Ethical Hacking Practice Test Quiz: Trivia!

50 Questions | By Meabrarul | Last updated: Mar 21, 2022 | Total Attempts: 283

Questions

Settings

Create your own Quiz

Ethical Hacking Practice Test Quiz: Trivia! - Quiz

Questions and Answers

1.

A security consultant decides to use multiple layers of anti-virus defense, such as end-user desktop anti-virus and E-mail gateway. This approach can be used to mitigate which kind of attack?
- A.
  
  Forensic attack
- B.
  
  ARP spoofing attack
- C.
  
  Social engineering attack
- D.
  
  Scanning attack
2.

A person who uses hacking skills for defensive purposes is called a:
- A.
  
  Hacktivist
- B.
  
  Grey hat Hacker
- C.
  
  Black hat Hacker
- D.
  
  White hat Hacker
3.

Which of the following refers to an attacker exploiting vulnerabilities before the vendor has a patch or mitigation for them?
- A.
  
  Day 1 attack
- B.
  
  Zero-day attack
- C.
  
  Exploit
- D.
  
  Category I attack
4.

What is the preparatory phase of hacking called?
- A.
  
  Scanning
- B.
  
  Reconnaissance
- C.
  
  Enumeration
- D.
  
  Footprinting
5.

Which of the following is a weakness in a system, application, network, or process?
- A.
  
  Threat
- B.
  
  Exploit
- C.
  
  Vulnerability
- D.
  
  Attack
6.

Which of the following refers to an unskilled hacker that uses pre-made scripts and tools to hack into systems?
- A.
  
  Ethical Hacker
- B.
  
  Grey Hat Hacker
- C.
  
  Cyber Terrorist
- D.
  
  Script Kiddie
7.

Gathering information about a target without direct contact is called:
- A.
  
  Social engineering
- B.
  
  Passive FootPrinting
- C.
  
  Active FootPrinting
- D.
  
  Enumeration
8.

Which of the following ports is used by the Domain Name Service?
- A.
  
  53
- B.
  
  67
9.

Which type of password attack makes use of extensive wordlists to hash and run against a captured password hash?
- A.
  
  Character
- B.
  
  Brute Force
- C.
  
  Rainbow Tables
- D.
  
  Dictionary
10.

Where are password hashes stored on a Windows system?
- A.
  
  /etc/shadow
- B.
  
  SAM file
- C.
  
  PASSWORDS file
- D.
  
  C:\Windows\system32\shadow
11.

All of the following are considered clear text protocols EXCEPT:
- A.
  
  Telnet
- B.
  
  FTP
- C.
  
  SSH
- D.
  
  HTTP
12.

Which of the following open source tools would be the best choice to scan a network for potential targets?
- A.
  
  NMAP
- B.
  
  NIKTO
- C.
  
  CAIN ABEL
- D.
  
  John the Ripper
13.

Which of the following is the successor of SSL?
- A.
  
  TLS
- B.
  
  RSA
- C.
  
  GRE
- D.
  
  IPSec
14.

As a Certified Ethical Hacker, you were contracted by a private firm to conduct an external security assessment through penetration testing. What document describes the specifics of the testing, the associated violations, and essentially protects both the organization's interest and your liabilities as a tester?
- A.
  
  Terms of Engagement
- B.
  
  Project Scope
- C.
  
  Non-Disclosure Agreement
- D.
  
  Service Level Agreement
15.

The establishment of a TCP connection involves a negotiation called 3 way handshake. What type of message sends the client to the server in order to begin this negotiation?
- A.
  
  RST
- B.
  
  SYN
- C.
  
  SYN-ACK
- D.
  
  ACK
16.

A company recently hired your team of Ethical Hackers to test the security of their network systems. The company wants to have the attack be as realistic as possible. They did not provide any information besides the name of their company. What phase of security testing would your team jump in right away?
- A.
  
  Scanning
- B.
  
  Reconnaissance
- C.
  
  Escalation
- D.
  
  Enumeration
17.

Which method can provide a better return on IT security investment and provide a thorough and comprehensive assessment of organizational security covering policy, procedure design and implementation?
- A.
  
  Penetration testing
- B.
  
  Social engineering
- C.
  
  Vulnerability scanning
- D.
  
  Access control list reviews
18.

Which of the following tools will scan a network to perform vulnerability checks and compliance auditing?
- A.
  
  NMAP
- B.
  
  Nessus
- C.
  
  Metasploit
- D.
  
  Cain
19.

Identify the web application attack where the attackers exploit vulnerabilities in dynamically generated web pages to inject client-side script into web pages viewed by other users.
- A.
  
  SQL injection attack
- B.
  
  Cross-Site Scripting (XSS)
- C.
  
  LDAP Injection attack
- D.
  
  Cross-Site Request Forgery (CSRF)
20.

Which Nmap option would you use if you were not concerned about being detected and wanted to perform a very fast scan?
- A.
  
  -T0
- B.
  
  -T5
- C.
  
  -O
- D.
  
  -A
21.

Which is the first step followed by Vulnerability Scanners for scanning a network?
- A.
  
  TCP/UDP Port scanning
- B.
  
  Firewall detection
- C.
  
  OS Detection
- D.
  
  Checking if the remote host is alive
22.

The "gray box testing" methodology enforces what kind of restriction?
- A.
  
  The internal operation of a system is only partly accessible to the tester.
- B.
  
  The internal operation of a system is completely known to the tester.
- C.
  
  Only the external operation of a system is accessible to the tester.
- D.
  
  Only the internal operation of a system is known to the tester.
23.

Seth is starting a penetration test from inside the network. He hasn't been given any information about the network. What type of test is he conducting?
- A.
  
  Internal Whitebox
- B.
  
  External, Whitebox
- C.
  
  Internal, Blackbox
- D.
  
  External, Blackbox
24.

Which of the following is a low-tech way of gaining unauthorized access to systems?
- A.
  
  Social Engineering
- B.
  
  Sniffing
- C.
  
  Eavesdropping
- D.
  
  Scanning
25.

In order to have an anonymous Internet surf, which of the following is best choice?
- A.
  
  Use SSL sites when entering personal information
- B.
  
  Use Tor network with multi-node
- C.
  
  Use shared WiFi
- D.
  
  Use public VPN

Related Topics

More Hacking Quizzes

How Much You Really Know About Hacking? Trivia Quiz

How much you know about hacking? There are different ways that people can get access to other people’s personal information through the internet, and if caught, the offenders may spend years in jail. This is a short...

Questions: 10 | Attempts: 1998 | Last updated: Mar 21, 2022

Sample Question
What is a security exploit?

A prepared application that takes advantage of a known weakness

A way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication

A module studied by most Computer Science students

A mobile internet solution

Ethical Hacking MCQ Quiz! Trivia Test

Does ethical hacking exist? Ethical hacking is performed by a business or person to help identify potential threats on a computer or network. An ethical hacker can get past any security in place to see any malicious hacking...

Questions: 30 | Attempts: 967 | Last updated: Mar 21, 2022

Sample Question
What is the command to launch METASPLOIT ?

Msconsole

Msfconsole

Msadmin

Msfadmin

What Do You Know About Cybercrime? Trivia Quiz

Questions: 15 | Attempts: 548 | Last updated: Mar 21, 2022

Sample Question
What app was introduced to you in class in order to keep your passwords safe?

Norton Identity security

Norton Identity safe

Norton Internet safe

Norton Identification security

More Hacking Quizzes

Featured Quizzes

Which Anime Character Are You Most Like? Quiz Which Anime Character Are You Most Like? Quiz

What Type Of Girl Are You? Quiz What Type Of Girl Are You? Quiz

What Is The Name Of Your Soulmate? Quiz What Is The Name Of Your Soulmate? Quiz

Maladaptive Daydreaming Test: Am I A Maladaptive Daydreamer? Maladaptive Daydreaming Test: Am I A Maladaptive Daydreamer?

Can You Pass This Cat Knowledge Trivia Quiz? Can You Pass This Cat Knowledge Trivia Quiz?

Pottermore Sorting Hat Quiz Pottermore Sorting Hat Quiz

Back to top