Professional Documents
Culture Documents
ETI
ETI
42. _____ is a person who find and exploits the weakness in computer system
Ans. Hacker
43. A white hat hacker is the one who ___
Ans. Fix identifies weakness
44. A black hat hacker is the one who ____
Ans. Steal the data
45. A grey hat hacker is the one who_____
Ans. Identifies the weakness and leave message to owner
46. _____ exploits that involves manipulating people and user even your self are
the greatest vulnerability within any computer
Ans. Nontechnical attacks
47. Connecting into network through a rogue modem attached to computer
behind a firewall is an example of ___
Ans. Network infrastructure attack
48. _____ comprise of large portion of hacker attacks simply because every
computer has one and so well know exploits can be used against them
Ans. Operating system attack
49. _____ should be done before ethical hacking process
Ans. Planning
50. Which permission is necessary before ethical hacking?
Ans. Written permission
51. Which tool is used to crack the password?
Ans. LC4
52. Which tool is used for depth analysis of a web application?
Ans. Whisker
53. Which tool is used to encrypt Email?
Ans. PGP (pretty good privacy)
54. Malicious attacker often think like?
Ans. Both A & B
55. Which hacker try to distribute political or social message through their work?
Ans. Hactivist
56. _____ are part of organized crime on internet
Ans. Hacker for hire
57. Performing a shoulder surfing in order to check other’s password is
____________ ethical practice
Ans. a bad
58. ______ has now evolved to be one of the most popular automated tools for
unethical hacking
Ans. Malware
59. A penetration tester must identify and keep in mind the ___________ &
___________ requirements of a firm while evaluating the security postures
Ans. privacy and security
60. The legal risks of ethical hacking include lawsuits due to __________ of
personal data. A. stealing
Ans. Disclosure
61. Before performing any penetration test, through legal procedure, which key
points listed below is not mandatory?
Ans. Type of broadband company used by the firm
62. SNMP stands for___
Ans. Simple Network Management Protocol
63. Which of the following tool is used for Network Testing and port
Scanning____
Ans. All of above
64. Banner grabbing is used for
Ans. White Hat Hacking
65. An attacker can create an________attack by sending hundreds or thousands
of e-mails a with very large attachments
Ans. Auto responder Attack
66. Which of the following tool is used for Windows for network queries from
DNS lookups to trace routes?
Ans. Sam Spade
67. Which tool is used for ping sweeps and port scanning?
Ans. SuperScan
68. Which of the following tool is used for security checks as port scanning and
firewall testing?
Ans. Netcat
69. What is the most important activity in system cracking? A. Information
gathering
Ans. Cracking password
70. Which Nmap scan is does not completely open a TCP connection?
Ans. SYN stealth scan
71. Key loggers are form of
Ans. Spyware
72. ____is a popular tool used for discovering network as well as security auditing
Ans. Nmap
73. Which of this Nmap do not check?
Ans. What type of antivirus in use?
74. What are the some of the most common vulnerabilities that exist in a network
system? A. Changing manufacturer, or recommended settings of newly installed
application
Ans. Additional unused feature on commercial software package.
75. Which of the following is not a characteristic of ethical hacker? A. Excellent
knowledge of Windows
Ans. Has the highest level of security for the organization
76. Attempting to gain access to a network using an employee’s credentials is
called the _____________ mode of ethical hacking
Ans. Local networking
77. The first phase of hacking an IT system is compromise of which foundation of
security?
Ans. Confidentiality
78. Why would a ping sweep be used?
Ans. To identify live systems
79. What are the port states determined by Nmap?
Ans. Open, filtered, unfiltered
80. What port does Telnet use?
Ans. 23
81. Which of the following will allow foot printing to be conducted without
detection?
Ans. ARIN
82. Performing hacking activities with the intent on gaining visibility for an unfair
situation is called ____
Ans. Hacktivism
83. Why would a hacker use a proxy server?
Ans. To create a stronger connection with the target
84. Which phase of hacking performs actual attack on a network or system?
Ans. Gaining Access
85. Sniffing is used to perform ______________ fingerprinting.
Ans. Passive stack
86. Services running on a system are determined by _________
Ans. The port assigned
87. What are the types of scanning?
Ans. Network, vulnerability, and port
88. Enumeration is part of what phase of ethical hacking?
Ans. Gaining Access
89. _______ framework made cracking of vulnerabilities easy like point and click
Ans. Metasploit
90. _____ is a popular IP address and port scanner
Ans. Angry IP Scanner
91. ______ is a popular tool used for network analysis in multiprotocol diverse
network
Ans. EtterPeak
92. ______ scans TCP ports and resolves different hostnames.
Ans. SuperScan
93. What tool can be used to perform SNMP enumeration?
Ans. IP Network Browser
94. Wireshark is a ____________ tool
Ans. network protocol analysis
95. Aircrack-ng is used for ________
Ans. Wi-Fi attacks
96. Phishing is a form of ______
Ans. Impersonation
97. What are the types of scanning?
Ans. . Network, vulnerability, and port
98. ____ is used for searching of multiple hosts in order to target just one specific
open port
Ans. Ping Sweep
99. ARP spoofing is often referred to as___
Ans. Man-in-the-Middle attack
100. _____is a tool that allows you to look into network and analyze data going
across the wire for network optimization, security and troubleshooting purposes
Ans. Network analyzer
101. _______ is not a function of network analyzer tool.
Ans. Banner grabbing
102. ____ protocol is used for network monitoring
Ans. FTP
103. What is the attack called “evil twin”?
Ans. Rouge access point
104. What is the primary goal of an ethical hacker?
Ans. resolving security vulnerabilities
105. Which type of hacker represents the highest risk to your network?
Ans. disgruntled employees
106. Hacking for a cause is called___
Ans. Hacktivism
107. When a hacker attempts to attack a host via the internet it is known as what
type of attack? A. local access
Ans. remote attack
108. A type of attack that overloads the resources of a single system to cause it to
crash or hang
Ans. Passive Sniffing
109. In computer networking, ____ is any technical effort to manipulate the
normal behavior of network connections and connected systems
Ans. Hacking
110. ___ generally refers to unauthorized intrusion into a computer or a network
Ans. Hacking
111. We can eliminate many well-known network vulnerabilities by simply patch-
ing your network hosts with their latest ______and______
Ans. Vendor software and firmware patches
112. Network consist devices such as routers, firewalls, hosts that you must assess
as a part of ______ process
Ans. Ethical hacking process
113. Network infrastructure vulnerabilities are the foundation for most technical
security issues in your information systems
Ans. Network infrastructure vulnerabilities
114. ____ attack, which can take down your Internet connection or your entire
network
Ans. DOS
115. DOS stands for A. Detection
Ans. Denial of Service
116. Which protocols are in use is vulnerable
Ans. SSL
117. ____ include phishing, SQL injection, hacking, social engineering, spamming,
denial of service attacks, Trojans, virus and worm attacks
Ans. Network infrastructure vulnerabilities
118. Who invent worm attack___
Ans. Robert Morris
119. Which of the following is not a typical characteristic of an ethical hacker? A.
Excellent knowledge of Windows
Ans. Has the highest level of security for the organization.
220. What is the purpose of a Denial of Service attack?
Ans. To overload a system so it is no longer operational
221. What is the sequence of a TCP connection?
Ans. SYN-SYN ACK-ACK
222. Why would a ping sweep be used?
Ans. To identify live systems
223. A packet with no flags set is which type of scan?
Ans. NULL