Ethical Hacking MCQs
Ethical Hacking MCQs
These Ethical Hacking multiple-choice questions and their answers will help you strengthen your grip on the subject of Ethical Hacking. You can prepare for an upcoming exam or job interview with these 90+ Ethical Hacking MCQs.
So scroll down and start answering.
1: Which of the given types of viruses has the following characteristics?
A. It infects the target application and alters it.
B. it alters the infected program into a subroutine. which runs after the virus has itself run.
C. Multipartite virus
D. Logic bomb
E. Cryptovirus
F. Shell virus
Which of the following statements is/are correct about stealth scan or half-Open scan?
i) With stealth scan, the chances of triggering the detection mechanism are high.
ii) Stealth scan is less reliable as compared to full-Open scan.
A.
Only statement i) is correct.
B.
Only statement ii) is correct. Â
C.
Both statements i) and ii) are correct.
D.
Neither statement i) nor ii) is correct.
Which of the following is the syntax of ping sweep using Nmap for ICMP scanning?
A.
nmap —sP -PE
B.
nmap —sP —PE —PA
C.
nmap —sP —PE
D.
nmap —sP —PA
4: In relation to ethical hacking. which of the following options refers to a method. which is used for determining the type of operating system running on a remote computer?
A. Reconnaissance
B. Sniff‌ing
C. Fingerprinting
D. None of the above.
5: In relation to switched network sniff‌ing, which of the following options is represented by a switchport?
A. In relation to switched network sniff‌ing, which of the following options is represented by a switchport?
B. Broadcast domain
C. Windows domain
D. Secure domain
6: attack sends a combination of malformed IP packets to the victim system and causes the system to crash. The malformed packets consist of invalid/unexpected fragmentation. TCP segments, protocol, header values, packet size. offsets. routing flags. etc.
A. SYN
B. Teardrop
C. Targa3
D. UDP
7: Which of the following commands can be used for creating a firewall rule in iptable, which will result the blocking of ICMP ECHO requests from the outside sources and will disable ping sweeps on a network?
A. $iptables -A OUTPUT -p icmp --icmp-type echo-request -j DROP
B. $iptables OUTPUT -p icmp —icmp-type —e echo-request -i DROP
C. $iptables OUTPUT-A -p icmp «icmp-type echo-request -e DROP
D. $iptables —O -A OUTPUT -p icmp «icmp-type echo-request ~j DROP
8: Which of the following keyboard shortcuts stops working during a Trojan infection?
A. Shift+ Tab
B. Ctrl + Tab
C. Alt + Tab
D. Ctrl + Alt + Del
9: In relation to f‌ingerprinting, which of the following is the correct syntax ofthe nmap command, which is used for checking whether or not port 443 is Open? (Assume the domain name as abcExample.com.)
A. $nmap -sT 443 —p abcExample.com
B. $nmap —O -sT -p 443 abcExample.com
C. $nmap -O -p 443 abcExample.com
D. $nmap -sT -p 443 abcExample.com
Which of the following commands is used for performing a Xmas tree scan with Nmap?
A.
NMAP —sX —v
B.
NMAP -xS —p
C.
NMAP —sX
D.
NMAP —X
11: In relation to the Metasploit framework, which of the following commands is used for loading a particular auxiliary/exploit module?
A. Set
B. info
C. Use
D. Show
While using the Netcap tool, which of the following commands is used for performing port scanning?
A.
nc —v -p lPaddress
B.
nc -v —2 -W1 lPaddress
C.
nc —n -v -I -w1 IPaddress
D.
nc -n -z -I IPaddress -p
13: In relation to the nmap command in OS f‌ingerprinting, which of the following options can be used for performing both OS and service version detection?
A. -n
B. —T5
C. -o
D. -A
14: Which of the following frameworks is simpler and more eff‌icient for creating and manipulating PDF frameworks?
A. PDFTK
B. Origami framework
C. Neither option a nor b.
15: During which of the following attacks, a custom wordlist containing a list of all possible username and password combinations is used?
A. Traditional Brute Force
B. Dictionary Attacks
C. Hybrid Attacks
D. None of the above.
16: Which of the following is/are the possible way(s) to manipulate programs through which a technical user may exploit stack-based overflows?
A. We can overwrite a variable, which is local and near to the buffer in the main memory on the stack and can change the behavior of the program.
B. We can overwrite a function pointer.
C. We can overwrite the return address in the stack frame.
D. All of the above.
17: While using the BackTrack tool with Linux, which of the following commands can be used for displaying the contents of the password.txt file?
A. cat password.txt
B. list password.txt
C. display password.txt
D. Is password.txt
18: While using the Netcat tool, which of the following commands is used for setting up a listener?
A. no -a -i -m —p 80
B. nc -n -I 80 -p
C. nc -n -v -| -p 80
D. nc -n -l -v -ip 80
19: In relation to f‌ingerprinting, which of the following is the correct syntax of the command, which is used for identifying the operating system that is serving a website and all the opened ports associated with the domain name? (Assume the domain name as abcExample.com.)
A. $nmap -0 -d abcExample.com
B. $nmap -0 -v abcExample.com
C. $nmap -W -v abcExample.com
D. $nmap -W -d abcExample.com
Using Nmap, which Of the following is the correct syntax for performing a ping to a remote Windows or Linux Operating system?
A.
NMAP —ping —sP
B.
NMAP target IP address>Â
C.
NMAP —sP —v
D.
NMAP ping —v
21: During which type of scan, an attacker sends frames to a victim, without setting any f‌lag?
A. FIN scan
B. NULL scan
C. ACK scan
D. Xmas tree scan
Which of the following options is a Linux/Unix sniff‌ing tool that is designed for graphically displaying a system's incoming and outgoing connections?
A. Dsniff
B. EtherApe
C. Windump
D. Wireshark
23: In relation to Buffer overflows, which of the following canaries does not exist?
A. Terminator
B. Random
C. Random XOR
D. Logical
Identify the type of denial-of—service (DOS) attack from the following statement
This attack queues up the packets that have bad source IP; uses memory and resources; and eventually hangs, reboots or crashes the system
A.
TeardropÂ
B.
SYN attack
C.
Smurf attack
D.
None of the above.
A.
Only options i) and ii).
B.
Only options ii) and iii).
C.
Only options i) and iii).
D.
All options i), ii) and iii).
26: During which ofthe following attacks, an attacker has the plaintext and ciphertext of one or more messages and this information is used for determining the key in use?
A. Ciphertext-only Attack
B. Chosen Ciphertext Attack
C. Known Plaintext Attack
D. None of the above.
27: Which of the following Linux commands is used for displaying the information of logged on users and their activities?
A. man
B. cd..
C. w
D. vi
28: Which of the following options is the correct netcat command that can be used to open up ports for the SET webserver?
A. nc 8080 —lvp
B. nc —lvp 80
C. nc —l 80
D. nc —p -le 8080
29: Which of the following options represents the process of exploiting holes in a poorly-configured software?
A. Shrink Wrap Code
B. Phishing
C. Phreaker
D. Rootkit
30: Which of the following wardriving tools is a network detector, sniffer, and intrusion detection system used on Linux?
A. AirSnare
B. AirSnort
C. Kismet
D. ToneLoc
31: What is the hexadecimal value of the NOP instruction that is applied to an Intel processor?
A. 0x80
B. 0x88
C. 0x90
D. 0x95
32: Which of the following protocols is used by the BOCK tool that is used for exploiting covert channels?
A. ICMP
B. IGMP
C. WTLS
D. 3DES
33: In relation to ethical hacking, which of the following statements is correct about botnet?
A. It is a hidden entry to a computing device that bypasses security measures.
B. It is the process of writing large amount of data to the memory, than the buffer memory is allocated to hold.
C. It is a group of computers that is controlled without the knowledge of their owners.
D. It is a type of denial-of—service attack.
34: While using the BackTrack tool with Linux. which of the following commands is used for changing the password of the Linux box?
A. pwd
B. passwd
C. cd
D. p
35: Proxies operate at which of the following layers of the Open System Interconnection model?
A. Data-link layer
B. Presentation layer
C. Application layer
D. Transport layer
36: Which of the following Wireshark CLl tools is a small program that is only used for capturing traff‌ic?
A. capinfos
B. tshark
C. editcap
D. dumpcap
37: Which of the following lPSec mechanisms is used for providing methods for the purpose of authenticating information as well as for encrypting the data?
A. Authentication Header
B. Cipher Text
C. Secure Hash Algorithm
D. Encapsulating Security Payload
38: Trinoo/TrinOO is a set of programs to conduct a distributed denial-of-service (DDOS) attack. It is written in which language?
A. Visual Basic
B. Perl
C. Java
D. c
39: Which of the following ports is used for HTTPS traff‌ic, which is secured by SSL?
A. 443
B. 8080
C. 23
D. 2513
40: While testing for weak authentication during fingerprinting MYSOL, which of the following commands is used for logging in to the MYSQL server and manipulating things after the credentials have been cracked?
A. root@root: mysql —h
B. roottf‌iiroot: mysql
C. root@root: -—h mysql —u root -—p
D. root@root; -u mysql —h
During fingerprinting, which Of the following elements are analyzed for determining the operating system?
i)Don‘t fragment bit
ii)Window size
iii)Time-to-live on the outbound packet
iv)Type of service
A.
Only Options i) and iii).Â
B.
Only Options ii) and iii).
C.
Only options i), iii) and iv).
D.
All Options i), ii), iii) and iv).
42: Which of the following options indicates a special Linux permission, which makes a file unchangeable?
A. |
B. s
C. u
D. i
43: Which of the following operating systems are vulnerable to distributed denial-of—service (DDOS) attacks?
A. Unix
B. Windows NT
C. Mac 0S
D. All of the above.
E. None of the above
44: For specifying a maximum transmission unit {MTU), which of the following is the correct nmap command that will generate a 32 byte packet?
A. nmap —mtu 32
B. nmap 32
C. nmap —mtu -g «32
D. nmap 32—mtu
45: Which of the following Linux commands is used for showing local or remote established connections?
A. locate
B. netstat
C. cat
D. nslookup
46: In order to prevent Trojan attacks, which ofthe following tools should be used for real-time tracking of port usage?
A. Netstat
B. TCPView
C. RECUB
D. None of the above
47: Which of the following Linux directories contains programs for use by the system and system administrator?
A. /proc
B. /sbin
C. /root
D. /lib
48: While using the Trojan detection tool, netstat, which of the following commands is used for detecting open ports?
A. netstat —an
B. netstat —st
C. netstat —sp
D. netstat —a
49: In the Linux operating system, which of the following commands can be used for retrieving DNS and host-related information?
A. ping
B. fping
C. nslookup
D. nmap
Which of the following are sniffing tools?
i) Wireshark
ii) Cain and Abel
iii) Dsniff
iv) Ettercap
v) Tcpdump
A.
Only options i). iii) and iv)
B.
Only options ii). iii). iv) and v)
C.
Only options i), ii) and v)
D.
All of the above
E.
None of the above
List of Ethical Hacking MCQs M...
Available in:
Ethical Hacking MCQs
