5.

BASICS OF HACKING
15. ______is a person who finds and exploit’s the
1. Ethical Hacking is also known as ______. weakness in computer system.
(a) Black Hat Hacking (b) White Hat Hacking (a) Victim (b) Hacker
(c) Encryption (d) None of these (c) Developer (d) None of the above
2. Tool(s) used by ethical hacker______. 16. A white hat hacker is the one who ______.
(a) Scanner (b) Decoder (a) Fix identifies weakness
(c) Proxy (d) All of these (b) Steal the data
3. Vulnerability scanning in Ethical hacking finds (c) Identifies the weakness and leave message to
______. owner
(a) Strengths (b) Weakness (d) None of the above
(c) A and B (d) None of these 17. A black hat hacker is the one who______.
4. Ethical hacking will allow to ______ all the massive (a) Fix identifies weakness
security breaches.
(b) Steal the data
(a) Remove (b) Measure
(c) Identifies the weakness and leave message to
(c) Reject (d) None of these owner
5. Sequential steps hackers use is ______. (d) None of the above
(a) Maintaining Access (b) Recon naissance 18. A grey hat hacker is the one who ______.
(c) Scanning (d) Gaining Access (a) Fix identifies weakness
6. ______is the art of exploiting the human elements to (b) Steal the data
gain access to the authorized user.
(c) Identifies the weakness and leave message to
(a) Social Engineering (b) IT Engineering owner
(c) Ethical Hacking (d) None of the above (d) None of the above
7. ______hacker refers to ethical hacker? 19. Keeping in formation secured can protect an
(a) Black hat hacker. (b) White hat hacker. organization image and save and organization lot of
(c) Grey hat hacker. (d) None of the above. money.
8. The term cracker refers to______. (a) True (b) False
(a) Black hat hacker (b) White hat hacker 20. Information is a one of the most valuable assets of
(c) Grey hat hacker (d) None of the above organization.
9. Who described a dissertation on fundamental soft (a) True (b) False
hacker’s attitude? 21. To catch a thief, think like______.
(a) G. Palma (b) Raymond (a) Police (b) Forensics
(c) Either (d) John Browman (c) Thief (d) Hacker
10. Computer Hackers have been in existence for more 22. ______can create false feeling of safety.
than a ______. (a) Firewall (b) Encryption
(a) Decade (b) Year (c) VNPs (d) All of the above
(c) Century (d) Era 23. ______comprise of large portion of hacker attacks
11. Hackers do hack for ______. simply because every computer has one and so well
(a) Fame (b) Profit know exploits can be used against them.
(c) Revenge (d) All the above (a) Non-technical attacks
12. The intent of ethical hacker is to discover (b) Network infrastructure attack
vulnerabilities from a ______ point of view to better (c) Operating system attack
secure system. (d) Application and other specialized attack
(a) Victims (b) Attackers 24. Connecting into network through a rogue modem
(c) Both (a) and (b) (d) None of these attached to computer behind a fire wall is an
13. Security audits are usually based on______. example of ______.
(a) Entries (b) Checklists (a) Non-technical attacks
(c) Both (a) and (b) (d) None of the above (b) Network infrastructure attack
14. Ethical hacking consists of______. (c) Operating system attack
(a) Penetration testing (b) Intrusion testing (d) Application and other specialized attack
(c) Red teaming (d) All of the above

P.1
Physics Motion in One Dimension

25. ______ exploits that involves manipulating people (a) True (b) False
and user, even yourself, are the greatest 38. A penetration tester must identify and keeping mind
vulnerability with in any computer. the______ and______ requirements of a firm while
(a) Non-technical attacks evaluating the security postures.
(b) Network infrastructure attack (a) Privacy and security (b) Rules and regulations
(c) Operating system attack (c) Hacking techniques
(d) Application and other specialized attack (d) Ethics to talk to seniors
26. _____ should be done before ethical hacking 39. The legal risks of ethical hacking include lawsuits
process. due to ______ of personal data.
(a) Data gathering (b) Attacking (a) Stealing (b) Disclosure
(c) Planning (d) Research (c) Deleting (d) Hacking
27. ______ is necessary be for ethical hacking. 40. Before performing any penetration test, through
(a) Written permission legal procedure, which key points listed below is not
(b) Decision maker permission mandatory?
(c) Privacy permission (a) Know the nature of the organization
(d) Risk permission (b) Characteristics of work done in the firm
28. ______ tool is used to crack the password. (c) System and network
(a) Nmap (b) LC4 (d) Type of broadband company used by the firm
(c) Tone LOC (d) Nessus 41. Ethical hacking is the science of testing computers
and network for ______ and plugging the holes
29. ______ tool is used for depth analysis of a web
found before the unauthorized people get a chance
application.
to exploit them.
(a) Whisker (b) Superscan
(a) Security vulnerabilities
(c) Nikto (d) Kismet
(b) Checking authentication
30. ______ tool is used to encrypt E-mail.
(c) Checking authorization
(a) Web Inspect
(d) None of above
(b) QualyGuard
42. Exploit the weaknesses in the target system is
(c) PGP (Pretty Good Privacy) known as ______.
(d) None of the above (a) Security (b) Attack
31. Malicious attacker often thinks like ______. (c) Vulnerabilities (d) Holes
(a) Thieves (b) Kidnapper 43. Information gathered during the ______ tactics such
(c) Both (a) and (b) (d) None of the above as pet names, birth dates of the organization
32. ______ hacker tries to distribute political or social founders, etc. is used in attacks such as password
message through their work. guessing.
(a) Black hat (b) Hactivist (a) Social engineering (b) Computer
(c) Script kiddies (d) White hat engineering
33. ______are part of organized crime on internet. (c) Vulnerabilities (d) Both (a) and (b)
(a) Criminal (b) Anti nationalist 44. Most techniques employed by social engineers
(c) Hacker for hire (d) None of the above involve manipulating human biases. To counter such
techniques, an organization can ______.
34. ______ magazines releases the latest hacking
methods. (a) Counter the familiarity exploit
(a) 2600 (b) Hackin9 (b) Counter human curiosity
(c) PHRACK (d) All the above (c) Counter phishing techniques
35. Performing a shoulder surfing in order to check (d) All of the above
other’s password is ______ ethical practice. 45. Social engineering is the art of exploiting the
(a) A good (b) Not so good ______ elements to gain access to unauthorized
resources.
(c) Very good social engineering practice
(a) Social (b) Computer
(d) Abad
(c) Human (d) None of above
36. ______has now evolved to be one of the most
popular automated tools for unethical hacking. 46. Ethical hackers must abide by the ______ rule.
(a) Automated apps (b) Database software (a) Get written permission from the owner of the
computer system
(c) Malware (d) Worms
(b) Protect the privacy of the organization been
37. Leaking your company data to the outside network hacked
without prior permission of senior authority is a
crime.

2.5
Physics Motion in One Dimension

(c) Inform hardware and software vendors of the (d) All of above
identified weaknesses 57. Network-infrastructure attacks includes ______.
(d) All of the above (a) Connecting into a network through a rogue
47. Ethical hacking also known as ______. modem attached to a computer behind a firewall
(a) Penetration testing (b) Intrusion testing (b) Flooding a network with too many requests,
(c) Red teaming (d) All of the above creating a Denial of Service (DoS) for
48. An ethical hacker is a security professional who legitimate requests
applies their hacking skills for defensive purposes (c) Both a and b (d) None of above
on behalf of the ______ of information systems. 58. Example of attacks on operating systems is ______.
(a) Owners (b) Others (a) Exploiting specific protocol implementations
(c) Self (d) All of above (b) Attacking built-in authentication systems
49. To meet the challenge of validation, it is necessary (c) Breaking file-system security
to ensure that the original media matches the (d) All of above
forensic duplication by using______ hashes. 59. To crack passwords, one needs a cracking tool such
(a) MD5 (b) Encryption as
(c) Trans position (d) None of the above (a) LC 4 (b) John the Ripper
50. Evidence collection calculated by MD5 after ______ (c) PW dump (d) All of above
may not be helpful. 60. Gray hat hackers is combination of______.
(a) 8 months (b) 6 months (a) White hat and black hat
(c) 1 year (d) 2 year (b) White hat and blue hat
51. In an example, an Order of Volatility would be: (a) (c) Blue hat and black hat
Main memory, (b) Process table, (c) Registers and
(d) Ethical hacker and white hat
cache, (d) Secondary memory. The correct sequence
is ______. 61. For employers to require ethical hackers to have
certificate of ______,
(a) (c), (b), (a), (d) (b) (b), (c), (a), (d)
(a) Certified Ethical Hacker
(c) (c), (a), (b), (d) (d) (a), (b), (c), (d)
(b) No certificate
52. By conducting penetration tests, an ethical hacker
looks to answer ______. (c) Certificate of Computer Engineering
(a) What information/locations/systems can an (d) None of above
attacker gain access? 62. ______ automatically finds SQL Injection, XSS and
(b) What can an attacker see on the target? other vulnerabilities in your web applications and
web services.
(c) What can an attacker do with available
information? (a) Nets parker (b) Probely
(d) All of the above (c) Acunetix (d) Insight VM
53. ____ is a person who finds and exploits the 63. ______ is a top-ranked vulnerability risk
weakness in computer systems and/or networks to management solution focused on detecting,
gain access. prioritizing, and remediating vulnerabilities.
(a) Script kiddies (b) Hacker (a) Nets parker (b) Probely
(c) Ethical hacker (d) Normal users (c) Acunetix (d) Insight VM
54. Who does hijacking websites and leaving the 64. ______ is open-source and cross-platform ethical
message on the hijacked website? hacking tool.
(a) Script kiddies (b) Hacktivist (a) Nets parker (b) Probely
(c) Grey hat (d) Black hat (c) Acunetix (d) Insight VM
55. Who identifies and exploits the weaknesses in 65. ______ is an ethical tool that scans networks for
telephones instead of computer? vulnerabilities.
(a) Script kiddies (b) Hacktivist (a) Nets parker (b) Probely
(c) Grey hat (d) Phreaker (c) GFI LanGuard (d) Insight VM
56. Overall goal, as an ethical hacker, should be 66. ______is a robust password cracking ethical hacking
______. tool.
(a) Hack your systems in a non-destructive fashion (a) Nets parker (b) Angry IP Scanner
(b) Enumerate vulnerabilities and, if necessary, (c) GFI LanGuard (d) Hash cat
prove to upper management that vulnerabilities 67. What is the ethics behind training how to hack a
exist system?
(c) Apply results to remove vulnerabilities and (a) To think like hackers and know how to defend
better secure your systems such attacks

2.6
Physics Motion in One Dimension

(b) To hack a system without the permission (a) The ethical hacker has authorization from the
(c) To hack a network that is vulnerable owner of the target
(d) To corrupt software or service using mal ware (b) The ethical hacker is just a cracker who is
68. ______ has now evolved to be one of the most getting paid
popular automated tools for unethical hacking. (c) The ethical hacker does not use the same
(a) Automated apps (b) Data base software techniques or skills as a cracker
(c) Malware (d) Worms (d) The ethical hacker does it strictly for financial
motives unlike a cracker
69. Leaking your company data to the outside network
without prior permission of senior authority is a 81. Malicious attackers are generally known as ______.
crime. (a) Hackers (b) Malicious User
(a) True (b) False (c) Both (a) and (b) (d) None of above
70. _____ is the technique used in business 82. Flooding a network with too many requests, creating
organizations and firms to protect IT assets. a ______ for legitimate requests.
(a) Ethical hacking (b) Unethical hacking (a) DoS (b) D Dos
(c) Fixing bugs (d) Internal data-breach (c) Man in the Middle (d) None of above
71. The legal risks of ethical hacking include law suits 83. What are the examples of attacks on operating
due to ______ of personal data. system?
(a) Stealing (b) Disclosure (a) Exploiting specific protocol implementations
(c) Deleting (d) hacking (See No. 39) (b) Attacking built-in authentication systems
72. Before performing any penetration test, through (c) Breaking file-system security
legal procedure, which key points listed below is not (d) All of above
mandatory? 84. ______ applications are frequently attacked because
(a) Know the nature of the organization most firewalls and other security mechanisms are
(b) Characteristics of work done in the firm configured to allow full access to these programs
(c) System and network from the Internet.
(d) Type of broadband company used by the firm (a) SMTP and HTTP (b) HTPP and FTP
73. An ethical hacker must ensure that proprietary (c) FTP and SMTP (d) None of above
information of the firm does not get leaked. 85. Malicious software (malware) includes ______.
(a) True (b) False (a) Viruses (b) Worms
74. After performing ______ the ethical hacker should (c) Trojan horses (d) All of above
never disclose client information to other parties. 86. ______ tool is used to check target in different
(a) Hacking (b) Cracking geographies, simulate non-personalized browsing
(c) Penetration testing (d) Exploiting behaviour, undiscovered file transfers, etc.
75. White hat hackers are problem ______. (a) SaferVPN (b) InsightVM
(a) Solver (b) Creator (c) Burp Suite (d) Ettercap
(c) Generator (d) All of above 87. ______ is an ethical hacking tool which supports
active and passive dissection includes features for
76. Who describes the fundamental sofa hacker attitude?
network and host analysis.
(a) Jon Erickson (b) Kevin Minick
(a) SaferVPN (b) InsightVM
(c) Micah Zenko (d) Raymond
(c) Burp Suite (d) Ettercap
77. What is primary goal of ethical hacker?
88. Which of the following tool can automatically find
(a) Avoiding detection SQL Injection, XSS and other vulnerabilities in your
(b) Testing security controls web applications and web services?
(c) Resolving security vulnerabilities (a) Acunetix (b) Netsparker
(d) Determining return on investment for security (c) Probely (d) InsightVM
measures 89. ______ is a completely automatic ethical hacking
78. What is first phase of hacking? solution that mimics a hacker to keep criminal
(a) Maintaining access (b) Gaining access intruders one step ahead of them.
(c) Reconnaissance (d) Scanning (a) Acunetix (b) Netsparker
79. Hacking for a cause is called______. (c) Probely (d) InsightVM
(a) Hacktivism (b) Black-hat hacking 90. ______ continuously scans for vulnerabilities in
(c) Active hacking (d) Activism your Web Applications.
80. What is major difference between an ethical hacker (a) Acunetix (b) Netsparker
and a cracker? (c) Probely (d) InsightVM

2.7
Physics Motion in One Dimension

91. ______ tool is used to perform Security Testing of 99. ____ tool is designed to be customizable so that
web applications. users can create their custom security scanners using
(a) Burp Suite (b) Acunetix it.
(c) Insight M (d) Netsparker (a) Iron WASP (b) IKE Crack
92. ______ tool is powered by WEPWPA and WPA2 (c) Medusa (d) NetStumbler
encryption keys. 100. ______ is one of the best online brute-force, speedy,
(a) Aircrack (b) Angry IP Scanner parallel password crackers ethical hacking tool.
(c) GFI LanGuard (d) Savvius (a) Medusa (b) NetStumbler
93. ______ tool can act as your ‘virtual security (c) Iron WASP (d) SQL Map
consultant’ on demand. 101. ______ tool is used to detect wireless networks on
(a) Air crack (b) Angry IP Scanner the Windows platform.
(c) GFI LanGuard (d) Savvius (a) Medusa (b) NetStumbler
94. ______ tool can diagnose network issues faster and (c) Iron WASP (d) SQL Map
better. 102. ______ tool is used to automate the process of
(a) Air crack (b) Angry IP Scanner detecting and exploiting SQL injection weaknesses.
(c) GFI LanGuard (d) Savvius (a) Medusa (b) NetStumbler
95. ______ tool can check the performance vulnerability (c) Iron WASP (d) SQL Map
of the online cloud systems. 103. Ness us tool is used toper form ______.
(a) Qualys guard (b) Air crack (a) Remote vulnerability scanner
(c) Angry IP Scanner (d) GFI LanGuard (b) Password dictionary attacks
96. _____ tool provides comprehensive dynamic (c) Denial of service attacks.
analysis of complex web applications and services. (d) All of above
(a) Web Inspect (b) Qualys guard
(c) Air crack (d) Angry IP Scanner
97. ______ tool identifies and assesses password
vulnerability over local machines and networks.
(a) L0pht Crack6 (b) Rainbow Crack
(c) Hashcat (d) IKE Crack
98. ______ is an open source authentication crack tool.
(a) L0pht Crack6 (b) Rainbow Crack
(c) Hashcat (d) IKE Crack

ANSWER KEY
1. (b) 2. (d) 3. (b) 4. (b) 5. (a) 6. (a) 7. (b) 8. (a) 9. (b) 10. (c)
11. (d) 12. (b) 13. (b) 14. (d) 15. (b) 16. (a) 17. (b) 18. (c) 19. (a) 20. (a)
21. (c) 22. (d) 23. (c) 24. (b) 25. (a) 26. (c) 27. (a) 28. (b) 29. (a) 30. (c)
31. (c) 32. (b) 33. (c) 34. (d) 35. (d) 36. (c) 37. (a) 38. (a) 39. (b) 40. (d)
41. (a) 42. (b) 43. (a) 44. (d) 45. (c) 46. (d) 47. (d) 48. (a) 49. (a) 50. (b)
51. (a) 52. (d) 53. (b) 54. (b) 55. (d) 56. (d) 57. (c) 58. (d) 59. (d) 60. (a)
61. (a) 62. (a) 63. (d) 64. (b) 65. (c) 66. (d) 67. (a) 68. (c) 69. (a) 70. (a)
71. (b) 72. (d) 73. (a) 74. (c) 75. (a) 76. (d) 77. (c) 78. (d) 79. (a) 80. (a)
81. (c) 82. (a) 83. (d) 84. (a) 85. (d) 86. (a) 87. (d) 88. (b) 89. (a) 90. (c)
91. (a) 92. (a) 93. (c) 94. (d) 95. (a) 96. (a) 97. (a) 98. (d) 99. (a) 100. (a
)
101. (b) 102. (d) 103. (d)

2.8