Scribd
Upload
2 views

Copy of TYCS(EH)

The document provides an overview of ethical hacking, including its goals, differences from malicious hacking, and key concepts such as vulnerability assessments, social engineering, penetration testing, and various types of cyber attacks. It also covers tools and techniques used in ethical hacking, such as firewalls, honeypots, and vulnerability scanners. Additionally, it addresses methods to prevent attacks and the importance of understanding vulnerabilities and exploits.

Uploaded by

deva maurya
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
2 views

Copy of TYCS(EH)

The document provides an overview of ethical hacking, including its goals, differences from malicious hacking, and key concepts such as vulnerability assessments, social engineering, penetration testing, and various types of cyber attacks. It also covers tools and techniques used in ethical hacking, such as firewalls, honeypots, and vulnerability scanners. Additionally, it addresses methods to prevent attacks and the importance of understanding vulnerabilities and exploits.

Uploaded by

deva maurya
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

Ethical Hacking

What is the main goal of ethical hacking?


a) To cause damage to a system b) To gain unauthorized access to a
system
c) To identify and fix security d) To steal sensitive information
vulnerabilities
1. What is the difference between ethical hacking and malicious hacking?
a) Ethical hacking is legal and sanctioned, while malicious hacking is illegal and
unsanctioned.
b) Ethical hacking only involves finding vulnerabilities, while malicious hacking involves
exploiting them.
c) Ethical hacking is done with the permission of the system owner, while malicious hacking
is done without permission.
d) There is no difference between ethical hacking and malicious hacking.

2. What is a vulnerability assessment?


a) A process to identify vulnerabilities in a system or network
b) A process to exploit vulnerabilities in a system or network
c) A process to fix vulnerabilities in a system or network
d) A process to steal sensitive information from a system or network

3. What is social engineering?


a) A technique to identify vulnerabilities in a system or network
b) A technique to exploit vulnerabilities in a system or network
c) A technique to manipulate people into giving up sensitive information
d) A technique to fix vulnerabilities in a system or network

4. What is the purpose of a penetration test?


a) To identify vulnerabilities in a system or network
b) To exploit vulnerabilities in a system or network
c) To fix vulnerabilities in a system or network
d) To steal sensitive information from a system or network

5. What is SQL injection?


a) A technique to identify vulnerabilities in a system or network
b) A technique to exploit vulnerabilities in a system or network
c) A technique to fix vulnerabilities in a system or network
d) A technique to steal sensitive information from a system or network

6. What is the difference between a vulnerability and an exploit?


a) A vulnerability is a weakness in a system or network, while an exploit is a tool or
technique used to take advantage of that weakness.
b) A vulnerability is a tool or technique used to identify weaknesses in a system or network,
while an exploit is a weakness that has already been identified.
c) A vulnerability is a type of malware that can infect a system or network, while an exploit
is a method of spreading that malware.
d) There is no difference between a vulnerability and an exploit.
7. What is a firewall?
a) A device used to prevent unauthorized c) A device used to encrypt network
access to a network traffic
b) A device used to monitor network d) A device used to block email spam
traffic

8. What is a honeypot?
a) A device used to lure attackers into a trap
b) A type of malware that spreads through a network
c) A tool used to test network performance
d) A device used to monitor network traffic

9. What is the difference between a virus and a worm?


a) A virus spreads by attaching itself to a host file, while a worm spreads by exploiting
network vulnerabilities.
b) A virus is a type of malware that can replicate itself and spread to other systems, while a
worm is a standalone program that can replicate itself and spread to other systems.
c) A virus requires human interaction to spread, while a worm can spread automatically
without user intervention.
d) There is no difference between a virus and a worm.

10. What is a man-in-the-middle attack?


a) An attack that intercepts communication between two parties
b) An attack that infects a system with malware
c) An attack that exploits a software vulnerability
d) An attack that floods a network with traffic

11. What is a vulnerability scanner?


a) A tool used to identify weaknesses in a system or network
b) BA tool used to exploit vulnerabilities in a system or network
c) A tool used to monitor network traffic
d) A tool used to block email spam

12. What is a rootkit?


a) A type of malware that encrypts files on a system
b) A type of software used to monitor network traffic
c) A type of software used to hide malicious activity on a system
d) A type of software used to perform brute force attacks

13. What is encryption?


a) A technique used to hide the contents of a message
b) A technique used to hide the identity of a sender
c) A technique used to hide the location of a sender
d) A technique used to hide the existence of a message

14. What is an exploit?


a) A type of malware that spreads through email attachments
b) A type of attack that takes advantage of a software vulnerability
c) A tool used to scan a network for vulnerabilities
d) A type of attack that floods a network with traffic

15. Which of the following is a type of social engineering attack?


a) SQL injection
b) Cross-site scripting
c) Phishing
d) Buffer overflow

16. Which of the following is a type of password attack?

a) Brute force
b) Cross-site scripting
c) SQL injection
d) Denial of Service

17. Which of the following is a way to prevent SQL injection attacks?

a) Encrypting network traffic


b) Implementing a firewall
c) Input validation
d) Installing antivirus software

18. Which of the following is a type of denial of service attack?

a) Smurf attack
b) SQL injection
c) Cross-site scripting
d) Port scanning

19. Which of the following is an example of a passive network reconnaissance technique?

a) Port scanning
b) Ping sweep
c) Banner grabbing
d) Sniffing

20. Which of the following is a technique used to prevent a buffer overflow attack?

a) Input validation
b) Brute force attack
c) Man-in-the-middle attack
d) Social engineering attack

21. Which of the following is an example of a black box testing technique?

a) Fuzz testing
b) Penetration testing
c) Vulnerability scanning
d) Source code review

22. Which of the following is NOT a common method used for social engineering
attacks?

A) Pretexting
B) Phishing
C) Vishing
D) Port Scanning

23. Which of the following is a common technique used by attackers to exploit buffer
overflow vulnerabilities?

a) Cross-site scripting
b) SQL injection
c) DNS spoofing
d) Shellcode injection

24. Which of the following is a passive reconnaissance technique used in ethical hacking?

a) Port Scanning
b) Social Engineering
c) Sniffing
d) SQL Injection

25. Which of the following is a vulnerability scanning tool?

a) Metasploit
b) Nmap
c) Wireshark
d) Cain & Abel

26. Which of the following is a technique used to prevent unauthorized access to a


network?

a) Encryption
b) Firewall
c) DMZ
d) VLAN

You might also like