Academic Task Number: 1 Course Code: INT244 Course Title: Secure Computing Systems

Maximum Minutes: 50 mins SET – 1 Maximum Marks: 30

12. What is the major difference between an 'Ethical Hacker'
1. what is the primary goal of an Ethical Hacker? and a 'Cracker'?
A. Avoiding detection
B. Testing security controls A. The ethical hacker has authorization from the
C. Resolving security vulnerabilities owner of the target.
D. Resolving security vulnerabilities B. The ethical hacker is just a cracker who is
getting paid.
2. What is the first phase of hacking? C. The ethical hacker does not use the same
A. Maintaining access techniques or skills as a cracker.
B. Gaining access D. The ethical hacker does it strictly for
C. Reconnaissance financial motives unlike a cracker.
D. Scanning 13. Ethical Hacking?
A. Hacking to steal sensitive information
3. Which type of hacker represents the highest risk to your B. Hacking to identify vulnerabilities in a
network? system
A. Black-hat hackers C. Hacking to disrupt a system’s functionality
B. Grey-hat hackers D. Hacking to cause damage to a system
C. Script kiddies 14. The main goal of ethical hacking?
D. Disgruntled employees A. To cause damage to a system
B. To gain unauthorized access to a
4. Hacking for a cause is called .................. system
A. Hacktivism C. To identify and fix security
B. Black-hat hacking vulnerabilities
C. Active hacking D. To steal sensitive information
D. Activism 15. What is "Google hacking" in the context of cybersecurity?

5. When a hacker attempts to attack a host via the Internet a) A method for manipulating Google search results to
it is known as what type of attack? promote specific websites.
A. Local access
B. Remote attack b) A technique for exploiting vulnerabilities in Google's
C. Internal attack search engine.
D. Physical access
c) A way to bypass Google's security measures.
6. Banner grabbing is an example of what?
A. Footprinting d) A way to enhance the performance of Google
B. Active operating system fingerprinting searches.
C. Passive operating system fingerprinting
D. Application analysis 16. What are some common threats introduced by

7. What port number does HTTPS use? Footprinting in the context of cybersecurity?
A. 53
B. 443 a) Unauthorized access and data breaches.
C. 80
D. 21 b) Encryption of sensitive information.

c) Improved network performance.

8. Which tool can be used to perform a DNS zone transfer
on Windows? d) Enhanced user authentication.
A. DNSlookup
B. Nslookup 17. Which of the following is NOT typically part of the
C. Whois
D. ipconfig Footprinting process?

a) Scanning for open ports and services.

9. What is the best reason to implement a security policy?
b) Collecting information about the organization's
A. It makes security harder to enforce.
B. It removes the employee’s responsibility to employees.
make judgments.
c) Attempting to exploit vulnerabilities in the target
C. It increases security.
D. It decreases security. system.

10. What does the term "Ethical Hacking" mean? d) Analyzing publicly available documents and data.

18. How can search engines be used for information gathering

A. Someone who is using his/her skills for
defensive purposes.
in the Footprinting process?
B. Someone who is hacking for ethical reasons.
C. Someone who is using his/her skills for a) By submitting fake queries to mislead search results.
ethical reasons.
D. Someone who is using his/her skills for b) By using advanced algorithms to bypass search
offensive purposes
engine security.
11. What are the two basic types of attacks ? c) By analyzing search results, website caches, and
indexed content to find information about the target.
A. Active
B. Passive d) By conducting DDoS attacks on search engines.
C. DoS
D. Both 1 & 2 19. What is a vulnerability assessment?
 A. process to identify vulnerabilities in a look like a notification that the person has
system or network won a contest.
B. A process to exploit vulnerabilities in a D. All of the above
system or network 29. What is ICMP tunnelling?
C. A process to fix vulnerabilities in a system A. Tunnelling ICMP messages through HTTP
or network B. Tunnelling another protocol through ICMP
D. A process to steal sensitive information C. An overt channel
from a system or network D. Sending ICMP commands using a different
20. Which of the following is not a common method used in protocol
ethical hacking? 30. What is the purpose of system-file verification?
a. Social engineering a. To find system files
b. Penetration testing b. To determine whether system files have been
c. SQL injection changed or modified
d. Denial of service attack c. To find out if a backdoor has been installed
21. What is social engineering? d. To remove a Trojan
A. technique to identify vulnerabilities in a
system or network
B. A technique to exploit vulnerabilities in a
system or network
C. A technique to manipulate people into Answers
giving up sensitive information
D. A technique to fix vulnerabilities in a
system or network 1 11 21
22. What is the purpose of a penetration test?
2 12 22
a. To identify vulnerabilities in a system or
network 3 13 23
b. To exploit vulnerabilities in a system or
network 4 14 24
c. To fix vulnerabilities in a system or network
d. To steal sensitive information from a system 5 15 25
or network
6 16 26
23. Firewall stands for? 7 17 27
a. A device used to prevent unauthorized access
to a network 8 18 28
b. A device used to monitor network traffic
c. A device used to encrypt network traffic 9 19 29
d. A device used to block email spam 10 20 30
24. What is a password cracker?
a. A tool used to guess passwords through trial
and error
b. A tool used to encrypt passwords for storage
c. A tool used to decrypt passwords for storage
d. A tool used to block password guessing
attempts
25. What is a proxy server?
a. A server that acts as an intermediary between
a client and a server
b. A server that stores and retrieves files over a
network
c. A server that provides email services
d. A server that provides web hosting services
26. Which way phishing attack collect information’s?
a. An attack that exploits a software
vulnerability
b. An attack that floods a network with traffic
c. An attack that steals sensitive information by
tricking users into providing it
d. An attack that intercepts communication
between two parties
27. Which of the following is correct in connection with the
password policy?
A. Usually, password length must be more than
8 characters
B. Password must contain upper case, lower
case, numbers, and special characters
C. There should be different passwords for
different login accounts.
D. All of the above
28. Which of the following statements describe a type of
Phishing attack?
A. Sending someone an email that contains a
malicious link by disguising to appear like an
email from someone the person knows.
B. Creating a fake website that appears to be
identical to the real website and trick users to
enter their login information
C. Sending someone a text message that
contains a malicious link that is disguised to