ANJUMAN-I-ISLAM'S ABDUL RAZZAK KALSEKAR POLYTECHNIC, NEW PANVEL

ACADEMIC YEAR : 2024-25

Summer - 25 ‘I Scheme’

ETI QUESTION BANK PTT2

CHAPTER 4,5,6

CHAPTER 4 (Digital Forensics and Digital Evidence)

1. The criminological principle which states that, when anyone, or anything, enters a crime scene he/she
takes something of the scene with him/her, and leaves something of himself/herself behind, is:
A. Locard’s Exchange Principle
B. Differential Association Theory
C. Beccaria’s Social Contract
D. None of the above

2. Digital evidences must follow the requirements of the

A. Ideal Evidence rule
B. Best Evidence rule
C. Exchange rule
D. All the mentioned

3. Which of the following is not a type of volatile evidence?

A. Routing tables
B. Main memory
C. Log files
D. Cached data

4. Email, hard drives are examples of

A. Illustrative evidence
B. Electronic evidence
C. Documented evidence
D. Explainable evidence

5. _______. is known as testimonial.

A. Oath affidavit
B. DNA samples
C. Fingerprint
D. Dried blood

6. Rule of evidence is also known as

A. Law of witness
B. Law of litigation
C. Law of evidence
D. All of the above
7. All forensic examinations should be performed on the original digital evidence.
A. True
B. False

8. In terms of digital evidence, a hard drive is an example of:

A. Open computer systems
B. Communication systems
C. Embedded computer systems
D. None of the above

9. In terms of digital evidence, a mobile telephone is an example of:

A. Open computer systems
B. Communication systems
C. Embedded computer systems
D. None of the above

10. Computers can be involved in which of the following types of crime?

A. Homicide and sexual assault
B. Computer intrusions and intellectual property theft
C. Civil disputes
D. All the above

11. The process of documenting the seizure of digital evidence and, in particular, when that Evidence
changes hands, is known as:
A. Chain of custody
B. Field notes
C. Interim report
D. None of the above

12. Digital forensics is all of them except:

A. Extraction of computer data.
B. Preservation of computer data.
C. Interpretation of computer data.
D. Manipulation of computer data

13. IDIP stands for

A. Integrated Digital Investigation Process.
B. Integrated Data Investigator Process.
C. Integrated Digital Investigator Process.
D. Independent Digital Investigator Process.

14.Who proposed Road Map for Digital Forensic Research (RMDFR)

A. G.Gunsh.
B. S.Ciardhuain
C. J.Korn.
D. G.Palmar
15. Investigator should satisfy the following points:
A. Contribute to society and human being.
B. Avoid harm to others.
C. Honest and trustworthy.
D. All of the above

16.When the Federal Bureau Investigation program was created?

A.1979
B.1984
C.1995
D.1989

17. When did the field of PC forensics began?

A.1960's
B.1970's
C.1980's
D.1990's

18. Who is often referred to as the Father of Computer Forensics?

A. Michael Anderson
B. Federal Bureau of Investigation
C. International Organization on Computer Evidence
D. INTERPOL

19. During which phase of the Abstract Digital Forensic Model is the integrity and security of evidence
maintained?
A.Identification
B. Preservation
C. Collection
D. Examination

20. Which model does the Extended Model of Cybercrime Investigation (EMCI) follow?
A. Agile model
B. Waterfall model
C. Spiral model
D. Scrum model

21. What is the primary goal of digital forensics?

A. To find vulnerabilities in a system​
B. To recover and analyze digital evidence​
C. To create new hacking techniques​
D. To permanently delete sensitive data

22. What is the first step in a forensic investigation process?

A. Collection​
B. Analysis​
C. Reporting​
D. Identification

23. Which file system is primarily used in Windows operating systems?

A. FAT32​
B. NTFS​
C. EXT4​
D. HFS+

24. Which of the following is NOT a common hashing algorithm used in forensics?
A. MD5​
B. SHA-1​
C. AES​
D. SHA-256

25. Which tool is commonly used for forensic imaging?

A. Wireshark​
B. Autopsy​
C. FTK Imager​
D. Nmap

26. What is steganography?

A. A method of cracking passwords​
B. A technique used to hide data within other files​
C. A malware removal tool​
D. A forensic imaging process

27. What is the term for secretly recording a user’s keystrokes?

A. Phishing​
B. Keylogging​
C. Spoofing​
D. Sniffing

28. What is the primary purpose of network forensics?

A. To track emails sent in an organization​
B. To identify threats and intrusions in a network​
C. To delete old network logs​
D. To monitor employee productivity

29. Which type of malware locks users out of their system and demands payment?
A. Spyware​
B. Ransomware​
C. Rootkit​
D. Keylogger

30. Which forensic tool is used to examine deleted or hidden files?

A. Metasploit​
B. EnCase​
C. Nmap​
D. Wireshark

CHAPTER 5 (Basics of Hacking)

1. Ethical Hacking is also known as _____

A. Black Hat Hacking.
B. White Hat Hacking.
C. Encryption.
D. None of these.

2. Sequential steps hackers use are: _ _ _ _.

A. Maintaining Access.
B. Reconnaissance
C. Scanning.
D. Gaining Access.
A. B, C, D, A
B. B, A, C, D
C. A, B, C, D
D. D, C, B, A

3. ______ is the art of exploiting the human elements to gain access to the authorised user.
A. Social Engineering.
B. IT Engineering.
C. Ethical Hacking.
D. None of the above

4. The term cracker refers to_____

A. Black hat hacker.
B. White hat hacker.
C. Grey hat hacker.
D. None of the above.

5. Who described a dissertation on fundamentals of hacker’s attitude?

A. G. Palma.
B. Raymond.
C. Either.
D. John Browman

6. Which tool is used to encrypt Email?

A. WebInspect
B. QualysGuard
C. PGP (pretty good privacy)
D. None of the above.

7. __________has now evolved to be one of the most popular automated tools for unethical hacking.
A. Automated apps
B. Database software
C. Malware
D. Worms

8. What is the ethics behind training how to hack a system?

A. To think like hackers and know how to defend such attacks
B. To hack a system without the permission
C. To hack a network that is vulnerable
D. To corrupt software or service using malware

9. _____________ is the technique used in business organisations and firms to protect IT assets.
A. Ethical hacking
B, Unethical hacking
C. Fixing bugs
D. Internal data-breach

10. Physical evidence is also called as.

A. Illustrative evidence
B. Explainable evidence
C. Substantial evidence
D. Real evidence

11. SATAN stands for_

A. Security Advanced Tool for Analysis Networks
B. Security Admin Tool for Analysis Networks
C. Security Administrator Tool for Analysis Networks
D. Security Administrator Tool for Analysing Network

12. IDS stands for

A. Intrusion detection system
B. Information documentation service
C. Intrusion documentation system
D. None of above

13.DOS stands for

A. Detection of system
B. Denial of Service
C. Detection of service
D. None of above

14. To catch a thief, think like _____

A. Police
B. Forensics
C. Thief
D. Hacker
15. Connecting into a network through a rogue modem attached to a computer behind a firewall is an
example of ____-
A. Non Technical attacks
B. Network infrastructure attack
C. Operating system attack
D. Application and other specialised attack

16. Which tool is used to crack the password?

A. Nmap
B. LC4
C. ToneLOC
D. Nessus

17. When a hacker attempts to attack a host via the Internet it is known as what type of attack?
A. Local access
B. Remote attack
C. Internal attack
D. Physical access

18. What port number does HTTPS use?

A. 53
B. 443
C. 80
D. 21

19. Banner grabbing is an example of what?

A. Footprinting
B. Active operating system fingerprinting
C. Passive operating system fingerprinting
D. Application analysis

20. Which federal law is most commonly used to prosecute hackers?

A. Title 12
B. Title 18
C. Title 20
D. Title 2

21. What is the primary goal of ethical hacking?

A. To steal sensitive data​
B. To find and fix security vulnerabilities​
C. To disrupt business operations​
D. To gain unauthorized access to systems

22. Which of the following is NOT a phase of hacking?

A. Reconnaissance​
B. Gaining Access​
C. Covering Tracks​
D. System Shutdown

23. Which protocol is commonly used to encrypt web traffic?

A. HTTP​
B. FTP​
C. SSH​
D. HTTPS

24. What is the purpose of an Intrusion Detection System (IDS)?

A. To block malicious traffic​
B. To detect and alert security teams of suspicious activity​
C. To encrypt user data​
D. To optimize network speed

25. What is the main purpose of a rootkit?

A. To clean infected systems​
B. To gain persistent unauthorized access to a system​
C. To enhance firewall security​
D. To protect files from hacking attempts

CHAPTER 5 (Types of Hacking)

1. SNMP stands for_____

A. Simple Network Messaging Protocol
B. Simple Network Mailing Protocol
C. Simple Network Management Protocol
D. Simple Network Master Protocol

2. Which of the following tool is used for Network Testing and port Scanning______
A. NetCat
B. SuperScan
C. NetScan
D. All of above

3. Banner grabbing is used for

A. White Hat Hacking
B. Black Hat Hacking
C. Grey Hat Hacking
D. Script Kiddies

4. An attacker can create an________attack by sending hundreds or thousands of e-mails a with very large
attachments.
A. Connection Attack
B. Auto responder Attack
C. Attachment Overloading Attack
D. All the above
5. Which of the following tool is used for security checks as port scanning and firewall testing?
A. Netcat
B. Nmap
C. Data communication
D. Netscan

6. What is the most important activity in system cracking?

A. Information gathering
B. Cracking password
C. Escalating privileges
D. Covering tracks

7. Keyloggers are form of

A. Spyware
B. Shoulder surfing
C. Trojan
D. Social engineering

8. What is the name of the first hacker’s conference?

A. DEFCON
B. OSCON
C. DEVCON
D. SECCON

9. In which year the term hacking was coined?

A. 1965-67
B. 1955-60
C. 1970-80
D. 1980-82

10. From where the term ‘hacker’ first came to existence?

A. MIT
B. Stanford University
C. California
D. Bell’s Lab

11. Performing hacking activities with the intent on gaining visibility for an unfair situation is called
________.
A. Cracking
B. Analysis
C. Hacktivism
D. Exploitation

12. Which type of hackers are invited by the software vendors to find the security flaws in their system?
A. White hat hackers
B. Black hat hackers
C. Grey hat hackers
D. Blue hat hackers

13. Select the most appropriate option for the below two statements.
I. A Dos attack can take down your internet connection
II. A Dos attack can take down your entire system
A. Both I and II are true
B. I is true II is false
C. I is false II is True
D. Both I and II are false

14. Letter bomb is also known as

A. Official bomb
B. Hacking bomb
C. Mail bomb
D. E-mail bomb

15. Which attack allows the attacker to execute the scripts on the victim’s browser?
A. SSL attack
B. Cookie attack
C. Banner grabbing
D. XSS attack

16. The first phase of hacking an IT system is compromise of which foundation of security?
A. Availability
B. Confidentiality
C. Integrity
D. Authentication

17. What port does Telnet use?

A. 22
B. 80
C. 20
D. 23

18. Wireshark is a tool.

A. network protocol analysis
B. network connection security
C. connection analysis
D. defending malicious packet-filtering

19. _________is used for searching multiple hosts in order to target just one specific open port.
A. Ping Sweep ‘
B. Port scan
C. Ipconfig
D. Spamming
20. ARP spoofing is often referred to as
A. Man-in-the-Middle attack
B. Denial-of-Service attack
C. Sniffing
D. Spoofing

21. What type of hacker uses hacking for political or social reasons?
A. Script Kiddie​
B. Cyber Terrorist​
C. Hacktivist​
D. Grey Hat Hacker

22. What does an attacker do in a "clickjacking" attack?

A. Redirects users to a phishing website​
B. Overwhelms a system with traffic​
C. Tricks users into clicking on hidden elements​
D. Steals session cookies

23. Which tool is used for penetration testing and ethical hacking?
A. Metasploit​
B. Photoshop​
C. Microsoft Word​
D. AutoCAD

24. What does an attacker do in a "DNS Spoofing" attack?

A. Modifies DNS records to redirect traffic​
B. Steals credentials through phishing​
C. Overloads a website with traffic​
D. Monitors network traffic

25. What does a Trojan horse malware do?

A. Self-replicates across systems​
B. Encrypts data for ransom​
C. Disguises itself as legitimate software to perform malicious actions​
D. Overloads a network with traffic