Which of the following does an ethical hacker require to penetrate a system?
Correct
Incorrect
Question 2 of 100
2. Question
1 point(s)
What is Grey box Pentesting?
Correct
Incorrect
Question 3 of 100
3. Question
1 point(s)
If you have been hired to perform an attack against a target system to find and exploit vulnerabilities, what type of hacker are you?
Correct
Incorrect
Question 4 of 100
4. Question
1 point(s)
Which of the following describes an attacker who goes after a target to draw attention to a cause?
Correct
Incorrect
Question 5 of 100
5. Question
1 point(s)
What level of knowledge does a script kiddie have?
Correct
Incorrect
Question 6 of 100
6. Question
1 point(s)
A white-box test requires ___________.
Correct
Incorrect
Question 7 of 100
7. Question
1 point(s)
Which of the following describes a hacker who attacks without regard for being caught or punished?
Correct
Incorrect
Question 8 of 100
8. Question
1 point(s)
A penetration test is required for which of the following reason?
Correct
Incorrect
Question 9 of 100
9. Question
1 point(s)
Hackers using their skills for both benign and malicious goals at different times are _____________.
Correct
Incorrect
Question 10 of 100
10. Question
1 point(s)
Vulnerability analysis is basically ________________.
Correct
Incorrect
Question 11 of 100
11. Question
1 point(s)
What is Black-box testing?
Correct
Incorrect
Question 12 of 100
12. Question
1 point(s)
What does TOE stand for?
Correct
Incorrect
Question 13 of 100
13. Question
1 point(s)
The term “Vulnerability” refers to __________________.
Correct
Incorrect
Question 14 of 100
14. Question
1 point(s)
What are the basic ways to perform Footprinting?
Correct
Incorrect
Question 15 of 100
15. Question
1 point(s)
Which one of the following best explains Footprinting?
Correct
Incorrect
Question 16 of 100
16. Question
1 point(s)
What is the purpose of Social Engineering?
Correct
Incorrect
Question 17 of 100
17. Question
1 point(s)
Which feature is used to make a search more appropriate?
Correct
Incorrect
Question 18 of 100
18. Question
1 point(s)
Wayback Machine is used to ________________.
Correct
Incorrect
Question 19 of 100
19. Question
1 point(s)
DGAR, CNBC, and LexisNexis are used for _______________.
Correct
Incorrect
Question 20 of 100
20. Question
1 point(s)
Which record type will reveal the information about the Host IP address?
Correct
Incorrect
Question 21 of 100
21. Question
1 point(s)
Which record type will reveal the information about Domain’s Mail Server (MX)?
Correct
Incorrect
Question 22 of 100
22. Question
1 point(s)
_________________ is the most popular Web Reconnaissance framework used for information-gathering purposes as well as network detection.
Correct
Incorrect
Question 23 of 100
23. Question
1 point(s)
Which tool can be used to view web server information?
Correct
Incorrect
Question 24 of 100
24. Question
1 point(s)
To extract information regarding a domain name registration, which of the following is most appropriate?
Correct
Incorrect
Question 25 of 100
25. Question
1 point(s)
Which of the following statement below is correct?
Correct
Incorrect
Question 26 of 100
26. Question
1 point(s)
Is three-way handshaking the process of?
Correct
Incorrect
Question 27 of 100
27. Question
1 point(s)
Which of the following tools is used for Banner Grabbing?
Correct
Incorrect
Question 28 of 100
28. Question
1 point(s)
Which server anonymizes the web traffic to provide anonymity?
Correct
Incorrect
Question 29 of 100
29. Question
1 point(s)
Which of the following tools is capable of performing a customized scan?
Correct
Incorrect
Question 30 of 100
30. Question
1 point(s)
Which of the following is not a TCP Flag?
Correct
Incorrect
Question 31 of 100
31. Question
1 point(s)
A successful three-way handshaking consists of _________________.
Correct
Incorrect
Question 32 of 100
32. Question
1 point(s)
The method of pinging a range of IP addresses is called ________________.
Correct
Incorrect
Question 33 of 100
33. Question
1 point(s)
The scanning technique in which TCP three-way handshaking session is initiated and completed is called ___________________.
Correct
Incorrect
Question 34 of 100
34. Question
1 point(s)
Xmas Scan is a type of Inverse TCP Flag scanning in which ________________.
Correct
Incorrect
Question 35 of 100
35. Question
1 point(s)
Which statement is true about Enumeration?
Correct
Incorrect
Question 36 of 100
36. Question
1 point(s)
NetBIOS is basically ________________.
Correct
Incorrect
Question 37 of 100
37. Question
1 point(s)
Which of the following does not belong to NetBIOS Enumeration?
Correct
Incorrect
Question 38 of 100
38. Question
1 point(s)
The command nbstat with the option “-a” extracts the information of _______________.
Correct
Incorrect
Question 39 of 100
39. Question
1 point(s)
The command nbstat with the option “-A” extracts the information of _____________.
Correct
Incorrect
Question 40 of 100
40. Question
1 point(s)
______________ is not an example of SNMP Manager software.
Correct
Incorrect
Question 41 of 100
41. Question
1 point(s)
Which of the following is true about SNMP?
Correct
Incorrect
Question 42 of 100
42. Question
1 point(s)
SNMPv3 supports ________________.
Correct
Incorrect
Question 43 of 100
43. Question
1 point(s)
Which port does not belong to NetBIOS over TCP (NetBT)?
Correct
Incorrect
Question 44 of 100
44. Question
1 point(s)
Which of the following statements is true about NTP authentication?
Correct
Incorrect
Question 45 of 100
45. Question
1 point(s)
The process of finding weaknesses, design flaws, and security concerns in a network, Operating System, applications, or website is called:
Correct
Incorrect
Question 46 of 100
46. Question
1 point(s)
Which of the following is a Pre-Assessment phase of the Vulnerability Assessment Life-Cycle?
Correct
Incorrect
Question 47 of 100
47. Question
1 point(s)
The Vulnerability Post Assessment phase includes _________________.
Correct
Incorrect
Question 48 of 100
48. Question
1 point(s)
The vulnerability assessment process in which the auditor follows different strategies for each network component is called __________________.
Correct
Incorrect
Question 49 of 100
49. Question
1 point(s)
An approach to assist that depends on the inventory of protocols in an environment is called _____________________.
Correct
Incorrect
Question 50 of 100
50. Question
1 point(s)
CVSS Stands for ________________________.
Correct
Incorrect
Question 51 of 100
51. Question
1 point(s)
The Vulnerability Database launched by NIST is ________________________.
Correct
Incorrect
Question 52 of 100
52. Question
1 point(s)
Which of the following is not a Vulnerability Scanning tool?
Correct
Incorrect
Question 53 of 100
53. Question
1 point(s)
Which of the following is not an example of a Non-Electronic / Non-Technical Password Attack?
Correct
Incorrect
Question 54 of 100
54. Question
1 point(s)
Anthony is cracking a password using a list of known and common phrases until the password is accepted. Which type of attack is this?
Correct
Incorrect
Question 55 of 100
55. Question
1 point(s)
An attacker is cracking the password by trying every possible combination of alphanumeric characters. Which of the following types of Password Cracking is this?
Correct
Incorrect
Question 56 of 100
56. Question
1 point(s)
The addition of characters in the password to make it a one-way function is called ________________________.
Correct
Incorrect
Question 57 of 100
57. Question
1 point(s)
Which of the following is a framework that can perform automated attacks on services, applications, ports, and unpatched software?
Correct
Incorrect
Question 58 of 100
58. Question
1 point(s)
______________ is the term for cracking passwords using pre-computed hashes.
Correct
Incorrect
Question 59 of 100
59. Question
1 point(s)
How can you protect yourself from a Rainbow table attack?
Correct
Incorrect
Question 60 of 100
60. Question
1 point(s)
Which of the following definitions of malware is the most accurate?
Correct
Incorrect
Question 61 of 100
61. Question
1 point(s)
Which of the following does not belong to the virus?
Correct
Incorrect
Question 62 of 100
62. Question
1 point(s)
Malware Static Analysis is ________________________.
Correct
Incorrect
Question 63 of 100
63. Question
1 point(s)
Which of the following defines the best Malware Dynamic Analysis?
Correct
Incorrect
Question 64 of 100
64. Question
1 point(s)
Which of the following does not belongs to Trojan deployment?
Correct
Incorrect
Question 65 of 100
65. Question
1 point(s)
_____________ is used to hide malicious programs while creating Trojan.
Correct
Incorrect
Question 66 of 100
66. Question
1 point(s)
____________ is used to bind malicious programs while creating Trojan.
Correct
Incorrect
Question 67 of 100
67. Question
1 point(s)
____________ is used to drop malicious programs at the target.
Correct
Incorrect
Question 68 of 100
68. Question
1 point(s)
Sniffing is carried out on ________________________.
Correct
Incorrect
Question 69 of 100
69. Question
1 point(s)
Sniffing without interfering is known as ________________________.
Correct
Incorrect
Question 70 of 100
70. Question
1 point(s)
The port that allows you to send a copy of the packet over another port at layer 2 is called ________________________.
Correct
Incorrect
Question 71 of 100
71. Question
1 point(s)
Wiretapping with legal permission is known as ________________________.
Correct
Incorrect
Question 72 of 100
72. Question
1 point(s)
Which one of the following is the best option to defend against ARP poisoning?
Correct
Incorrect
Question 73 of 100
73. Question
1 point(s)
Which of the following Wireshark filters display packet from 10.0.0.1?
Correct
Incorrect
Question 74 of 100
74. Question
1 point(s)
A phishing attack is performed over ________________________.
Correct
Incorrect
Question 75 of 100
75. Question
1 point(s)
The basic purpose of Social Engineering attacks is ________________________.
Correct
Incorrect
Question 76 of 100
76. Question
1 point(s)
Which of the following is not a form of Human-based Social Engineering?
Correct
Incorrect
Question 77 of 100
77. Question
1 point(s)
An attack performed by a disgruntled employee of an organization is called ________________________.
Correct
Incorrect
Question 78 of 100
78. Question
1 point(s)
To defend against a phishing attack, a necessary step is ________________________.
Correct
Incorrect
Question 79 of 100
79. Question
1 point(s)
The technique of passing the restricted area by an unauthorized person with an authorized person is called ________________________.
Correct
Incorrect
Question 80 of 100
80. Question
1 point(s)
The technique of an illegal individual passing into a restricted location by following an authorized person is known as ________________________.
Correct
Incorrect
Question 81 of 100
81. Question
1 point(s)
When an attack denies the services and resources and becomes unavailable for legitimate users, it is known as ________________________.
Correct
Incorrect
Question 82 of 100
82. Question
1 point(s)
DoS attack in which flooding of the request overloads a web application or web server is known as ________________________.
Correct
Incorrect
Question 83 of 100
83. Question
1 point(s)
The ________________ is a DoS attack focused on hardware sabotage.
Correct
Incorrect
Question 84 of 100
84. Question
1 point(s)
DoS attack in which Intermediary and Secondary victims are also involved in the process of launching a DoS attack is known as ________________________.
Correct
Incorrect
Question 85 of 100
85. Question
1 point(s)
The _________ is a scanning technique that uses a list of potentially susceptible machines.
Correct
Incorrect
Question 86 of 100
86. Question
1 point(s)
The process of scanning any IP address in the IP address space for vulnerabilities is known as ________________________.
Correct
Incorrect
Question 87 of 100
87. Question
1 point(s)
When an attacker directly exploits and copies the malicious code to the victim’s machine, the propagation is called ________________________.
Correct
Incorrect
Question 88 of 100
88. Question
1 point(s)
When an attacker exploits the vulnerable system and opens a connection to transfer malicious code, the propagation is called ________________________.
Correct
Incorrect
Question 89 of 100
89. Question
1 point(s)
The ___________ is an automated approach for detecting DoS/DDoS attacks using input signal analysis.
Correct
Incorrect
Question 90 of 100
90. Question
1 point(s)
Sequential Change-Point detection algorithm uses the ________________ technique to detect DoS/DDoS attacks.
Correct
Incorrect
Question 91 of 100
91. Question
1 point(s)
The _______________ Filtering Standard is intended to reduce DDoS attacks by providing ingress filtering for multi-homed networks.
Correct
Incorrect
Question 92 of 100
92. Question
1 point(s)
The process of silently dropping the traffic (either incoming or outgoing traffic) so that the source is not notified about the discarding of the packet is known as ________________________.
Correct
Incorrect
Question 93 of 100
93. Question
1 point(s)
Which statement defines session hijacking more accurately?
Correct
Incorrect
Question 94 of 100
94. Question
1 point(s)
Which of the following do not belong to a session hijacking attack?
Correct
Incorrect
Question 95 of 100
95. Question
1 point(s)
In session hijacking, a technique called ______________ is used to send packets along a specified route, i.e., the same as the victim’s path.
Correct
Incorrect
Question 96 of 100
96. Question
1 point(s)
Session Fixation is vulnerable to _______________.
Correct
Incorrect
Question 97 of 100
97. Question
1 point(s)
The HIDS system is used to keep track of what’s going on the _____________.
Correct
Incorrect
Question 98 of 100
98. Question
1 point(s)
A computer system is placed between public and private networks, and certain roles and responsibilities are assigned to this computer. This system is known as ________________________.
Correct
Incorrect
Question 99 of 100
99. Question
1 point(s)
Cisco ASA with FirePOWER Services is considered an example of ________.
Correct
Incorrect
Question 100 of 100
100. Question
1 point(s)
The devices or systems that are deployed to trap attackers attempting to gain unauthorized access to the system or network as they are deployed in an isolated environment and being monitored are known as ________________________.
Correct
Incorrect
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.