Scribd Logo
Upload

Welcome to Scribd!

  • 2 views

    Info.Sec Interns Questionnaires v1.1

    Uploaded by

    praneeth.marpally
    info security interview questions

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Info.Sec Interns Questionnaires v1.1

    Uploaded by

    praneeth.marpally
    2 views4 pages
    info security interview questions

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    info security interview questions

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    2 views4 pages

    Info.Sec Interns Questionnaires v1.1

    Uploaded by

    praneeth.marpally
    info security interview questions

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 4

    Cyber Security Interns / Freshers

    Pre-Screening Questionnaires
    Chapter – 1
    1. The initial phase of ethical hacking is?
    A. DNS poisoning
    B. Footprinting
    C. ARP-poisoning
    D. Enumeration
    Answer: B ( In this Phase, The attacker attempts to find as many attack vectors as
    he can, reconnaissance is another term for footprinting)

    2. Which of the below can be classified as a type of computer threat?


    A. Dos Attack
    B. Phishing
    C. Soliciting
    D. Both A and C
    Answer: A ( A denial of service attack is referred to as a dos attack, it’s a type of
    cyber-attack in which someone tries to prevent a machine from serving its intended
    consumers)

    3. In system hacking, which of the below is the most crucial activity?


    A. Information gathering
    B. Covering tracks
    C. Cracking passwords
    D. None of the above
    Answer: C

    4. What is the primary objective of penetration testing?


    A. To identify and exploit vulnerabilities in the system
    B. To test the strength of a firewall
    C. To detect viruses and malware
    D. To audit the performance of the system

    5. Which of the below malware types permits the hackers to access


    administrative controls and do nearly everything he wants with the infected
    systems?
    A. RATs
    B. Worms
    C. Rootkits
    D. Botnets
    Answer: A ( RATs stands for Remote Access Trojans which gives the attacker
    administrative power over your device, just as if they had physical access)

    6. When any IT device, service, or system requires security checks, the term
    “security testing” is employed.?
    A. Threat
    B. Vulnerability
    C. Objective of evaluation
    D. Attack
    Answer: C ( When any IT system, device, or platform requires assessment for safety
    purposes or to address any faults after being evaluated by security researchers, the
    term “objective of evaluation” is used)

    7. What is the purpose of social engineering in a penetration test?


    Cyber Security Interns / Freshers
    Pre-Screening Questionnaires

    A. To test the physical security of the target system


    B. To identify weaknesses in the target system’s software
    C. To manipulate individuals into disclosing sensitive information
    D. To test the network infrastructure of the target system

    8. Which of the below is a method of gaining access to a computer program or


    an entire computer system while circumventing all security measures?
    A. Backdoor
    B. Masquerading
    C. Phishing
    D. Trojan Horse
    Answer: Backdoor ( A backdoor is a sort of malware that bypasses standard
    authentication mechanisms to gain access to a system)

    9. The term “protection from ______of source code” refers to limiting access to
    the source code to just authorised individuals.
    A. disclosure
    B. alteration
    C. destruction
    D. log of changes
    Answer: C

    10. _______________ are programmes or procedures that enable hackers to


    maintain control of a computer system.?
    A. Exploits
    B. Antivirus
    C. Firewall by-passers
    D. Worms
    Answer: A ( Exploits are programs or algorithms that allow hackers to gain total
    control of a computer system)
    Cyber Security Interns / Freshers
    Pre-Screening Questionnaires
    Chapter -2
    Q1. Which of the following groups must a penetration testing review?
    A. Documentation, Log, System Configuration, Ruleset, Network Sniffing, File Integrity
    B. Documentation, Log, System Configuration, Network Sniffing, File Integrity
    C. Documentation, Log, System Configuration, Network Sniffing, Ruleset, File Integrity, Personnel
    D. None of these

    Q2. What is the main objective of a grey-box penetration test?


    A. To assess the security of the target from an outsider’s perspective
    B. To assess the security of the target with knowledge of the internal network
    C. To assess the security of the target with limited knowledge of the target
    D. To assess the security of the target with knowledge of the target’s operating system

    Q3. What is the difference between Black Box Testing and White Box Testing?
    A. White Box Testing only tests network systems, while Black Box Testing tests both network and
    application systems
    B. Black Box Testing is performed internally, while White Box Testing is performed by external
    organizations
    C. White Box Testing does not provide any knowledge of the system being tested, while Black Box
    Testing provides complete knowledge of the system
    D. Black Box Testing does not provide any knowledge of the system being tested, while White Box
    Testing provides complete knowledge of the system

    Q4. What is the main difference between a vulnerability assessment and a penetration test?

    A. A vulnerability assessment is a passive test while a penetration test is an active test


    B. A vulnerability assessment only identifies vulnerabilities while a penetration test exploits them
    C. A vulnerability assessment is performed internally while a penetration test is performed externally
    D. None of the above

    Q5. What is the difference between a vulnerability and an exploit?


    A. A vulnerability is a weakness in a system while an exploit is a tool used to attack the system
    B. A vulnerability is an attack on a system while an exploit is a weakness in the system
    C. A vulnerability is a hardware issue while an exploit is a software issue
    D. A vulnerability is a software issue while an exploit is a hardware issue

    Q6. Which of the following is a common vulnerability in wireless networks?


    A. Buffer overflow
    B. SQL injection
    C. Denial of service (DoS) attack
    D. Weak encryption and authentication protocols

    Q7. Which of the following is an example of a web application vulnerability?


    A. Buffer overflow
    B. SQL injection
    C. Cross-site scripting (XSS)
    D. DNS spoofing

    Q8. What is the purpose of a proxy server?


    A. To detect and block malicious traffic
    Cyber Security Interns / Freshers
    Pre-Screening Questionnaires
    B. To act as an intermediary between clients and servers and filter or modify network traffic
    C. To simulate a network or system for testing or training purposes
    D. To monitor network traffic for signs of compromise

    Q9. Which of the following is an example of a network-based vulnerability scanner?


    A. Nessus
    B. Wireshark
    C. Nikto
    D. Metasploit

    Q10. Which of the following is an example of a social engineering attack?


    A. Brute force attack
    B. Denial of service (DoS) attack
    C. Phishing attack
    D. SQL injection attack

    You might also like