Assignment No :05

Name: Om Shivaji Dhere

Roll No: 25
Unit 5: Basics of Hacking

1. Hackers who help in finding bugs and vulnerabilities in a system & don’t intend to crack a system
aretermed as

a) Black Hat hackers

b) White Hat Hackers

c) Grey Hat Hackers

d) Red Hat Hackers

Answer: b

2. Which is the legal form of hacking based on which jobs are provided in IT industries and firms?

a) Cracking

b) Non ethical Hacking

c) Ethical hacking

d) Hactivism

Answer: c

3. They are nefarious hackers, and their main motive is to gain financial profit by doing cybercrimes.

Who are “they” referred to here?

a) Gray Hat Hackers

b) White Hat Hackers

c) Hactivists

d) Black Hat Hackers

Answer: d

4. are the combination of both white as well as black hat hackers.

a) Grey Hat hackers

b) Green Hat hackers

c) Blue Hat Hackers

d) Red Hat Hackers

Answer: a

5. The amateur or newbie in the field of hacking who don’t have many skills about coding and in-
depthworking of security and hacking tools are called

a) Sponsored Hackers

b) Hactivists

c) Script Kiddies

d) Whistle Blowers

Answer: c

6. Suicide Hackers are those

a) who break a system for some specific purpose with or without keeping in mind that they may suffer
long termimprisonment due to their malicious activity

b) individuals with no knowledge of codes but an expert in using hacking tools

c) who know the consequences of their hacking activities and hence try to prevent them by erasing their
digitalfootprints

d) who are employed in an organization to do malicious activities on other firms

Answer: a

7. Criminal minded individuals who work for terrorist organizations and steal information of nations
andother secret intelligence are

a) State sponsored hackers

b) Blue Hat Hackers

c) Cyber Terrorists

d) Red Hat Hackers

Answer: c

8. One who disclose information to public of a company, organization, firm, government and
privateagency and he/she is the member or employee of that organization; such individuals are termed
as

a) Sponsored hackers

b) Crackers

c) Hactivist

d) Whistleblowers
Answer: d

9. These types of hackers are the most skilled hackers in the hackers’ community. Who are
“they”referred to?

a) White hat Hackers

b) Elite Hackers

c) Licensed Penetration Testers

d) Red Hat Hackers

Answer: b

10.are those individuals who maintain and handles IT security in any firm or organization.

a) IT Security Engineer

b) Cyber Security Interns

c) Software Security Specialist

d) Security Auditor

Answer: a

11. Role of security auditor is to

a) secure the network

b) probe for safety and security of organization‟s security components and systems

c) detects and prevents cyber-attacks and threats to organization

d) does penetration testing on different web applications

Answer: b

12. are senior level corporate employees who have the role and responsibilities of creating anddesigning
secured network or security structures.

a) Ethical Hackers

b) Chief Technical Officer

c) IT Security Engineers

d) Security Architect

Answer: d

13. security consultants uses database security monitoring & scanning tools to maintainsecurity to
different data residing in the database / servers / cloud.

a) Database
b) Network

c) System

d) Hardware

Answer: a

14. Governments hired some highly skilled hackers. These types of hackers are termed as

a) Special Hackers

b) Government Hackers

c) Cyber Intelligence Agents

d) Nation / State sponsored hackers

Answer: d

15. Someone (from outside) who tests security issues for bugs before launching a system orapplication,
and who is not a part of that organization or company are

a) Black Hat hacker

b) External penetration tester

c) Blue Hat hacker

d) White Hat Hacker

Answer: c

16. The full form of Malware is

a) Malfunctioned Software

b) Multipurpose Software

c) Malicious Software

d) Malfunctioning of Security

Answer: c

17. Who deploy Malwares to a system or network?

a) Criminal organizations, Black hat hackers, malware developers, cyber-terrorists

b) Criminal organizations, White hat hackers, malware developers, cyber-terrorists

c) Criminal organizations, Black hat hackers, software developers, cyber-terrorists

d) Criminal organizations, gray hat hackers, Malware developers, Penetration testers

Answer: a
18.is a code injecting method used for attacking the database of a system / website.

a) HTML injection

b) SQL Injection

c) Malicious code injection

d) XML Injection

Answer: b

19. XSS is abbreviated as

a) Extreme Secure Scripting

b) Cross Site Security

c) X Site Scripting

d) Cross Site Scripting

Answer: d

20. This attack can be deployed by infusing a malicious code in a website’s comment section. What is

“this” attack referred to here?

a) SQL injection

b) HTML Injection

c) Cross Site Scripting (XSS)

d) Cross Site Request Forgery (XSRF)

Answer: c

21. When there is an excessive amount of data flow, which the system cannot handle, attacktakes place.

a) Database crash attack

b) DoS (Denial of Service) attack

c) Data overflow Attack

d) Buffer Overflow attack

Answer: d

22. Compromising a user’s session for exploiting the user’s data and do malicious activities or
misuseuser’s credentials is called

a) Session Hijacking

b) Session Fixation
c) Cookie stuffing

d) Session Spying

Answer: a

23. Which of this is an example of physical hacking?

a) Remote Unauthorised access

b) Inserting malware loaded USB to a system

c) SQL Injection on SQL vulnerable site

d) DDoS (Distributed Denial of Service) attack

Answer: b

24. Which of them is not a wireless attack?

a) Eavesdropping

b) MAC Spoofing

c) Wireless Hijacking

d) Phishing

Answer: d

25. An attempt to harm, damage or cause threat to a system or network is broadly termed as

a) Cyber-crime

b) Cyber Attack

c) System hijacking

d) Digital crime

Answer: b

26. Which method of hacking will record all your keystrokes?

a) Keyhijacking

b) Keyjacking

c) Keylogging

d) Keyboard monitoring

Answer: c

27.are the special type of programs used for recording and tracking user’s keystroke.

a) Keylogger
b) Trojans

c) Virus

d) Worms

Answer: a

28. Stuxnet is a

a) Worm

b) Virus

c) Trojan

d) Antivirus

Answer: a

29. According to the CIA Triad, which of the below-mentioned element is not considered in the triad?

a) Confidentiality

b) Integrity

c) Authenticity

d) Availability

Answer: c

30. is the latest technology that faces an extra challenge because of CIA paradigm.

a) Big data

b) Database systems

c) Cloud storages

d) Smart dust

Answer: a

31. One common way to maintain data availability is

a) Data clustering

b) Data backup

c) Data recovery

d) Data Altering

Answer: b
32. is the practice and precautions taken to protect valuable information from unauthorisedaccess,
recording, disclosure or destruction.

a) Network Security

b) Database Security

c) Information Security

d) Physical Security

Answer: c

33. From the options below, which of them is not a vulnerability to information security?

a) flood

b) without deleting data, disposal of storage media

c) unchanged default password

d) latest patches and updates not done

Answer: a

34. platforms are used for safety and protection of information in the cloud.

a) Cloud workload protection platforms

b) Cloud security protocols

c) AWS

d) One Drive

Answer: a

35. technology is used for analyzing and monitoring traffic in network and information flow.

a) Cloud access security brokers (CASBs)

b) Managed detection and response (MDR)

c) Network Security Firewall

d) Network traffic analysis (NTA)

Answer: d

36. Compromising confidential information comes under

a) Bug

b) Threat

c) Vulnerability
d) Attack

Answer: b

37. Lack of access control policy is a

a) Bug

b) Threat

c) Vulnerability

d) Attack

Answer: c

38. Possible threat to any information cannot be

a) reduced

b) transferred

c) protected

d) ignored

Answer: d

39. How many basic processes or steps are there in ethical hacking?

a) 4

b) 5

c) 6

d) 7

Answer: c

40.is the information gathering phase in ethical hacking from the target user.a) Reconnaissance

b) Scanning

c) Gaining access

d) Maintaining access

Answer: a

41. Which of the following is not a reconnaissance tool or technique for information gathering?

a) Hping

b) NMAP

c) Google Dorks
d) Nexpose

Answer: d

42. There are subtypes of reconnaissance.

a) 2

b) 3

c) 4

d) 5

Answer: a

43. Which of the following is an example of active reconnaissance?

a) Searching public records

b) Telephone calls as a help desk or fake customer care person

c) Looking forthetarget‟sdetails in thedatabase

d)Searchingthetarget‟sdetails inpaperfiles

Answer: b

44. Which of the following is an example of passive reconnaissance?

a) Telephonic calls to target victim

b) Attacker as a fake person for Help Desk support

c) Talk to the target user in person

d) Search about target records in online people database

Answer: d

45. Which of them does not comes under scanning methodologies?

a) Vulnerability scanning

b) Sweeping

c) Port Scanning

d) Google Dorks

Answer: d

46. Which of them is not a scanning tool?

a) NMAP

b) Nexpose
c) Maltego

d) Nessus

Answer: c

47. Which of the following comes after scanning phase in ethical hacking?

a) Scanning

b) Maintaining access

c) Reconnaissance

d) Gaining access

Answer: d

48. In phase the hacker exploits the network or system vulnerabilities.

a) Scanning

b) Maintaining access

c) Reconnaissance

d) Gaining access

Answer: d

49. A can gain access illegally to a system if the system is not properly tested in scanningand gaining
access phase.

a) security officer

b) malicious hacker

c) security auditor

d) network analyst

Answer: b

50. Which of the following hacking tools and techniques hackers’ do not use for maintaining access ina
system?

a) Rootkits

b) Backdoors

c) Trojans

d) Wireshark

Answer: d
51. In phase, the hackers try to hide their footprints.

a) Scanning

b) Tracks clearing

c) Reconnaissance

d) Gaining access

Answer: b

52. Which of them is not a track clearing technique?

a) Altering log files

b) Tunnelling

c) Port Scanning

d) Footprint removing

Answer: c

53. is the last phase of ethical hacking process.

a) Scanning

b) Tracks clearing

c) Reconnaissance

d) Reporting

Answer: d

54. Ethical Hacking is also known as

a) Black Hat hacking

b) White Hat hacking

c) Encrypting

d) None of these

55. Tool(s) used by ethical hackers

a) Scanner

b) Decoder

c) Proxy

d) All of these

56. Vulnerability scanning in Ethical hacking finds

a) Strengths

b) Weakness

c) a & b

d) None of these

57. Ethical hacking will allow to

all the massive security breaches.

a) Remove

b) measure

c) Reject

d) None of these

58. Sequential steps hackers use are ,__,__,__

A) Maintaining Access

B) Reconnaissance

C) Scanning

D) Gaining Access

a) B, C, D, A

b) B, A C, D

c) A, B, C, D

d) D, C, B, A

59. phase in ethical hacking is known as the pre-attack phase.

a) Reconnaissance

b) Scanning

c) Gaining access

d) Maintaining access

Answer: b

60.Ethical Hacking is also known as

A.Black Hat Hacking.

B.White Hat Hacking.

C.Encryption.
D.None of these.

Ans. B

61.Tool(s) used by ethical hacker .

A.Scanner

B.Decoder

C.Proxy

D.All of these.

Ans. D

62.Vulnerability scanning in Ethical hacking finds .

A.Strengths.

B.Weakness.

C.A &B

D.None of these.

Ans. B

63.Ethical hacking will allow to all the massive security breaches.

A.Remove.

B.Measure.

C.Reject.

D.None of these.

Ans. B

64.Sequential step hackers use are: _ _ _ _.

A.Maintaining Access.

B.Reconnaissance

C.Scanning.

D.Gaining Access.

A.B, C, D, A
B.B, A, C, D

C.A, B, C, D

D.D, C, B, A

Ans. A

65. is the art of exploiting the human elements to gain access to the authorized user.

A.Social Engineering.

B.IT Engineering.

C.Ethical Hacking.

D.None of the above.

Ans. A

66.Which hacker refers to ethical hacker?

A.Black hat hacker.

B.White hat hacker.

C.Grey hat hacker.

D.None of the above.

Ans. B

67.The term cracker refers to

A.Black hat hacker.

B.White hat hacker.

C.Grey hat hacker.

D.None of the above.

Ans. A

68.Who described a dissertation on fundamentals of hacker’s attitude?

A.G. Palma.

B.Raymond.

C.Either.

D.Jhon Browman.
Ans. B

69.Computer Hackers have been in existence for more than a .

A.Decade.

B.Year.

C.Century

D.Era.

Ans. C

70.Hackers do hack for?

A.Fame.

B.Profit.

C.Revenge.

D.All the above

Ans. D

71.A grey hat hacker is the one who

A.Fix identifies weakness

B.Steal the data

C.Identifies the weakness and leave message to owner

D.None of the above

Ans. C

72.Keeping information secured can protect an organization image and save and organization lot

of money

A.True

B.False

Ans. A

73.Information is a one of the most valuable assets of organization

A.True

B.False

Ans. A

74.To catch a thief, think like

A.Police

B.Forensics

C.Thief

D.Hacker

Ans. C

75.can create false feeling of safety

A.Firewall

B.Encryption

C.VNPs

D.All the above

Ans. D

76.exploits that involves manipulating people and user even your self are the greatest

vulnerability within any computer

A.Nontechnical attacks

B.Network infrastructure attack

C.Operating system attack

D.Application and other specialized attack

Ans. A

77.Connecting into network through a rogue modem attached to computer behind a firewall is an

example of -

A.Nontechnical attacks

B. Network infrastructure attack

C.Operating system attack

D.Application and other specialized attack

Ans. B

78. comprise of large portion of hacker attacks simply because every computer has one

and so well know exploits can be used against them

A.Nontechnical attacks

B.Network infrastructure attack

C.Operating system attack

D.Application and other specialized attack

Ans. C

79.should be done before ethical hacking process.

A.Data gathering.

B.Attacking

C.Planning

D.Research

Ans. C

80.Which permission is necessary before ethical hacking?

A.Written permission.

B.Decision maker permission

C.Privacy permission

D.Risk permission.

Ans. A

81.Which tool is used to crack the password?

A.Nmap

B.LC4

C.ToneLOC

D.Nessus
Ans. B

82.Which tool is used for depth analysis of a web application?

A.Whisker

B.Super scan

C.Nikto

DKismet

Ans. A

83.has now evolved to be one of the most popular automated tools for unethical

hacking.

A.Automated apps

B.Database software

C.Malware

D.Worms

Ans. C

84.Leaking your company data to the outside network without prior permission of senior

authority is a crime.

A.True

B.False

Ans. A

85.A penetration tester must identify and keep in mind the &

requirements of a firm while evaluating the security postures.

A.privacy and security

B.rules and regulations

C.hacking techniques

D.ethics to talk to seniors

Ans. A

86.The legal risks of ethical hacking include lawsuits due to of personal data.
A.stealing

B.disclosure

C.deleting

D.hacking

Ans. B

87.Before performing any penetration test, through legal procedure, which key points listed

below is not mandatory?

A.Know the nature of the organization

B.Characteristics of work done in the firm

C.System and network

D.Type of broadband company used by the firm

Ans. D

88.Computer Hackers have been in existence for more than

a__. A. Decade.

B. Year.

C. Century

D. Era.

Ans. C

89.Hackers do hack for?

A. Fame.

B. Profit.

C. Revenge.

D. All the above

Ans. D

90.The intent of ethical hacker is to discover vulnerabilities from a___ point of view to better secure
system.

A. Victims.

B. Attackers.
 C. Both A & B

D. None of these.

Ans. B

91.Security audits are usually based on__

A. Entries.

B. Checklists.

C. Both A & B

D. None of the above

Ans. B

92.Ethical hacking consist of ____

A. Penetration testing.

B. Intrusion testing.

C. Red teaming.

D. All of the above.

Ans. D

93.___ is a person who find and exploits the weakness in computer system.

A. Victim

B. Hacker

C. Developer

D. None of the above.

Ans. B

94. A white hat hacker is the one who __

A. Fix identifies weakness

B. Steal the data

C. Identifies the weakness and leave message to owner

D. None of the above

Ans. A

95.A black hat hacker is the one who ___

A. Fix identifies weakness

B. Steal the data

C. Identifies the weakness and leave message to owner

D. None of the above.

Ans. B

96. A grey hat hacker is the one who__

A. Fix identifies weakness

B. Steal the data

C. Identifies the weakness and leave message to owner

D. None of the above

Ans. C

97. Which tool is used to crack the password?

A. Nmap

B. LC4

C. ToneLOC

D. Nessus

Ans. B

98. Which tool is used for depth analysis of a web application?

A. Whisker

B. Super scan

C. Nikto

D. Kismet

Ans. A

99. Which tool is used to encrypt Email?

A. WebInspect

B. QualyGuard

C. PGP (pretty good privacy)

D. None of the above.

Ans. C

100.Malicious attacker often think like?

A. Thieves

B. Kidnapper

C. Both A & B

D. None of the above

Ans.