NAME : SABA AYUB SHAIKH

ROLL NO. : 17823

SUBJECT : ETI

ASSIGNMENT NO 3
 CHAPTER 5

Q1. Ethical Hacking is also known as _____

A. Black Hat Hacking.

B. White Hat Hacking.

C. Encryption.

D. None of these.

Q2. Which tool is used to crack the password?

A. Nmap

B. LC4

C. ToneLOC

D. Nessus

Q3. ______ is the art of exploiting the human elements to gain access to the authorized user.

A. Social Engineering.

B. IT Engineering.

C. Ethical Hacking.

D. None of the above.

Q4. Vulnerability scanning in Ethical hacking finds_____.

A. Strengths.

B. Weakness.
C. A & B

D. None of these.

Q5. Who described a dissertation on fundamentals of hacker’s attitude?

A. G. Palma.

B. Raymond.

C. Either.

D. Jhon Browman.

Q6. Security audits are usually based on___

A. Entries.

B. Checklists.

C. Both A & B

D. None of the above

Q7. .______ comprise of large portion of hacker attacks simply because every computer has
one and so well know exploits can be used against them

A. Nontechnical attacks

B. Network infrastructure attack

C. Operating system attack

D. Application and other specialized attack

Q8. The legal risks of ethical hacking include lawsuits due to __________ of personal data.

A. stealing

B. disclosure
C. deleting

D. hacking

Q9. Leaking your company data to the outside network without prior permission of senior
authority is a crime.

A. True

B. False

Q10. Which magazines releases the latest hacking methods?

A. 2600

B. Hackin9

C. PHRACK

D. All the above

Q11. Which hacker try to distribute political or social message through their work?

A. Black hat hacker

B. Hactivist

C. Script kiddes

D. White hat hacker

Q12. Which tool is used for depth analysis of a web application?

A. Whisker

B. Super scan

C. Nikto

D. Kismet
Q13. _____ should be done before ethical hacking process.

A. Data gathering.

B. Attacking

C. Planning

D. Research

Q14. Ethical hacking will allow to____ all the massive security breaches.

A. Remove.

B. Measure.

C. Reject.

D. None of these.

Q15. Hackers do hack for?

A. Fame.

B. Profit.

C. Revenge.

D. All the above.

Q16. A penetration tester must identify and keep in mind the ___________ & ___________
requirements of a firm while evaluating the security postures.

A. privacy and security

B. rules and regulations

C. hacking techniques

D. ethics to talk to seniors

Q17. Before performing any penetration test, through legal procedure, which key points listed
below is not mandatory?

A. Know the nature of the organization

B. Characteristics of work done in the firm

C. System and network

D. Type of broadband company used by the firm

Q18. Which permission is necessary before ethical hacking?

A. Written permission.

B. Decision maker permission

C. Privacy permission

D. Risk permission.

Q19. To catch a thief, think like _____

A. Police

B. Forensics

C. Thief

D. Hacker

Q20. Keeping information secured can protect an organization image and save and organization
lot of money

A. True

B. False
Q21. Ethical hacking consist of _______

A. Penetration testing.

B. Intrusion testing.

C. Red teaming.

D. All of the above.

Q22. Sequential step hackers use are: _ _ _ _.

A. Maintaining Access.

B. Reconnaissance

C. Scanning.

D. Gaining Access.

A. B, C, D, A

B. B, A, C, D

C. A, B, C, D

D. D, C, B, A

Q23. Computer Hackers have been in existence for more than a____.

A. Decade.

B. Year.

C. Century

D. Era.

Q24. .Connecting into network through a rogue modem attached to computer behind a firewall
is an example of ____-
A. Nontechnical attacks

B. Network infrastructure attack

C. Operating system attack

D. Application and other specialized attack

Q25. A grey hat hacker is the one who_______

A. Fix identifies weakness

B. Steal the data

C. Identifies the weakness and leave message to owner

D. None of the above

 CHAPTER 6

Q26. Network consist devices such as routers, firewalls, hosts that you must assess as a part of
______ process.

A. Prackers

B. Black hat hacking

C. Grey hat hacking process

D. Ethical hacking process.

Q27. What is the attack called “evil twin”?

A. rouge access point

B. ARP poisoning

C. session hijacking

D. MAC spoofing

Q28. SNMP stands for_____

A. Simple Network Messaging Protocol

B. Simple Network Mailing Protocol

C. Simple Network Management Protocol

D. Simple Network Master Protocol

Q29. An attacker can create an________attack by sending hundreds or thousands of e-mails a
with very large attachments.

A. Connection Attack

B. Auto responder Attack

C. Attachment Overloading Attack

D. All the above

Q30. Which tool is used for ping sweeps and port scanning?

A. Netcat

B. SamSpade

C. SuperScan

D. All the above

Q31. Key loggers are form of

A. Spyware

B. Shoulder surfing

C. Trojan

D. Social engineering

Q32. What is purpose of Denial of Service attacks?

A. Exploit weakness in TCP/IP attack.

B. To execute a trojan horse on a system.

C. To overload a system so it is no longer operational.

D. To shutdown services by turning them off.

Q33. The first phase of hacking an IT system is compromise of which foundation of security?

A. Availability

B. Confidentiality

C. Integrity

D. Authentication

Q34. Which of this Nmap do not check?

A. Services different hosts are offering

B. On what OS they are running.

C. What kind of firewall in use?

D. What type of antivirus in use?

Q35. What port does Telnet use?

A. 22

B. 80

C. 20

D. 23

Q36. Why would a hacker use a proxy server?

A. To create a stronger connection with the target.

B. To create a ghost server on the network.

C. To obtain a remote access connection

D. To hide malicious activity on the network

Q37. Which phase of hacking performs actual attack on a network or system?

A. Reconnaissance

B. Maintaining Access

C. Scanning

D. Gaining Access

Q38. Services running on a system are determined by _____________.

A. The system’s IP address

B. The Active Directory

C. The system’s network name

D. The port assigned

Q39. Sniffing is used to perform ______________ fingerprinting.

A. Passive stack

B. Active stack

C. Passive banner grabbing

D. Scanned

Q40. Wireshark is a ____________ tool.

A. network protocol analysis

B. network connection security

C. connection analysis

D. defending malicious packet-filtering

Q41. Phishing is a form of ____________________.

A. Spamming

B. Identify Theft

C. Impersonation

D. Scanning

Q42. ARP spoofing is often referred to as_____

A. Man-in-the-Middle attack

B. Denial-of-Service attack

C. Sniffing

D. Spoofing

Q43. What are the forms of password cracking technique?

A. Attack syllable

B. Attack brute forcing

C. Attacks hybrid

D. All the above

Q44. Which type of hacker represents the highest risk to your network?

A. black-hat hackers

B. grey-hat hackers

C. script kiddies

D. disgruntled employees
Q45. _________ is not a function of network analyzer tool.

A. Captures all network traffic

B. Interprets or decodes what is found into a human-readable format.

C. Displays it all in chronological order.

D. Banner grabbing

Q46. We can eliminate many well-known network vulnerabilities by simply patch-ing your
network hosts with their latest ______and______.

A. Hackers and Prackers

B. Vendor software and firmware patches

C. Software amd Hardware

D. None of above

Q47. _____ generally refers to unauthorized intrusion into a computer or a network.

A. Hacking

B. Evidence

C. Tracing

D. None of above

Q48. IDS stands for ____

A. Intrusion detection system

B. Information documentation service

C. Intrusion documentation system

D. None of above
Q49. Who invent worm attack___

A. Brightn Godfrey

B. Alan yeung

C. Robert Morris

D. None of above

Q50. ____ include phishing, SQL injection, hacking, social engineering, spamming, denial of
service attacks, Trojans, virus and worm attacks.

A. Operating system vulnerabilities

B. Web vulnerabilities

C. Wireless network vulnerabilities

D. Network infrastructure vulnerabilities