quiz-ethical hacking
Question Description
Question 1 (1 point)
In the URL encoding scheme, the URL is converted into a valid ASCII format, so that data can be safely transported over HTTP. Which character is used in the URL encoding followed by the character’s two-digit ASCII code, which is expressed in hexadecimal?. Select one
Question 2 (1 point)
Vulnerability management life cycle is an important process that helps in finding and remediating security weaknesses before they are exploited.
identify the phase that involves the remediation.
Question 3 (1 point)
Silicon Pvt Ltd is a reputed company, which is having around 1000’s employees working in their company. One day, one of the employees approached the authorized person of the organization claiming that he/she forgot their ID badge and requested the person to allow through a secure door. Whereas the authorized person believed that the person forgot the ID badge and helped the person to go through the entrance by swiping with his/her ID badge. Later on that authorized person realized that the person is a non-employee of the organization and he/she is an intruder who intentionally entered into the company From the above scenario, which of the following comes under the Human-based Social Engineerin
Question 4 (1 point)
Run the following ‘nbtstat’ command, in order to get the content of NetBIOS name cache, the tables of NetBIOS names and their resolved IP addresse
Question 5 (1 point)
Which type of attack that search for the web server login passwords by using the alphabetical letters, symbols and number is called
Question 6 (1 point)
From the following TCP Communication Flags identity the flag which Initiates a connection between different hosts.
Question 7 (1 point)
Google supports several advanced operators that help in modifying the search. Which of the following Google advanced search operator displays the web pages stored in the Google cache
Question 8 (1 point)
Which of the following term is defined as the process of installing a modified set of kernel patches that allows running third-party applications not signed by the OS vendor?
Question 9 (1 point)
Jack, a skillful hacker targeted a major banking services firm located in Japan, using the LOIC (Low Orbit Ion Cannon) tool, Jack made the number of HTTP requests rise to a high level, which made the victim’s server with the number of requests and resulted in failure of server responding to the request and crashed. Which type of attack Jack performed in the above scenario?
Question 10 (1 point)
Which of the following statement is true for Service Request Floods A. An attacker or group of zombies attempts to exhaust server resources by setting up and tearing down TCP connections B. It attacks the servers with a high rate of connections from a valid source C. It initiates a request for a single connection
Question 11 (1 point)
Using which port the attacker can compromise the entire network, and receive a copy of every packet that passes through a switch
Question 12 (1 point)
In which type of Social engineering technique does an attacker secretly observers the target to gain critical information such as passwords, credit card information, etc.
Question 13 (1 point)
In Code Breaking Methodologies, which of the following method involves the use of social engineering techniques to extract cryptographic keys
Question 14 (1 point)
In the Command Injection attacks, the following type of attack is used to deface a website virtually. Select one
Question 15 (1 point)
Which type of rootkit is used to hide the information about the attacker by replacing original system calls with fake ones?
Question 16 (1 point)
Switch Port Stealing sniffing technique uses the following attack to sniff the packets
Question 17 (1 point)
Identify the following technique, in which the attacker use drones to detect open wireless networks
Question 18 (1 point)
In which of the following mobile platform vulnerabilities, unsolicited text/email messages sent to mobile devices from known/ unknown phone numbers/email IDs.
Question 19 (1 point)
Identify the ports that are allowed by the firewall in an organization
Question 20 (1 point)
Identify which of the following detection is used to detect the intrusion based on the fixed behavioral characteristics of the user and components in a computer system
Question 21 (1 point)
Sam receives an email with an attachment, he downloads the file and finds that it is infected with virus which overwrites a part of the host file with a constant content without increasing the length of the file and preserving its functionality. Which type of virus that the file was infected by?
Question 22 (1 point)
Which of the following attack allows Android users to attain privileged control access with in Android’s subsystem
Question 23 (1 point)
From the following identify the technique through which an attacker distributes malware on the web by sending a malware attached email and tricking the victim to click the attachment.
Question 24 (1 point)
From the following, identify the attack in which an attacker exploit default configuration and settings of off-the-self libraries and code.
Question 25 (1 point)
Identify the hacking phase in which an attacker tries to gather information about the target prior to launch an attack
Question 26 (1 point)
Identify the type of vulnerability assessment used to determine the vulnerabilities in a workstation or server by performing configuration level check through the command line.
Question 27 (1 point)
Attacker uses the ‘%00’ character prior to a string in order to bypass detection mechanism. Identify the type of evasion technique used by the attacker.
Question 28 (1 point)
In the SQL Injection Characters, which of the following character represents the global variable?
Question 29 (1 point)
Identify the type of cloud computing, which provides virtual machines and other abstracted hardware and operating systems which may be controlled through a service API
Question 30 (1 point)
Identify the type of virus that adds its code to the host code without relocating the host code to insert its own code at the beginning
Question 31 (1 point)
Identify the type of IDS alert that occurs when an IDS fails to react to an actual attack event
Question 32 (1 point)
Cloud Pent Testing is not allowed for one of the following Cloud Computing type, as it might impact on the infrastructure
Question 33 (1 point)
The testing that is also called black box testing, which require no knowledge of the inner design of the code is called
Question 34 (1 point)
Identify the command which is used to adjust RSSI range
Question 35 (1 point)
Which type of DNS record helps in mapping an IP address to a hostname?
Question 36 (1 point)
Which of the following sequence is used by the attacker, in the Directory Traversal Attacks to access restricted directories outside of the web server root directory. Select one
Question 37 (1 point)
Which of the following attack involves in stealing a cloud service provider’s domain name
Question 38 (1 point)
Identify the rootkit, which helps in hiding the directories, remote connections and logins.
Question 39 (1 point)
Which of the following executing application allows an attacker to modify the registry and to change local admin passwords?