Q.1 Hacking developed alongside __________?

A. Phone Phreaking
B. Phone Traking
C. Phone Networking
D. None of the above
ANSWER A
:

Q.2 Exploit the weaknesses in the target system.

A. Tools
B. Evidence
C. Attack
D. None of the above
ANSWER C
:

Q.3 Following are the types of hackers?

A. Black hat
B. White hat
C. Grey Hat
D. All of the above
ANSWER D
:

Q.4 Someone who maliciously breaks into systems for personal gain.
A. Hacker
B. Cracker
C. Unauthorized Person
D. None of the above
ANSWER A
:

Q.5 A hacker who gains access to systems with a view to fix the identified weaknesses?
A. Black hat hackers
B. White hat hackers
C. Grey Hat Hackers
D. Script kiddles
ANSWER B
:

Q.6 A hacker who gains access to computer systems for personal gain?
A. Black hat hackers
B. White hat hackers
C. Grey Hat Hackers
D. Script kiddles
ANSWER A
:
Q.7 Identifying weakness in computer systems or network to exploit its weaknesses to gain
access?
A. Hacking
B. Cracking
C. Tracking
D. None of the above
ANSWER A
:

Q.8 Malicious users are also called as?

A. External attackers
B. Internal attackers
C. Unauthorized user
D. None of the above
ANSWER B
:

Q.9 Cracker is also called as?

A. Black hat hackers
B. White hat hackers
C. Grey Hat Hackers
D. All of the above
ANSWER A
:

Q.10 A non skilled person who gains access to computer systems using already made tools.
A. Black hat hackers
B. White hat hackers
C. Grey Hat Hackers
D. Script kiddles
ANSWER D
:

Q.11 A hacker who use hacking to send social, religious, and political etc messages.
A. Black hat hackers
B. Hacktivist
C. Grey Hat Hackers
D. Script kiddles
ANSWER B
:

Q.12 A hacker who identifies and exploits weaknesses in telephones instead of computers.
A. Phreaker
B. Hacktivist
C. Grey Hat Hackers
D. Script kiddles
ANSWER A
:

Q.13 A hacker who is in between ethical and black hat hackers.

A. Black hat hackers
B. White hat hackers
C. Grey Hat Hackers
D. Script kiddles
ANSWER C
:

Q.14 __________ is one of the most valuable assets of an organization.

A. Information
B. Data
C. None of the above
D. All of the above
ANSWER D
:

Q.15 VPN stands for?

A. Virtual Private Network
B. Virtual Public Network
C. Virtual Protected Network
D. Virtual Portable Network
ANSWER A
:

Q.16 DOS stands for?

A. Denial of Source
B. Definiton of Service
C. Denial of Service
D. Denial of Security
ANSWER C
:

Q.17 HTTP stands for?

A. Hyper Tool Transfer Protocol
B. Higher Text Transfer Protocol
C. Hyper Text Transfer Path
D. Hyper Text Transfer Protocol
ANSWER D
:

Q.18 Malware includes?

A. Virus
B. Worms
C. Trojan horses
 D. All of the above
ANSWER D
:

Q.19 Nmap stands for?

A. Net mapper
B. Network mark
C. Network mapper
D. Network mapping
ANSWER C
:

Q.20 PGP stands for?

A. Pretty Good Privacy
B. Pretty Good Protection
C. Personal Good Privacy
D. Protect Good Privacy
ANSWER A
:
Q.21 IRC stands for?
A. Internet Replay Chat
B. Internal Relay Chat
C. Internet Relay Channel
D. Internet Relay Chat
ANSWER D
:

Q.22 CEH stands for?

A. Certified Ethical Hacker
B. Certified Ethics Hacker
C. Central Ethical Hacker
D. Certified External Hacker
ANSWER A
:

Q.23 Following are the tools of Ethical Hacking?

A. Netsparker
B. Acunetix
C. saferVPN
D. All of the above
ANSWER D
:

Q.24 It is a robust ethical hacking tool which can help users to recover lost passwords.
A. Netsparker
B. Acunetix
C. saferVPN
 D. Hashcat
ANSWER D
:

Q.25 It is one of the best online brute-force ,speedy, parallel password crackers ethical hacking
tool.
A. Medusa
B. Acunetix
C. saferVPN
D. Hashcat
ANSWER A
:

Q.26 It is used to detect wireless networks on the Windows platform.

A. Medusa
B. NetStumbler
C. saferVPN
D. Hashcat
ANSWER B
:

Q.27 Nessus can be used to perform?

A. Remote vulnerability scanner
B. Password dictionary attacks
C. Denial of service attacks
D. All of the above
ANSWER D
:

Q.28 ACP stands for?

A. Action Client Privilege
B. Attach Client Privilege
C. Analyzed Client Privilege
D. Attorney Client Privilege
ANSWER D
:

Q.29 Ethical hacking is also known as ___?

A. Black hat hackers
B. White hat hackers
C. Grey Hat Hackers
D. Script kiddles
ANSWER B
:

Q.30 Vulnerability scanning in Ethical hacking finds_________?

A. Information
 B. Weakness
C. Data
D. None of the above
ANSWER B
:

Q.31 What is the attack called evil twin?

A. Rogue access point
B. ARP poisoning
C. Session hijacking
D. MAC spoofing
ANSWER A
:

Q.32 What is the primary goal of Ethical Hacking?

A. Avoiding detection
B. Testing security controls
C. Resolving security vulnerabilities
D. Determining return on investment for security
ANSWER C
:

Q.33 Exceeding the scope of a warrant is not likely to affect the admissibility of the evidence
collected.
A. True
B. False
ANSWER B
:

Q.34 What is the first phase of hacking?

A. Maintaining access
B. Gaining access
C. Reconnaissance
D. Scanning
ANSWER D
:

Q.35 What port number does HTTPS use?

A. 53
B. 443
C. 80
D. 21
ANSWER B
:

Q.36 Hacking foe a cause is called?

A. Hacktivism
 B. Black-hat hacking
C. Active hacking
D. Activism
ANSWER A
:

Q.37 When a hacker attempts to attack a host via the internet it is known as what type of
attack?
A. Local access
B. Remote attack
C. Internal attack
D. Physical access
ANSWER B
:

Q.38 Banner grabbing is an example of what?

A. Footprinting
B. Active operating system fingerprinting
C. Passive operating system fingerprinting
D. Application analysis
ANSWER C
:

Q.39 What does the TCP RST command do?

A. Restores the connection to a previous state
B. Finishes a TCP connections
C. Resets the TCP connection
D. Starts a TCP connection
ANSWER C
:

Q.40 A packet with all flags set is which type of scan?

A. Full Open
B. XMAS
C. TCP connect
D. Syn scan
ANSWER B
:

Q.41 What would an attacker want to perform a scan on port 137?

A. To check for file and print sharing on Windows systems
B. To discover proxy servers on a network
C. To discover a target system with the NetBIOS null session vulnerability
D. To locate the FTP service on the target host
ANSWER C
:
Q.42 Which tool can be used to perform a DNS zone transfer on Windows?
A. DNSlookup
B. nslookup
C. whois
D. ipconfig
ANSWER B
:

Q.43 What is reason to implement a security policy?

A. It makes security harder to enforce.
B. It removes the employee’s responsibility to make judgments.
C. It increases security.
D. It decreases security.
ANSWER B
:

Q.44 What does the term “Ethical Hacking” mean?

A. Someone who is using his/her skills for defensive purposes.
B. Someone who is hacking for ethical reasons.
C. Someone who is using his/her skills for ethical reasons.
D. Someone who is using his/her skills for offensive purposes.
ANSWER A
:

Q.45 What are the two basic types of attack?

A. Active
B. Passive
C. DoS
D. both 1 & 2
ANSWER D
:

Q.46 What is difference between “Ethical Hacker” and a “Cracker”?

A. The ethical hacker has authorization from the owner of the target.
B. The ethical hacker is just a cracker who is getting paid.
C. The ethical hacker does not use the same techniques or skills as a cracker.
D. The ethical hacker does it strictly for financial motives unlike a cracker.
ANSWER A
:

Q.47 What is the maximum length of an SSID?

A. Thirty-two characters
B. Sixteen characters
C. Sixty-four characters
D. Eight characters
ANSWER A
:
Q.48 Which of the following statements best describes a white-hat hacker?
A. Security professional
B. Former black hat
C. Former grey hat
D. Malicious hacker
ANSWER A
:

Q.49 A security audit performed on the internal network of an organization by the network
administration is also known as ___________.
A. Grey-box testing
B. Black-box testing
C. White-box testing
D. Active testing
ANSWER C
:

Q.50 What type of ethical hack tests access to the physical infrastructure?
A. Internal network
B. Remote network
C. External network
D. Physical access
ANSWER D
:

Q.51 The security, functionality, and ease of use triangle illustrates which concept?
A. As security increases, functionality and ease of use increase.
B. As security decreases, functionality and ease of use increase.
C. As security decreases, functionality and ease of use decrease.
D. Security does not affect functionality and ease of use.
ANSWER B
:

Q.52 Which type of hacker represents the highest risk to your network?
A. Disgruntled employees
B. Black-hat hackers
C. Grey-hat hacker
D. Script kiddies
ANSWER A
:

Q.53 What are the phases of a security evaluation plan?

A. Conduct Security Evaluation
B. Preparation
C. Conclusion
D. All of the above
ANSWER D
:

Q.54 Which federal law is most commonly used to prosecute hackers?

A. Title 12
B. Title 18
C. Title 20
D. Title 2
ANSWER B
:

Q.55 When a hacker attempts to attack a host via the Internet it is known as what type of
attack?
A. Remote attack
B. Physical access
C. Local access
D. Internal attack
ANSWER A
:

Q.56 Which are the four regional Internet registries?

A. APNIC, PICNIC, NANIC, RIPE NCC
B. APNIC, MOSTNIC, ARIN, RIPE NCC
C. APNIC, PICNIC, NANIC, ARIN
D. APNIC, LACNIC, ARIN, RIPE NCC
ANSWER D
:

Q.57 Which of the following is a tool for performing footprinting undetected?

A. Whois search
B. Traceroute
C. Ping sweep
D. Host scanning
ANSWER A
:

Q.58 Which of the following tools are used for footprinting?

A. Whois
B. Sam Spade
C. Nslookup
D. All of the above
ANSWER D
:

Q.59 What is the next step to be performed after footprinting?

A. Scanning
B. Enumeration
 C. System hacking
D. Active information gathering
ANSWER A
:

Q.60 Which are good sources of information about a company or its employees?
A. Newsgroups
B. Job postings
C. Company website
D. All of the above
ANSWER D
:

Q.61 How does traceroute work?

A. It uses an ICMP destination-unreachable message to elicit the name of a router.
B. It sends a specially crafted IP packet to a router to locate the number of hops from the
sender to the destination network.
C. It uses a protocol that will be rejected by the gateway to determine the location.
D. It uses the TTL value in an ICMP message to determine the number of hops from the
sender to the router.
ANSWER D.
:

Q.62 What is footprinting?

A. Measuring the shoe size of an ethical hacker
B. Accumulation of data by gathering information on a target
C. Scanning a target network to detect operating system types
D. Mapping the physical layout of a target’s network
ANSWER B
:

Q.63 Nslookup can be used to gather information regarding which of the following?
A. Host names and IP addresses
B. Whois information
C. DNS server locations
D. Name server types and operating systems
ANSWER A
:

Q.64 Which of the following is a type of social engineering?

A. Shoulder surfing
B. User identification
C. System monitoring
D. Face-to-face communication
ANSWER A
:
Q.65 Which is an example of social engineering?
A. A user who holds open the front door of an office for a potential hacker
B. Calling a help desk and convincing them to reset a password for a user account
C. Installing a hardware keylogger on a victim’s system to capture passwords
D. Accessing a database with a cracked password
ANSWER B
:

Q.66 What is the best way to prevent a social-engineering attack?

A. Installing a firewall to prevent port scans
B. Configuring an IDS to detect intrusion attempts
C. Increasing the number of help-desk personnel
D. Employee training and education
ANSWER D
:

Q.67 Which of the following is the best example of reverse social engineering?
A. A hacker pretends to be a person of authority in order to get a user to give them
information.
B. A help-desk employee pretends to be a person of authority.
C. A hacker tries to get a user to change their password.
D. A user changes their password.
ANSWER A
:

Q.68 Using pop-up windows to get a user to give out information is which type of social
engineering attack?
A. Human-based
B. Computer-based
C. Nontechnical
D. Coercive
ANSWER B
:

Q.69 What is it called when a hacker pretends to be a valid user on the system?
A. Impersonation
B. Third-person authorization
C. Help desk
D. Valid user
ANSWER A
:

Q.70 What is the best reason to implement a security policy?

A. It increases security.
B. It makes security harder to enforce.
 C. It removes the employee’s responsibility to make judgments.
D. It decreases security.
ANSWER C
:

Q.71 Faking a website for the purpose of getting a user’s password and username is which type
of social engineering attack?
A. Human-based
B. Computer-based
C. Web-based
D. User-based
ANSWER B
:

Q.72 Dumpster diving can be considered which type of social engineering attack?
A. Human-based
B. Computer-based
C. Physical access
D. Paper-based
ANSWER A
:

Q.73 What port number does FTP use?

A. 24
B. 25
C. 23
D. 21
ANSWER D
:

Q.74 What is war dialing used for?

A. Testing firewall security
B. Testing remote access system security
C. Configuring a proxy filtering gateway
D. Configuring a firewall
ANSWER B
:

Q.75 What are the three types of scanning?

A. Port, network, and vulnerability.
B. Port, network, and services
C. Grey, black, and white hat
D. Server, client, and network
ANSWER A
:

Q.76 What is the preferred communications method used with systems on a bot-net?
 A. ICMP
B. E-mail
C. IRC
D. TFTP
ANSWER C
:

Q.77 What are the forms of password cracking techniques?

A. AttackBrute Forcing
B. AttacksHybrid
C. AttackSyllable
D. All of the above
ANSWER D
:

Q.78 What is the ethics behind training how to hack a system?

A. To think like hackers and know how to defend such attacks
B. To hack a system without the permission
C. To hack a network that is vulnerable
D. To corrupt software or service using malware
ANSWER A
:

Q.79 Performing a shoulder surfing in order to check other’s password is ____________ ethical
practice.
A. a good
B. not so good
C. very good social engineering practice
D. a bad
ANSWER D
:

Q.80 ___________ has now evolved to be one of the most popular automated tools for
unethical hacking.
A. Automated apps
B. Database software
C. Malware
D. Worms
ANSWER C
:

Q.81 Leaking your company data to the outside network without prior permission of senior
authority is a crime.
A. True
B. False
ANSWER A
:
Q.82 _____________ is the technique used in business organizations and firms to protect IT
assets.
A. Ethical hacking
B. Unethical hacking
C. Fixing bugs
D. Internal data-breach
ANSWER A
:

Q.83 The legal risks of ethical hacking include lawsuits due to __________ of personal data.
A. stealing
B. disclosure
C. deleting
D. hacking
ANSWER B
:

Q.84 An ethical hacker must ensure that proprietary information of the firm does not get
leaked.
A. True
B. False
ANSWER A
:

Q.85 After performing ____________ the ethical hacker should never disclose client
information to other parties.
A. hacking
B. cracking
C. penetration testing
D. exploiting
ANSWER C
:

Q.86 __________ is the branch of cyber security that deals with morality and provides different
theories and a principle regarding the view-points about what is right and wrong.
A. Social ethics
B. Ethics in cyber-security
C. Corporate ethics
D. Ethics in black hat hacking
ANSWER D
:

Q.87 ________ helps to classify arguments and situations, better understand a cyber-crime and
helps to determine appropriate actions.
A. Cyber-ethics
B. Social ethics
 C. Cyber-bullying
D. Corporate behavior
ANSWER A
:

Q.88 A penetration tester must identify and keep in mind the ___________ & ___________
requirements of a firm while evaluating the security postures.
A. privacy and security
B. rules and regulations
C. hacking techniques
D. ethics to talk to seniors
ANSWER A
:

Q.89 In which year the term hacking was coined?

A. 1965-67
B. 1955-60
C. 1970-80
D. 1980-82
ANSWER B
:

Q.90 From where the term ‘hacker’ first came to existence?

A. Bell’s Lab
B. Stanford University
C. California
D. MIT
ANSWER D
:

Q.91 What is the one thing that old hackers were fond of or find interests in?
A. Breaking Other’s system
B. Voracious thirst for knowledge
C. Cracking Phone calls
D. Learning new language
ANSWER B
:

Q.92 In which year the first popular hacker conference took place?
A. 1994
B. 1995
C. 1993
D. 1992
ANSWER C
:

Q.93 What is the name of the first hacker’s conference?

 A. DEFCON
B. OSCON
C. DEVCON
D. SECCON
ANSWER A
:

Q.94 _______ is the oldest phone hacking techniques used by hackers to make free calls
A. Phishing
B. Spamming
C. Phreaking
D. Cracking
ANSWER C
:

Q.95 In which year, hacking became a practical crime and a matter of concern in the field of
technology?
A. 1971
B. 1973
C. 1970
D. 1974
ANSWER C
:

Q.96 Who was the first individual who performed a major hacking in the year 1971?
A. Steve Wozniak
B. Steve Jobs
C. Kevin Mitnick
D. John Draper
ANSWER D
:

Q.97 Who coined the term “cyberspace”?

A. William Gibson
B. Scott Fahlman
C. Andrew Tannenbaum
D. Richard Stallman
ANSWER A
:

Q.98 _____ is a powerful encryption tool released by Philip Zimmerman in the year 1991.
A. PGP (Protected Good Privacy)
B. AES (Advanced Encryption Standard)
C. PGP (Pretty Good Privacy)
D. DES (Data Encryption Standard)
ANSWER C
:
Q.99 Name the hacker who breaks the ARPANET systems?
A. Jon von Neumann
B. Kevin Poulsen
C. Kevin Mitnick
D. John Draper
ANSWER B
:

Q.100 In which year computer scientists try to integrate encryption techniques in TCP/IP
protocol?
A. 1978
B. 1980
C. 1982
D. 1984
ANSWER A
: