which of the following is an example of Botnet?
a. Zeus
b. ILOVEYOU
c. Storm Worm
d. MyDoom
Answer- Zeus
Que - Which of the following is an example of a Botnet program?
a. Slammer
b. GameOver
c. Stuxnet
d. Anna Kournikova
Answer- GameOver
Que - _______________deals with the protection of an individual's information which is implemented while using the Internet on any computer or personal device.
a. Digital agony
b. Digital privacy
c. Digital secrecy
d. Digital protection
Answer- Digital privacy
Que - _______________ is a combined term which encompasses 3 sub-pillars; information privacy, individual privacy, and communication privacy.
a. Digital Integrity
b. Digital privacy
c. Digital secrecy
d. Digital protection
Answer- Digital privacy
Que - Which of the following do not comes under the three pillars of digital privacy?
a. Information privacy
b. Individual privacy
c. Communication privacy
d. Family privacy
Answer- Family privacy
Que - Which of the following is not an appropriate solution for preserving privacy?
a. Use privacy-focussed SE
b. Use private Browser-window
c. Disable cookies
d. Uninstall Antivirus
Answer- Uninstall Antivirus
Que - Which of the following is not an appropriate solution for preserving privacy?
a. Use privacy-focussed SE
b. Close all logical ports
c. Do not use malicious sites and torrent sites
d. Use VPN
Answer- Close all logical ports
Que - Which of the following is not a private Search-engine?
a. Yahoo
b. DuckDuckGo
c. StartPage
d. Wolfram Alpha
Answer- Yahoo
Que - Which of the following is a private Search-engine and do not track our searching data?
a. Google
b. Search Encrypt
c. Bing
d. Yahoo
Answer- Search Encrypt
Que - It is necessary to use ________________ for maintaining searched data privacy.
a. Private email services
b. Private search engines
c. Tor Browser
d. Private Browser window
Answer- Private search engines
Que - Which of the following browser is used for Privacy purpose?
a. Chrome
b. Firefox
c. Opera
d. Tor
Answer- Tor
Que - The Tor browser protects your privacy by bouncing your connection and links around a distributed network over the globe run by volunteers. It gives three layers of anonymity.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - The __________________ protects your privacy by bouncing your connection and links around a distributed network over the globe run by volunteers. It gives three layers of anonymity.
a. Cookie removers
b. Private Search Engines
c. Tor browser
d. VPNs
Answer- Tor browser
Que - Which of the following is not an example of privacy-browser?
a. Tor
b. Brave
c. Epic
d. Opera
Answer- Opera
Que - ____________ allow its users to attach to the internet via a remote or virtual server which preserves privacy.
a. Cookie removers
b. VPNs
c. Tor browser
d. Private Search Engines
Answer- VPNs
Que - The ____________ transferred between your device & the server is securely encrypted if you are using VPNs.
a. data
b. virus
c. music files
d. document files
Answer- data
Que - The data transferred between your device & the server is securely _____________ if you're using VPNs.
a. locked
b. sealed
c. packed
d. encrypted
Answer- encrypted
Que - A ______________ tries to formulate a web resource occupied or busy its users by flooding the URL of the victim with unlimited requests than the server can handle.
a. Phishing attack
b. DoS attack
c. Website attack
d. MiTM attack
Answer- DoS attack
Que - During a DoS attack, the regular traffic on the target _____________ will be either dawdling down or entirely interrupted.
a. network
b. system
c. website
d. router
Answer- website
Que - The intent of a ______________ is to overkill the targeted server's bandwidth and other resources of the target website.
a. Phishing attack
b. DoS attack
c. Website attack
d. MiTM attack
Answer- DoS attack
Que - DoS is abbreviated as _____________________
a. Denial of Service
b. Distribution of Server
c. Distribution of Service
d. Denial of Server
Answer- Denial of Service
Que - A DoS attack coming from a large number of IP addresses, making it hard to manually filter or crash the traffic from such sources is known as a _____________
a. GoS attack
b. PDoS attack
c. DoS attack
d. DDoS attack
Answer- DDoS attack
Que - DDoS stands for _________________
a. Direct Distribution of Server
b. Distributed Denial of Service
c. Direct Distribution of Service
d. Distributed Denial of Server
Answer- Distributed Denial of Service
Que - Instead of implementing single computer & its internet bandwidth, a ____________ utilizes various systems & their connections for flooding the targeted website.
a. GoS attack
b. PoS attack
c. DDoS attack
d. DoS attack
Answer- DDoS attack
Que - There are ______ types of DoS attack.
a. 2
b. 3
c. 4
d. 5
Answer- 2
Que - Application layer DoS attack is also known as _______________
a. Layer4 DoS attack
b. Layer5 DoS attack
c. Layer6 DoS attack
d. Layer7 DoS attack
Answer- Layer7 DoS attack
Que - ___________ is a type of DoS threats to overload a server as it sends a large number of requests requiring resources for handling & processing.
a. Network Layer DoS
b. Physical Layer DoS
c. Transport Layer DoS
d. Application Layer DoS
Answer- Application Layer DoS
Que - Which of the following is not a type of application layer DoS?
a. HTTP flooding
b. Slowloris
c. TCP flooding
d. DNS query flooding
Answer- TCP flooding
Que - Network layer attack is also known as ________________
a. Layer3-4 DoS attack
b. Layer5 DoS attack
c. Layer6-7 DoS attack
d. Layer2 DoS attack
Answer- Layer3-4 DoS attack
Que - Which of the following do not comes under network layer DoS flooding?
a. UDP flooding
b. HTTP Flooding
c. SYN flooding
d. NTP Amplification
Answer- HTTP Flooding
Que - Which of the following do not comes under network layer DoS flooding?
a. DNS amplification
b. UDP flooding
c. DNS query flooding
d. NTP Amplification
Answer- DNS query flooding
Que - DDoS are high traffic events that are measured in Gigabits per second (Gbps) or packets per second (PPS).
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - A DDoS with 20 to 40 Gbps is enough for totally shutting down the majority network infrastructures.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - ______________ is an internet scam done by cyber-criminals where the user is convinced digitally to provide confidential information.
a. Phishing attack
b. DoS attack
c. Website attack
d. MiTM attack
Answer- Phishing attack
Que - In _______________ some cyber-criminals redirect the legitimate users to different phishing sites and web pages via emails, IMs, ads and spyware.
a. URL Redirection
b. DoS
c. Phishing
d. MiTM attack
Answer- Phishing
Que - Phishers often develop ______________ websites for tricking users & filling their personal data.
a. legitimate
b. illegitimate
c. genuine
d. official
Answer- illegitimate
Que - Which of the following type of data, phishers cannot steal from its target victims?
a. bank details
b. phone number
c. passwords
d. apps installed in the mobile
Answer- apps installed in the mobile
Que - Algorithm-Based Phishing was developed in the year __________
a. 1988
b. 1989
c. 1990
d. 1991
Answer- 1990
Que - ______________ was the first type of phishing where the phishers developed an algorithm for generating random credit card numbers.
a. Algo-based phishing
b. Email-based phishing
c. Domain Phishing
d. Vishing
Answer- Algo-based phishing
Que - Email Phishing came into origin in the year __________
a. 1990
b. 2000
c. 2005
d. 2015
Answer- 2000
Que - _________________ type of phishing became very popular as if it has been sent from a legitimate source with a legitimate link to its official website.
a. Algo-based phishing
b. Email-based phishing
c. Domain Phishing
d. Vishing
Answer- Email-based phishing
Que - _____________ refers to phishing performed over smart-phone by calling.
a. Algo-based phishing
b. Email-based phishing
c. Domain Phishing
d. Vishing
Answer- Vishing
Que - _____________ = voice + phishing.
a. Algo-based phishing
b. Vishing
c. Domain Phishing
d. Email-based phishing
Answer- Vishing
Que - Victims of phishing are mostly ___________________
a. Tech enthusiast
b. Professional computer engineers
c. Lack of computer knowledge
d. Lack of management skill
Answer- Lack of computer knowledge
Que - ___________________ is usually targeted by nature where the emails are exclusively designed to target any exact user.
a. Algo-based phishing
b. Vishing
c. Domain Phishing
d. Spear phishing
Answer- Spear phishing
Que - ____________ or smishing is one of the simplest types of phishing where the target victims may get a fake order detail with a cancellation link.
a. Algo-based phishing
b. SMS phishing
c. Domain Phishing
d. Spear phishing
Answer- SMS phishing
Que - ________________ phishing is that type of phishing where the construction of a fake webpage is done for targeting definite keywords & waiting for the searcher to land on the fake webpage.
a. Voice
b. SMS
c. Search engine
d. Email
Answer- Search engine
Que - Which of the following is not an example or type of phishing?
a. Spear phishing
b. Deceptive phishing
c. Whaling
d. Monkey in the Middle
Answer- Monkey in the Middle
Que - _____________ is data interception method used by hackers.
a. Phishing
b. DoS
c. Sniffing
d. MiTM
Answer- Sniffing
Que - Sniffing is also known as ___________________
a. network-tapping
b. wiretapping
c. net-tapping
d. wireless-tapping
Answer- wiretapping
Que - _____________ are programs or devices that capture the vital information from the target network or particular network.
a. Routers
b. Trappers
c. Wireless-crackers
d. Sniffers
Answer- Sniffers
Que - Which of them is not an objective of sniffing for hackers?
a. Fetching passwords
b. Email texts
c. Types of files transferred
d. Geographic location of a user
Answer- Geographic location of a user
Que - Which of the following tech-concepts cannot be sniffed?
a. Router configuration
b. ISP details
c. Email Traffic
d. Web Traffic
Answer- ISP details
Que - Which of the following tech-concepts cannot be sniffed?
a. Cloud sessions
b. FTP passwords
c. Telnet passwords
d. Chat sessions
Answer- Cloud sessions
Que - Which of the below-mentioned protocol is not susceptible to sniffing?
a. HTTP
b. SMTP
c. POP
d. TCP
Answer- TCP
Que - Which of the below-mentioned protocol is not susceptible to sniffing?
a. NNTP
b. UDP
c. FTP
d. IMAP
Answer- UDP
Que - There are __________ types of sniffing.
a. 2
b. 3
c. 4
d. 5
Answer- 2
Que - Active sniffing is difficult to detect.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- FALSE
Que - Which of the following is not a sniffing tool?
a. Wireshark
b. Dude Sniffer
c. Maltego
d. Look@LAN
Answer- Maltego
Que - A sniffer, on the whole turns your system's NIC to the licentious mode so that it can listen to all your data transmitted on its division.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - A ______________ on the whole turns your system's NIC to the licentious mode so that it can listen to all your data transmitted on its division.
a. Phishing site
b. Sniffer tool
c. Password cracker
d. NIC cracker
Answer- Sniffer tool
Que - In _____________ sniffing, the network traffic is not only supervised & locked, but also be can be altered in different ways to accomplish the attack.
a. passive
b. signal
c. network
d. active
Answer- active
Que - __________________ are those devices which can be plugged into your network at the hardware level & it can monitor traffic.
a. Hardware sniffers & analyzers
b. Hardware protocol analyzers
c. Hardware protocol sniffers
d. Hardware traffic sniffers and observers
Answer- Hardware protocol analyzers
Que - _____________ attack is the exploitation of the web-session & its mechanism that is usually managed with a session token.
a. Session Hacking
b. Session Hijacking
c. Session Cracking
d. Session Compromising
Answer- Session Hijacking
Que - The most commonly used session hijacking attack is the _______________
a. IP hacking
b. IP spooling
c. IP spoofing
d. IP tracking
Answer- IP spoofing
Que - ________________ are required because HTTP uses a lot of diverse TCP connections, so, the web server needs a means to distinguish every user's connections.
a. Internet
b. Network
c. Hijacking
d. Sessions
Answer- Sessions
Que - Since most _______________________ occur at the very beginning of the TCP session, this allows hackers to gain access to any system.
a. authentications
b. breaches
c. integrations
d. associations
Answer- authentications
Que - _______________ is done only after the target user has connected to the server.
a. Server hacking
b. Banner grabbing
c. Cracking
d. Hijacking
Answer- Hijacking
Que - In _______________ attack, the attacker doesn't actively take over another user to perform the attack.
a. phishing
b. spoofing
c. hijacking
d. vishing
Answer- spoofing
Que - There are ___________ types of session hijacking.
a. 2
b. 3
c. 4
d. 5
Answer- 2
Que - With ___________________ attack, an attacker hijacks a session but do not alter anything. They just sit back and watch or record all the traffic and data being sent forth.
a. network session hijacking
b. passive session hijacking
c. active session hijacking
d. social-networking session hijacking
Answer- passive session hijacking
Que - In an _________________ attack, an attacker finds an active session & takes over that session.
a. network session hijacking
b. passive session hijacking
c. active session hijacking
d. social-networking session hijacking
Answer- active session hijacking
Que - Session hijacking takes place at ____________ number of levels.
a. five
b. four
c. three
d. two
Answer- two
Que - The ______________ hijacking is implemented on the data flow of protocol shared by all web applications.
a. network level
b. physical level
c. application level
d. data level
Answer- network level
Que - Which of the following example do not comes under network level session hijacking.
a. TCP/IP Hijacking
b. RST Hijacking
c. Domain Hijacking
d. Blind Hijacking
Answer- Domain Hijacking
Que - In ___________________ session hijacking, hackers gain session ID for taking control of existing session or even create a new unauthorized session.
a. network level
b. physical level
c. application level
d. data level
Answer- physical level
Que - Which of them is not a session hijacking tool?
a. Juggernaut
b. IP watcher
c. Wireshark
d. Paros HTTP Hijacker
Answer- Wireshark
Que - Which of the following is a session hijacking tool?
a. T-Sight
b. Wireshark
c. Maltego
d. Nessus
Answer- T-Sight
Que - Hjksuite Tool is a collection of programs for hijacking. It contains a library called hjklib which can help in implementing TCP/IP stack-over hijacking.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Which of the following is not an appropriate way to compromise web servers?
a. Misconfiguration in OS
b. Using network vulnerabilities
c. Misconfiguration in networks
d. Bugs in OS which allow commands to run on web servers
Answer- Using network vulnerabilities
Que - Which of the following is not an appropriate method of defacing web server?
a. Fetching credentials through MiTM
b. Brute-forcing Admin Password
c. IP address spoofing
d. DNS Attack through cache poisoning
Answer- IP address spoofing
Que - Which of the following is not an appropriate method of defacing web server?
a. Mail server intrusion
b. Web application bugs
c. Web shares misconfiguration
d. Sessions hijacking
Answer- Sessions hijacking
Que - _________ is one of the most widely used web server platforms.
a. IIS
b. IAS
c. ISS
d. AIS
Answer- IIS
Que - IIS stands for __________________
a. Interconnected Information Server
b. Interconnected Information Services
c. Internet Information Server
d. Internet Information Services
Answer- Internet Information Services
Que - ____________ is a tiny script that if uploaded to a web server can give hacker complete control of a remote PC.
a. Spyware
b. ASP Trojan
c. Web ransomware
d. Stuxnet
Answer- ASP Trojan
Que - ____________ logs all the visits in log files which is located at <%systemroot%>\logfiles.
a. IIS
b. Microsoft Server
c. Linux
d. IAS
Answer- IIS
Que - Which of the following is not a web server attack type?
a. DOS attack
b. Website Defacement using SQLi
c. Directory Traversal
d. Password guessing
Answer- Password guessing
Que - ______________ tool clears the log entries in the IIS log files filtered by an IP address.
a. CleanIISLoging
b. CleanLogger
c. CleanIISLog
d. ClearIISLog
Answer- CleanIISLog
Que - CleanIISLog is not a hacking tool.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- FALSE
Que - Which of the following is not an appropriate countermeasure for web server hacking?
a. Patch updates need to be done regularly
b. Not to use default configurations
c. Use IDS and firewalls with signature updates
d. Use low-speed internet
Answer- Use low-speed internet
Que - Which of the following is not an appropriate countermeasure for web server hacking?
a. Using OS or antivirus without updates
b. Scan web server applications for vulnerabilities
c. Using secure protocols
d. Follow strict access control policy
Answer- Using OS or antivirus without updates
Que - _____________ focuses on the detection & prevention of sensitive data exfiltration and lost data.
a. Data loss prevention
b. Data loss measurement
c. Data stolen software
d. Data leak prevention
Answer- Data loss prevention
Que - A _______________ is a program application which is stored on a remote-server & distributed over the Internet when a user uses a browser interface to request for such applications.
a. Android application
b. Web application
c. PC application
d. Cloud application
Answer- Web application
Que - Which of the following is not an example of web application hacking?
a. Defacing websites
b. Stealing credit card information
c. Reverse engineering PC apps
d. Exploiting server-side scripting
Answer- Reverse engineering PC apps
Que - _______________ hacking refers to mistreatment of applications through HTTP or HTTPS that can be done by manipulating the web application through its graphical web interface or by tampering the Uniform Resource Identifier (URI).
a. Android application
b. Web application
c. PC application
d. Cloud application
Answer- Web application
Que - Which of the following is not an appropriate method of web application hacking?
a. XSS
b. CSRF
c. SQLi
d. Brute-force
Answer- Brute-force
Que - XSS stands for _________________
a. Crack Site Scripting
b. Cross Site Server
c. Cross Site Scripting
d. Crack Server Scripting
Answer- Cross Site Scripting
Que - Which of the following is not an example of web application hacking?
a. DNS Attack
b. Dumpster diving
c. Injecting Malicious code
d. Using the shell to destroy web application data
Answer- Dumpster diving
Que - Which of the following is not a threat of web application?
a. Reverse engineering
b. Command injection
c. DMZ protocol attack
d. Buffer Overflow
Answer- Reverse engineering
Que - Which of the following is not a threat of web application?
a. Session poisoning
b. Phishing
c. Cryptographic interception
d. Cookie snooping
Answer- Phishing
Que - ________ Injection attack is a special attack done through character elements "Carriage Return" or "Line Feed." Exploitation can be done when an attacker is capable to inject a CRLF series in an HTTP stream.
a. XSS
b. CSRF
c. CRLF
d. SQL
Answer- CRLF
Que - Which of the following scripting language is used for injecting executable malicious code for web-app hacking?
a. C++
b. Tcl
c. Frame-Script
d. JavaScript
Answer- JavaScript
Que - ______________ takes advantage if hidden fields that work as the only security measure in some applications.
a. Parameter tampering
b. Data tampering
c. Tampering of network topology
d. Protocol tampering
Answer- Parameter tampering
Que - _____________ is the attack method for decoding user credentials. Using this technique an attacker can log on as a user & gain access to unauthorized data.
a. Cache Snooping
b. Cookie-jacking
c. Cookie Snooping
d. Cache-compromising
Answer- Cookie Snooping
Que - Which of the following is not an example of web application hacking technique?
a. LDAP injection
b. Cryptanalysis
c. Race condition attack
d. OS command injection.
Answer- Cryptanalysis
Que - _____________ are unwanted software intended to pitch advertisements upon the user's screen, most often within a web browser.
a. Shareware
b. Adware
c. Bloatware
d. Ransomware
Answer- Adware
Que - PUP is abbreviated as ____________
a. Potentially Useless Programs
b. Potentially Unwanted Protocols
c. Potentially Unwanted Programs
d. Partial Unwanted Programs
Answer- Potentially Unwanted Programs
Que - Users might invite some bogus virus in his/her system by clicking the ____________
a. Shareware
b. Spyware
c. URL
d. Adware
Answer- Adware
Que - Which among the following is not an abnormal symptom found once you click any malicious adware?
a. Automatic opening of new tabs in the browser
b. Automatic updates of antivirus
c. Changes in home page
d. Popping up of new Search engines on your browser
Answer- Automatic updates of antivirus
Que - Once _____________ hijacks your system, it might perform different sorts of unwanted tasks.
a. Server hacking
b. Banner grabbing
c. Cracking
d. Hijacking
Answer- Hijacking
Que - Creators of _____________ also sell your browsing behaviour & information to 3rd parties.
a. Shareware
b. Spyware
c. URL
d. Adware
Answer- Adware
Que - Modern ____________ can even use it to target users with additional s that are customized to the browsing habits.
a. smart shareware
b. smart adware
c. smart bloatware
d. smart spyware
Answer- smart adware
Que - Creators of adware also sell your browsing behaviour & information to 3rd parties.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Which among the following is not a symptom of your system compromised with adware?
a. Website links redirect to sites unlike from what user is intended
b. Web browser acts slows to a crawl
c. System takes restarts frequently
d. The browser might crash frequently
Answer- System takes restarts frequently
Que - Malicious adware may sneak into your system by __________ different ways.
a. five
b. four
c. three
d. two
Answer- two
Que - Which of the following term is not a valid terminology and type of adware?
a. Mobile adware
b. Mac Adware
c. Smart-home adware
d. Windows adware
Answer- Smart-home adware
Que - Adware will not come to your system if you are using Chrome.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- FALSE
Que - ________________ are unnecessary software which infiltrates user's system, spy on user's activities, stealing internet usage data & sensitive information of that user.
a. Shareware
b. Spyware
c. Ransomware
d. Freeware
Answer- Spyware
Que - They spy on our digital habits and spy on which data is more sensitive or useful for its creator. Who are 'they' referring to here?
a. Shareware
b. Ransomware
c. Spyware
d. Freeware
Answer- Spyware
Que - Spyware collects user's personal data & spreads it to______________ data-firms, or its creator.
a. advertisers
b. dark-market
c. antivirus company
d. share market
Answer- advertisers
Que - Which of the following activity is not done by spyware?
a. sell internet usage data
b. capture credit card details
c. user's personal identity
d. steal signature of the different virus
Answer- steal signature of the different virus
Que - Which of the following activity is not done by spyware?
a. Monitors your internet activity
b. Track user's login details and passwords
c. Uninstalls your mobile browser
d. Spy on sensitive information
Answer- Uninstalls your mobile browser
Que - Spyware is not a powerful & one of the most widespread threats on the internet.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- FALSE
Que - It actually infects your device easily & makes it hard to _____________
a. delete
b. identify
c. modify
d. copy
Answer- identify
Que - There are __________ main types of spyware.
a. 2
b. 3
c. 4
d. 5
Answer- 4
Que - _____________ track the user's online activities like search queries, history pages & downloads, for selling purposes.
a. Ad-based spyware
b. System Monitors
c. Spy-trojans
d. Tracking cookies
Answer- Tracking cookies
Que - _____________ tracks your data and displays those products as ads for promotions.
a. Ad-based spyware
b. System Monitors
c. Spy-trojans
d. Tracking cookies
Answer- Ad-based spyware
Que - _________________ disguises them as legitimate software & appear as Java or Flash Player updates. They will periodically collect your system data and send it to its creator.
a. Ad-based spyware
b. System Monitors
c. Spy-trojans
d. Tracking cookies
Answer- Spy-trojans
Que - ____________ records all your key-strokes, chat-room dialogs, program run in your system, and system details.
a. Ad-based spyware
b. System Monitors
c. Spy-trojans
d. Tracking cookies
Answer- System Monitors
Que - Which of the following do not lead you to invite spyware into your system?
a. Accepting fishy prompt or pop-ups
b. Downloading apps from an unreliable source
c. Opening unknown attachments
d. Installing antivirus patches
Answer- Installing antivirus patches
Que - As you sense your device has been infected with spyware, you should run a scan with your existing security software/AV for making sure it has cleaned up all malicious contents.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Which of the following is not an anti-spyware tool?
a. MalwareBytes Anti-Malware tool
b. SpyBot Search and Destroy
c. Emsisoft Emergency Kit
d. MS Firewall Defender
Answer- MS Firewall Defender
Que - If you've accidentally clicked any pop-up which seems malicious, it is recommended to take steps to remove it and proactively change your ________ and delete browsing activities from web browser.
a. passwords
b. email ID
c. name
d. address
Answer- passwords
Que - ______________ can be defined as the duplication of another creator's or developer's product trailing a thorough examination of its production or development.
a. Reverse hacking
b. Cracking
c. Social engineering
d. Reverse engineering
Answer- Reverse engineering
Que - _____________ can be made functional to diverse aspects of software development & hardware improvement activities.
a. Reverse hacking
b. Cracking
c. Reverse engineering
d. Social engineering
Answer- Reverse engineering
Que - RE is often defined as the crafting technique of ____________ who uses his skills to remove copy protection or trial versions from software or media.
a. crackers
b. risk assessment team
c. auditors
d. surveillance monitoring team
Answer- crackers
Que - Which of the following activity is a good aspect of reverse engineering in ethical hacking?
a. Cracking the trial version of the product to make it full-version
b. Removing the product key insertion step
c. Jumping the code for premium facilities
d. Determining the vulnerabilities in the product.
Answer- Determining the vulnerabilities in the product.
Que - Which of the following activity is a good aspect of reverse engineering in ethical hacking?
a. Cracking the trial version of the product to make it full-version
b. Removing the product key insertion step
c. Jumping the code for premium facilities
d. Determine whether the app contains any undocumented functionality
Answer- Determine whether the app contains any undocumented functionality
Que - Which of the following is not a proper use of RE for ethical hackers?
a. Check for poorly designed protocols
b. Check for error conditions
c. Cracking for making paid apps free for use
d. Testing for boundary conditions
Answer- Cracking for making paid apps free for use
Que - ________________ is the opposite of assembler.
a. Reassembler
b. Disassembler
c. Compiler
d. Interpreter
Answer- Disassembler
Que - ______________ comes under tools for reverse engineering (RE).
a. Reassembler
b. Compiler
c. Disassembler
d. Interpreter
Answer- Disassembler
Que - De-compilation is not done for _______________
a. Recovery of lost source code
b. Migration of assembly language
c. Determining the existence of malicious code in any app
d. Targeting users with stealing code
Answer- Targeting users with stealing code
Que - Which of the following is not a disassembler tool?
a. IDA Pro
b. PE Explorer
c. Turbo C
d. W32DASM
Answer- Turbo C
Que - There are ______ types of reverse engineering methodologies.
a. 6
b. 2
c. 5
d. 3
Answer- 2
Que - Which of the following is not an actual Reverse Engineering tool?
a. Debugger
b. Disassembler
c. Text Editor
d. Hex Editor
Answer- Text Editor
Que - Hex editors permit programmers to inspect & alter binaries based on some software requirements.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - PE & Resource Viewer permits programmers to inspect & alter resources which are entrenched in the EXE file of any software.
a. PE & Resource Viewer
b. Debugger
c. Disassembler
d. Hex Editor
Answer- PE & Resource Viewer
Que - IDAPro is used as a _________________ in manual binary code analysis and also used a debugger.
a. PE & Resource Viewer
b. Debugger
c. Disassembler
d. Hex Editor
Answer- Disassembler
Que - ________________ is a type of reverse engineering tool that is used to dissect binary codes into assembly codes.
a. PE & Resource Viewer
b. Debugger
c. Disassembler
d. Hex Editor
Answer- Disassembler
Que - Which of the following is not a function or use of disassembler?
a. Extracting functions & libraries
b. Extracting strings and values
c. Assemble medium-level codes
d. Dissect binary codes
Answer- Assemble medium-level codes
Que - Which of the following is not a feature of IDAPro?
a. Instant debugging
b. Connect local and remote systems easily
c. Explore in-depth binary data
d. Convert machine language to high-level code
Answer- Convert machine language to high-level code
Que - A _____________ takes executable file as input and tries to generate high level code.
a. Debugger
b. Decompiler
c. Disassembler
d. Hex Editor
Answer- Decompiler
Que - ________________ does not attempt to reverse the actions of compiler; rather it transforms the input program repeatedly until HLL code is achieved.
a. Debugger
b. Hex Editor
c. Disassembler
d. Decompiler
Answer- Decompiler
Que - _____________ will not recreate the original source file created by the compiler.
a. Debugger
b. Hex Editor
c. Decompiler
d. Disassembler
Answer- Decompiler
Que - Which of the following is not a decompiler tool?
a. DCC decompiler
b. Borol and C
c. Boomerang Decompiler
d. ExeToC
Answer- Borol and C
Que - REC stands for ________________
a. Reverse Engineering Compiler
b. Reverse Engineering Computer
c. Return-to-Code Engineering Compiler
d. Reversing Engineered Compiler
Answer- Reverse Engineering Compiler
Que - _______________ is a universal interactive program environment for reverse engineering.
a. TurboC
b. Andromeda Decompiler
c. IDAPro
d. PE Explorer
Answer- Andromeda Decompiler
Que - Which one is not an example of .Net application decompiler?
a. Salamander
b. Dis
c. Decompiler.Net
d. MultiRipper
Answer- MultiRipper
Que - __________ is a naming system given to different computers which adapt to human-readable domain names.
a. HTTP
b. DNS
c. WWW
d. ISP
Answer- DNS
Que - DNS stands for _____________
a. Data Name System
b. Domain Name Server
c. Domain Name System
d. Domain's Naming System
Answer- Domain Name System
Que - Some security issues might exist owing to misconfigured __________________ which can direct to disclosure of information regarding the domain.
a. DNS names
b. HTTP setup
c. ISP setup
d. FTP-unsecured
Answer- DNS names
Que - ______________ is a form of nasty online attack in which a user gets redirects queries to a DNS because of override of system's TCP/IP settings.
a. DNS mal-functioning
b. DNS cracking
c. DNS redirecting
d. DNS hijacking
Answer- DNS hijacking
Que - _____________ can be attained by the use of malware or by changing the server's settings.
a. DNS poisoning
b. DNS cracking
c. DNS hijacking
d. DNS redirecting
Answer- DNS hijacking
Que - There are _________ main types of DNS hijacking.
a. 4
b. 2
c. 3
d. 5
Answer- 2
Que - DNS trojans are used for performing a type of DNS hijacking.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - The _______________ matches and maps to the user friendly domain name.
a. HTTP
b. DNS
c. WWW
d. ISP
Answer- DNS
Que - Which of the following is not an example of DNS hijacking?
a. ISP DNS hijacking
b. DNS hijacking for phishing
c. DNS hijacking for pharming
d. HTTP-based DNS hacking
Answer- HTTP-based DNS hacking
Que - A ______________ is essentially a text file residing on the server that hosts different domain containing entries for dissimilar resource records.
a. Zone file
b. Robot file
c. Bot file
d. DNS file
Answer- Zone file
Que - ______________ which is also termed as DNS spoofing, is a kind of attack which uses DNS based vulnerabilities for diverting the traffic of internet.
a. DNS poisoning
b. DNS re-routing
c. DNS cracking
d. Domain link poisoning
Answer- DNS poisoning
Que - DNS poisoning is very dangerous because it can extend its reach from one ___________ to another.
a. ISP server
b. DNS server
c. Linux server
d. Domain user
Answer- DNS server
Que - A _________________ can be poisoned if it is having an erroneous entry where the invader gets to organize the DNS server & change different kinds of information on it.
a. Server data
b. Domain name
c. DNS cache
d. System file
Answer- DNS cache
Que - The ____________ Domain Name Server data will get spread to the ISPs & will be cached there.
a. working
b. compromised
c. corrupted
d. poisoned
Answer- poisoned
Que - The user could be influenced by DNS hijacking if the government of that country uses DNS redirecting as a mechanism to mask censorship.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Which of the following data is not appropriate here, if you delete cache, cookies, and browser history?
a. Address bar predictions
b. Saved passwords
c. Browser plug-ins
d. Shopping cart content
Answer- Browser plug-ins
Que - ____________ are tiny files which get downloaded to your system when you visit a website.
a. Cookies
b. Caches
c. Bots
d. Crawlers
Answer- Cookies
Que - Browser ___________ are impermanent internet files which helps the browsers download web images, data & documents for rapid performance & viewing in the future.
a. plug-ins
b. cache
c. ad-on
d. history
Answer- cache
Que - ___________ is just a group of data downloaded for helping in displaying a web page faster.
a. plug-ins
b. cache
c. ad-ons
d. history
Answer- cache
Que - Attackers could steal ___________ to achieve illegitimate accessing to online accounts & disturbs the personal information.
a. plug-ins
b. cache
c. cookies
d. history
Answer- cookies
Que - Which of the following is not an example of browsing data?
a. Forms and Search-bar data
b. Cache data
c. Downloading history
d. Start bar search data
Answer- Start bar search data
Que - There are cookies that are designed to track your browsing habits & aim ads to you.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Which of the following is the most viral section of the internet?
a. Chat Messenger
b. Social networking sites
c. Tutorial sites
d. Chat-rooms
Answer- Social networking sites
Que - ____________ type of sites are known as friend-of-a-friend site.
a. Chat Messenger
b. Social networking sites
c. Tutorial sites
d. Chat-rooms
Answer- Social networking sites
Que - Which of the following is not an appropriate measure for securing social networking accounts?
a. Strong passwords
b. Link your account with a phone number
c. Never write your password anywhere
d. Always maintain a soft copy of all your passwords in your PC
Answer- Always maintain a soft copy of all your passwords in your PC
Que - Which of them is a proper measure of securing social networking account?
a. Never keep your password with any relevant names
b. Keep written records of your passwords
c. Keep records of your password in audio format in your personal cell-phone
d. Passwords are kept smaller in size to remember
Answer- Never keep your password with any relevant names
Que - If hackers gain access to your social media accounts, they can do some illicit or shameless act to degrade your reputation.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - ________________ is a popular tool to block social-media websites to track your browsing activities.
a. Fader
b. Blur
c. Social-Media Blocker
d. Ad-blocker
Answer- Blur
Que - Try to keep your passwords without meaning so that _____________ attack becomes almost impossible to perform successfully.
a. social engineering
b. phishing
c. password guessing
d. brute force
Answer- password guessing
Que - Keeping the password by the name of your pet is a good choice.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- FALSE
Que - Increase your security for social media account by always ____________ as you step away from the system.
a. signing in
b. logging out
c. signing up
d. logging in
Answer- logging out
Que - Clicking on enticing Ads can cause trouble.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Strangers cannot cause much trouble if we connect to them over social media.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- FALSE
Que - Part of the social media sites are the various games & 3rd party applications which helps ______________ to get access to your data.
a. ethical hackers
b. penetration testers
c. security auditors
d. cyber-criminals
Answer- cyber-criminals
Que - Many social media sites and services provide _______________ for legitimate account verification.
a. Retina scanning
b. Fingerprint scanning
c. CAPTCHA
d. 2-step verification
Answer- 2-step verification
Que - Scanning your system and destroying suspicious files can reduce risks of data compromise or leakage of compromised data over social media.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Different social media services offer tips as of how to use their services and site, still maintaining a high altitude of security.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - ______________ is populating the inbox of any target victim with unsolicited or junk emails.
a. Phishing
b. Spamming
c. Hooking
d. DoS
Answer- Spamming
Que - _________________ technique is also used in product .
a. Phishing
b. Cookies
c. e-Banners
d. Spamming
Answer- e-Banners
Que - Which of the following is not a technique used by spanners?
a. Spoofing the domain
b. Sending attached virus in spams
c. Junk tags associated with spam-emails
d. Making important deals through such emails
Answer- Making important deals through such emails
Que - ___________ are used which crawl web pages looking for email Ids and copies them to the database.
a. Caches
b. Cookies
c. Bots
d. Spiders
Answer- Spiders
Que - Which of the following is not a proper way of how spammers get the email Ids?
a. When a user registers to online services, blogs, and sites
b. Databases formed by spiders fetching email Ids from different sources
c. From offline form fill-up documents
d. Online ad-tracking tools
Answer- From offline form fill-up documents
Que - There are ___________ major ways of spamming.
a. 4
b. 2
c. 3
d. 5
Answer- 2
Que - There are _______ types of spamming.
a. 3
b. 4
c. 5
d. 6
Answer- 6
Que - Which of the following is not a type of spamming attack?
a. Page-jacking
b. Image spamming
c. Spear phishing
d. Blog & wiki spamming
Answer- Spear phishing
Que - Which of the following is not a bulk emailing tool?
a. Fairlogic Worldcast
b. 123 Hidden sender
c. YL Mail Man
d. NetCut
Answer- NetCut
Que - Which of the following is not a bulk emailing tool?
a. Wireshark
b. Sendblaster
c. Direct Sender
d. Hotmailer
Answer- Wireshark
Que - Which of the following is not an anti-spam technique?
a. Signature-based content filtering
b. DNS routing
c. Bayesian Content Filtering
d. Collaborative content filtering
Answer- DNS routing
Que - Which of the following is not an anti-spam technique?
a. Reputation control
b. Sender policy framework
c. DNS-based block-list
d. Domain-based blocking
Answer- Domain-based blocking
Que - ___________ is a tool used as spam filter in association with email programs and automatically intercepts spam emails.
a. Nessus
b. SpamExpert Desktop
c. Spam-Rescurer
d. Burp-Suite
Answer- SpamExpert Desktop
Que - Which of the following is not an anti-spamming tool or system?
a. Spam-Eater Pro
b. SpyTech Spam Agent
c. SpamExperts Desktop
d. Anti-spyware Tech
Answer- Anti-spyware Tech
Que - _________________ is the process or mechanism used for converting ordinary plain text into garbled non-human readable text & vice-versa.
a. Malware Analysis
b. Exploit writing
c. Reverse engineering
d. Cryptography
Answer- Cryptography
Que - ______________ is a means of storing & transmitting information in a specific format so that only those for whom it is planned can understand or process it.
a. Malware Analysis
b. Cryptography
c. Reverse engineering
d. Exploit writing
Answer- Cryptography
Que - When plain text is converted to unreadable format, it is termed as _____________
a. rotten text
b. raw text
c. cipher-text
d. ciphen-text
Answer- cipher-text
Que - Cryptographic algorithms are based on mathematical algorithms where these algorithms use ___________ for a secure transformation of data.
a. secret key
b. external programs
c. add-ons
d. secondary key
Answer- secret key
Que - Cryptography can be divided into ______ types.
a. 5
b. 4
c. 3
d. 2
Answer- 2
Que - Data which is easily readable & understandable without any special algorithm or method is called _________________
a. cipher-text
b. plain text
c. raw text
d. encrypted text
Answer- plain text
Que - Plain text are also called _____________
a. cipher-text
b. raw text
c. clear-text
d. encrypted text
Answer- clear-text
Que - There are ________ types of cryptographic techniques used in general.
a. 2
b. 3
c. 4
d. 5
Answer- 3
Que - Conventional cryptography is also known as _____________ or symmetric-key encryption.
a. secret-key
b. public key
c. protected key
d. primary key
Answer- secret-key
Que - Data Encryption Standard is an example of a _____________ cryptosystem.
a. conventional
b. public key
c. hash key
d. asymmetric-key
Answer- conventional
Que - _______________ cryptography deals with traditional characters, i.e., letters & digits directly.
a. Modern
b. Classic
c. Asymmetric
d. Latest
Answer- Classic
Que - ____________ cryptography operates on binary-bit series and strings.
a. Modern
b. Classic
c. Traditional
d. Primitive
Answer- Modern
Que - __________ cryptography has always been focussing on the concept of 'security through obscurity'.
a. Modern
b. Asymmetric
c. Classic
d. Latest
Answer- Classic
Que - ________________ cryptography is based on publicly known mathematically designed algorithms to encrypt the information.
a. Modern
b. Classic
c. Traditional
d. Primitive
Answer- Modern
Que - _____________________ is the art & science of cracking the cipher-text without knowing the key.
a. Cracking
b. Cryptanalysis
c. Cryptography
d. Crypto-hacking
Answer- Cryptanalysis
Que - The process of disguising plaintext in such a way that its substance gets hidden (into what is known as cipher-text) is called _________________
a. cryptanalysis
b. decryption
c. reverse engineering
d. encryption
Answer- encryption
Que - The method of reverting the encrypted text which is known as cipher text to its original form i.e. plain text is known as ________________
a. cryptanalysis
b. decryption
c. reverse engineering
d. encryption
Answer- decryption
Que - Which of the following is not the primary objective of cryptography?
a. Confidentiality
b. Data Integrity
c. Data Redundancy
d. Authentication
Answer- Data Redundancy
Que - Which of the following is not the primary objective of cryptography?
a. Confidentiality
b. Data Redundancy
c. Non-repudiation
d. Authentication
Answer- Data Redundancy
Que - Cryptography offers a set of required security services. Which of the following is not among that 4 required security services?
a. Encryption
b. Message Authentication codes
c. Hash functions
d. Steganography
Answer- Steganography
Que - A cryptosystem is also termed as ______________
a. secure system
b. cipher system
c. cipher-text
d. secure algorithm
Answer- cipher system
Que - ______________ is the mathematical procedure or algorithm which produces a cipher-text for any specified plaintext.
a. Encryption Algorithm
b. Decryption Algorithm
c. Hashing Algorithm
d. Tuning Algorithm
Answer- Encryption Algorithm
Que - _______________ takes the plain text and the key as input for creating cipher-text.
a. Decryption Algorithm
b. Hashing Algorithm
c. Tuning Algorithm
d. Encryption Algorithm
Answer- Decryption Algorithm
Que - ____________________ is a mathematical algorithm that produces a unique plain text for a given cipher text along with a decryption key.
a. Decryption Algorithm
b. Hashing Algorithm
c. Tuning Algorithm
d. Encryption Algorithm
Answer- Decryption Algorithm
Que - A set of all probable decryption keys are collectively termed as ____________
a. key-stack
b. key bunch
c. key space
d. key pack
Answer- key space
Que - Encryption-decryption in cryptosystem is done in ______ ways.
a. 4
b. 3
c. 5
d. 2
Answer- 2
Que - In _____________________ same keys are implemented for encrypting as well as decrypting the information.
a. Symmetric Key Encryption
b. Asymmetric Key Encryption
c. Asymmetric Key Decryption
d. Hash-based Key Encryption
Answer- Symmetric Key Encryption
Que - In __________________ 2 different keys are implemented for encrypting as well as decrypting that particular information.
a. Symmetric Key Encryption
b. Asymmetric Key Encryption
c. Asymmetric Key Decryption
d. Hash-based Key Encryption
Answer- Symmetric Key Encryption
Que - A set of all probable decryption keys are collectively termed as key space.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - ____________ is a mono-alphabetic encryption code wherein each & every letter of plain-text is replaced by another letter in creating the cipher-text.
a. Polyalphabetic Cipher
b. Caesar Cipher
c. Playfair Cipher
d. Monoalphabetic Cipher
Answer- Caesar Cipher
Que - _____________ is the concept that tells us about the replacement of every alphabet by another alphabet and the entire series gets 'shifted' by some fixed quantity.
a. Rolling Cipher
b. Shift Cipher
c. Playfair Cipher
d. Block Cipher
Answer- Shift Cipher
Que - ________________ is a cipher formed out of substitution where for a given key-value the cipher alphabet for every plain text remains fixed all through the encryption procedure.
a. Polyalphabetic Cipher
b. Caesar Cipher
c. Playfair Cipher
d. Monoalphabetic Cipher
Answer- Monoalphabetic Cipher
Que - In Playfair cipher, at first, a key table is produced. That key table is a 5 by 5 grid of alphabets which operates as the key to encrypt the plaintext.
a. Rolling Cipher
b. Shift Cipher
c. Playfair Cipher
d. Block Cipher
Answer- Playfair Cipher
Que - ______________ employs a text string as a key that is implemented to do a series of shifts on the plain-text.
a. Vigenere Cipher
b. Shift Cipher
c. Playfair Cipher
d. Block Cipher
Answer- Shift Cipher
Que - The ________________ has piece of the keyword that has the same length as that of the plaintext.
a. Block Cipher
b. One-time pad
c. Hash functions
d. Vigenere Cipher
Answer- One-time pad
Que - In _____________ a sequence of actions is carried out on this block after a block of plain-text bits is chosen for generating a block of cipher-text bits.
a. Block Cipher
b. One-time pad
c. Hash functions
d. Vigenere Cipher
Answer- Block Cipher
Que - In _______________ the plain-text is processed 1-bit at a time & a series of actions is carried out on it for generating one bit of cipher-text.
a. Block Cipher
b. One-time pad
c. Stream cipher
d. Vigenere Cipher
Answer- Stream cipher
Que - The procedure to add bits to the last block is termed as _________________
a. decryption
b. hashing
c. tuning
d. padding
Answer- padding
Que - Which of the following is not an example of a block cipher?
a. DES
b. IDEA
c. Caesar cipher
d. Twofish
Answer- Caesar cipher
Que - Data Encryption Standard is implemented using the Feistel Cipher which employs 16 round of Feistel structure.
a. DES
b. IDEA
c. Caesar cipher
d. Twofish
Answer- DES
Que - DES stands for ________________
a. Data Encryption Security
b. Data Encrypted Standard
c. Device Encryption Standard
d. Data Encryption Standard
Answer- Data Encryption Standard
Que - ____________ carries out all its calculations on bytes rather than using bits and is at least 6-times faster than 3-DES.
a. AES
b. DES
c. IDEA
d. Twofish
Answer- AES
Que - AES stands for ________________
a. Advanced Encryption Security
b. Advanced Encryption Standard
c. Advanced Encrypted Standard
d. Active Encryption Standard
Answer- Advanced Encryption Standard
Que - AES is at least 6-times faster than 3-DES.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - _____________ is another data hiding technique which can be used in conjunction with cryptography for the extra-secure method of protecting data.
a. Cryptography
b. Steganography
c. Tomography
d. Chorography
Answer- Steganography
Que - _____________ is hiding of data within data, where we can hide images, text, and other messages within images, videos, music or recording files.
a. Cryptography
b. Tomography
c. Steganography
d. Chorography
Answer- Steganography
Que - Steganography follows the concept of security through obscurity.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - The word ________________is a combination of the Greek words 'steganos' which means "covered or concealed", and 'graphein' which means "writing".
a. Cryptography
b. Tomography
c. Steganography
d. Chorography
Answer- Steganography
Que - A ________________ tool permits security professional or a hacker to embed hidden data within a carrier file like an image or video which can later be extracted from them.
a. Cryptography
b. Tomography
c. Chorography
d. Steganography
Answer- Steganography
Que - Which of the following is not a steganography tool?
a. Xaio steganography
b. Image steganography
c. ReaperExploit
d. Steghide
Answer- ReaperExploit
Que - Which of the following is not a steganography tool?
a. Crypture
b. SteganographX Plus
c. rSteg
d. Burp Suite
Answer- Burp Suite
Que - The main motive for using steganography is that hackers or other users can hide a secret message behind a ______________
a. special file
b. ordinary file
c. program file
d. encrypted file
Answer- ordinary file
Que - People will normally think it as a normal/regular file and your secret message will pass on without any _______________
a. suspicion
b. decryption
c. encryption
d. cracking
Answer- suspicion
Que - By using ______________ you can diminish the chance of data leakage.
a. Cryptography
b. Tomography
c. Chorography
d. Steganography
Answer- Chorography
Que - _____________ makes it likely for its users to hide their physical locations & offering a variety of services like web publishing or an IM maintaining privacy.
a. AnonyMode
b. In-private mode
c. Incognito mode
d. Tor
Answer- Tor
Que - TOR stands for _______________
a. The Open Router
b. The Onion Reader
c. The Onion Router
d. Tactical Onion Router
Answer- The Onion Router
Que - Tor services are also popularly known as _____________
a. onion services
b. garlic services
c. privacy policy service
d. anti-surveillance service
Answer- onion services
Que - Tor was originally designed for the _____________ for protecting government communications.
a. U.S. Navy
b. Indian Navy
c. US army
d. Chinese cyber army
Answer- U.S. Navy
Que - Tor is written in ______ language having roughly 146,000 LOC (lines of code).
a. C
b. C++
c. C
d. Objective C
Answer- C
Que - __________ contains a huge proxy DB which users can use to protect their online privacy and preserve their identity online.
a. AnonyMode
b. In-private mode
c. Incognito mode
d. Tor
Answer- Tor
Que - The _________ is developed for negotiating a virtual tunnel throughout the network by encrypting & arbitrarily bouncing all of its communications via relay networks.
a. AnonyMode
b. Tor
c. Incognito mode
d. In-private mode
Answer- Tor
Que - Which of the following online services' privacy cannot be protected using Tor?
a. Instant messaging
b. Browsing data
c. Relay chats
d. Login using ID
Answer- Login using ID
Que - Tor is usually used by the military, cyber-criminals, activists, journalists, law enforcement officers etc.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - ___________________ is employed by encrypting the application layer with a communication protocol stack, nested in various layers of onion.
a. Privacy routing
b. Onion routing
c. Turbo routing
d. DHCP routing
Answer- Onion routing
Que - The term _____________ means taking care of a user's name as well as the identity hidden or veiled using a variety of applications.
a. pseudonymous
b. anonymous
c. eponymous
d. homonymous
Answer- anonymous
Que - Sometimes __________________ anonymize them to perform criminal activities.
a. virus
b. incident handlers
c. cyber-criminals
d. ethical hackers
Answer- cyber-criminals
Que - An _______________ allows users for accessing the web while blocking the trackers or agents that keep tracing the identity online.
a. intranet
b. extranet
c. complex network
d. anonymity network
Answer- anonymity network
Que - _________ services are examples of anonymity services that conceal the location and usage of any user.
a. Tor
b. Encrypted router
c. Firewall
d. HTTPS
Answer- Tor
Que - Another anonymity network is the I2P identity-sensitive network which gets distributed & is dynamic in nature as they route traffic through other peers.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Which of the following is not an example of approaches for maintaining anonymity?
a. Use of VPNs
b. Use of Tor Browser
c. Use of Proxy servers
d. Use of Antivirus
Answer- Use of Antivirus
Que - Which of the following is not an example of approaches for maintaining anonymity?
a. Using encrypted search engines that don't share your search data
b. Use firewalls
c. Fake email services
d. Use file shielders
Answer- Use firewalls
Que - Big multinational companies are providing us with search engines to easily search for data for free. But they are also taking our searched data and browsing habits as well as choices.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Which of the following is not a VPN used for preserving our anonymity?
a. Nord VPN
b. Express VPN
c. Microsoft Security Essential
d. CyberGhost
Answer- Microsoft Security Essential
Que - __________________ are those search engines that are intended and designed not to take our searched data or browsing habits hence do not hampers our online privacy.
a. Paid search engines
b. Incognito mode
c. In-private mode
d. Private search engines
Answer- Private search engines
Que - Which of the following is a private search engine?
a. Bing
b. Google
c. Duckduckgo
d. Yahoo
Answer- Duckduckgo
Que - Which of the following is not a private search engine?
a. StartPage
b. Baidu
c. SearX.me
d. Qwant
Answer- SearX.me
Que - Which of the below-mentioned search engine can provide you with anonymity while searching?
a. Privatelee
b. Baidu
c. Google
d. Bing
Answer- Privatelee
Que - The ____________ is anything which your search engine cannot search.
a. Haunted web
b. World Wide Web
c. Surface web
d. Deep Web
Answer- Deep Web
Que - The ______________ is categorized as an unknown segment of the Deep Web which has been purposely kept hidden & is inaccessible using standard web browsers.
a. Haunted web
b. World Wide Web
c. Dark web
d. Surface web
Answer- Dark web
Que - ________________ is a network construct over the internet that is encrypted. It offers anonymity to its users. Tor (The Onion Router) is a common service of Darknet.
a. Freenet
b. Darknet
c. ARPANET
d. Stuxnet
Answer- Darknet
Que - A special tool is necessary for entering the network which is _______________ that helps the anonymous internet users to access into the Tor's network and use various Tor services.
a. Opera browser
b. Mozilla browser
c. Chrome browser
d. Tor browser
Answer- Tor browser
Que - ____________ is also a part of darknet that is employed for transferring files anonymously.
a. Freenet
b. Darknet
c. ARPANET
d. Stuxnet
Answer- Freenet
Que - One example of a popular website on ______________ is the silk-road that was used to sell drugs that were later taken down by the FBI.
a. Freenet
b. Darknet
c. ARPANET
d. Stuxnet
Answer- Darknet
Que - Deep web is also known as ______________
a. Freenet
b. Darknet
c. ARPANET
d. Hidden web
Answer- Hidden web
Que - The popular computer scientist _____________ has coined the term "deep web" in the year 2001.
a. Mr. Tim B. Lee
b. Mr. Narcos Maralli
c. Mr. Michael K. Bergman
d. Mr. Ken Thompson
Answer- Mr. Michael K. Bergman
Que - The popular computer scientist Mr. Michael K. Bergman has coined the term "deep web" in the year ____________
a. 2000
b. 2001
c. 2002
d. 2003
Answer- 2001
Que - The __________ was a huge marketplace of Dark Web specifically famous for selling of illegal drugs & narcotics as well as you can find a wide range of other goods for sale.
a. Silk Road
b. Cotton Road
c. Dark Road
d. Drug Road
Answer- Silk Road
Que - Your online activity can still be tracked even if you use different Tor services, but not in much detail.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- TRUE
Que - Tor (The Onion Router) is not a service or part of the darknet.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned
Answer- FALSE