Ethical Hacking MCQs with Answers

Correct Answer :   Rene Carmille

---

Explanation : The French experience in World War II is also instructive. Some credit René Carmille as the first ethical hacker because he stalled Nazi demands to get France’s Jewish population registered by machine. 

Correct Answer :   Kevin Mitnick

---

Explanation : Kevin David Mitnick (born August 6, 1963) is an American computer security consultant, author, and convicted hacker. He is best known for his high-profile 1995 arrest and five years in prison for various computer and communications-related crimes.

Correct Answer :   1955-60

---

Explanation : The term came to origin in the year 1960s when very highly skilled professionals and individuals practice complex programming approaches to solve different problems.

Correct Answer :   MIT

---

Explanation : At MIT (Massachusetts Institute of Technology), the term ‘hacker’ first came into origin because individuals and high skilled professionals solve different problems using programming languages. Some similar terms were also coined in this regard such as – geeks & nerds.

Correct Answer :   Voracious thirst for knowledge

---

Explanation : Hackers of the old era were considered the most influential individuals of society with intellectual learning inclination and thirst for knowledge.

Correct Answer :   1993

---

Explanation : The first ever internationally recognized hacker’s conference took place in the year 1993 at Las Vegas, Nevada.

Correct Answer :   File Allocation Tables

---

Explanation : File Allocation Table (FAT) is a file system developed for personal computers. Originally developed in 1977 for use on floppy disks, it was adapted for use on hard disks and other devices. It is often supported for compatibility reasons by current operating systems for personal computers and many mobile devices and embedded systems, allowing interchange of data between disparate systems.

Correct Answer :   All of the Above

Correct Answer :   Threat

---

Explanation : Threat can be termed as a possible danger that may lead to breach the cyber security and may cause possible harm to the system or the network.

Correct Answer :   Vulnerability

---

Explanation : Vulnerability is the term used to define weakness in any network or system that can get exploited by an attacker. Exploiting the weakness can lead to the unexpected & undesirable event in cyber security.

Correct Answer :   Data Breach

---

Explanation : Data breach is the term used when the cyber-security incident takes place where sensitive information is accessed without authority.

Correct Answer :   Rogue access point

---

Explanation : The attack called “evil twin" is Rogue access point.

Correct Answer :   All of the Above

Correct Answer :   Resolving Security Vulnerabilities

Correct Answer :   Scanning

---

Explanation : Scanning is the first phase of hacking.

Correct Answer :   Ad hoc

---

Explanation : Ad hoc wireless mode connects machines directly to one another, without the use of an access point.

Correct Answer :   Conclusive Evidence

Correct Answer :   1030 and 2701

Correct Answer :   DEFCON

---

Explanation : DEFCON is one of the most popular and largest hacker’s as well as a security consultant’s conference that takes place every year in Las Vegas, Nevada, where government agents, security professionals, black and white hat hackers from all over the world attend that conference.

Correct Answer :   Phreaking

---

Explanation : Phreaking which is abbreviated as phone-hacking is a slang term and old hacking technique where skilled professionals study, explore & experiment telephone networks in order to acquire the free calling facility.

Correct Answer :   1878

---

Explanation : The first hacking (related to telephone technology) was done when the phone company – named Bell Telephone started in the year 1878.

Correct Answer :   1970

---

Explanation : For hackers 1970 was that era when hackers and cyber criminals figured out how wired technologies work and how these technologies can be exploited in order to gain additional advantage or misuse the technology.

Correct Answer :   John Draper

---

Explanation : In the year 1971, a Vietnam guy name John Draper figured it out as how to make phone calls free of cost. This type of phone hacking is termed Phreaking.

Correct Answer :   Target of Evaluation

---

Explanation : Target of Evaluation is the term used when any IT infrastructure, system, network require evaluation for security reasons or for fixing any bugs after being tested by penetration testers.

Correct Answer :   Hacktivism

---

Explanation : Hacktivism is an act of defacing a website, or any network or system. Systems and networks are compromised with a political or social agenda.

Correct Answer :   Social Engineering

---

Explanation : Using social engineering techniques, hackers try to exploit the victim’s mind to gain valuable information about that person such as his/her phone number, date of birth, pet name etc.

Correct Answer :   Spamming

---

Explanation : Spamming is the attack technique where the same message is sent indiscriminately repeatedly in order to overload the inbox or harm the user.

Correct Answer :   Pretexting

---

Explanation : In the pretexting technique of social engineering, the attacker pretends in need of legitimate information from the victim for confirming his/her identity.

Correct Answer :   High Patience

---

Explanation : High Patience, Persistence, Perseverance, and up-to-date with the latest technological updates and their flaws are some of the major qualities, an ethical Hacker must need to have.

Correct Answer :   Reverse engineering

---

Explanation : Reverse engineering is the technique used to enable a hacker to open a piece of program or application (usually in a low-level language such as Assembly language) and re-build it with further features & capabilities.

Correct Answer :   Initialization vectors are small, get reused frequently, and are sent in cleartext

Correct Answer :   Kismet

Correct Answer :   Offline attack

Correct Answer :   IRC

Correct Answer :   32 characters

Correct Answer :   Resets the TCP Connection

Correct Answer :   Kevin Poulsen

---

Explanation : The ARPANET (Advanced Research Project Agency Network) got hacked by Kevin Poulsen as he breaks into the Pentagon network and their associated system but got caught immediately in the year 1983.

Correct Answer :   William Gibson

---

Explanation : In the year 1821, an American – Canadian fiction pioneer cum writer, William Gibson explored the different streams of technologies and coined the term “cyberspace”. The term defines interconnected technologies that help in sharing information, interact with digital devices, storage and digital entertainment, computer and network security and stuff related to information technology.

Correct Answer :   1978

---

Explanation : TCP/IP suite needs prior security as it is one of the most popularly used protocol suites and hence some computer scientists in the year 1978, attempts to integrate the security algorithms though they face many impediments in this regard.

Correct Answer :   1984

---

Explanation : This Cyber security bill got passed in the US in the year 1984 keeping this in concern that any computer related crimes do not go unpunished. This law also restricts users from unauthorized access of computer or data associated with it.

Correct Answer :   Doxing

---

Explanation : When an identity of internet user is discovered and published by following his/her details over the internet is called doxing.

Correct Answer :   Emails

---

Explanation : In a phishing attack, the attacker fraudulently attempts to obtain sensitive data (such as username & passwords) of the target user and use emails to send fake links which redirect them to a fake webpage which looks legitimate.

Correct Answer :   Smart attacking potential

---

Explanation : Every hacker must possess some intangible skill-set such as creative thinking to process out a new way of penetrating a system, problem-solving skills as to cease down any active attack and persistence, try in different ways without losing hope.

Correct Answer :   For solving problems and building tool and programs

---

Explanation : A programming language is important for hackers and security professionals to understand so that they can understand the working behaviour of any virus, ransomware, or other malware, or write their own defense code to solve a problem. Nowadays, security tools and malware are developed by security professionals with high skills and knowledge.

Correct Answer :   Networking

---

Explanation : A proper understanding of networking is very important for hackers who are trying to gain access to a system through networks. How TCP/IP works, how topologies are formed and what protocols are used for what purposes are some mandatory stuff a hacker or security professional must understand.

Correct Answer :   SQL

---

Explanation : For hacking a database or accessing and manipulating data, a hacker must need to have the knowledge of SQL (Structured Query Language). From a hacker’s perspective, if you’ve accessed any database for short period of time and want to change some specific data, you must need to write a proper SQL query to search for or implement your hack faster.

Correct Answer :   privacy and security

---

Explanation : A penetration tester must keep in mind the privacy & security requirements as well as policies of a firm while evaluating the security postures of the target, which is called as “industry and business ethics policies”.

Correct Answer :   Cyber-ethics

---

Explanation : Cyber-ethics and knowledge of proper ethical aspects while doing penetration tests helps to classify arguments and situations, better understand a cyber crime and helps to determine appropriate actions.

Correct Answer :   To think like hackers and know how to defend such attacks

Correct Answer :   BSSID

Correct Answer :   Exploit

Correct Answer :   Network Scanner

---

Explanation : Nmap is a network scanning tool—an open source Linux command-line tool—used for network exploration, host discovery, and security auditing. Gordon Lyon (pseudonym Fyodor Vaskovich) created it to help map an entire network easily and find its open ports and services.

Correct Answer :   NAT

Correct Answer :   Bettercap -iface eth0

Correct Answer :   Show payloads

Correct Answer :   Code Division Multiple Access

---

Explanation : CDMA stands for “Code Division Multiple Access.” GSM stands for “Global System for Mobiles.” They are 2 radio networks used by wireless carriers.

Correct Answer :   Datalink

Correct Answer :   All of the Above

Correct Answer :   Penetration Testing

Correct Answer :   Malware

Correct Answer :   Remote Attack

Correct Answer :   APNIC, LACNIC, ARIN, RIPE NCC

---

Explanation : The four Internet registries are ARIN (American Registry of Internet Numbers), RIPE NCC (Europe, the Middle East, and parts of Central Asia), LACNIC (Latin American and Caribbean Internet Addresses Registry), and APNIC (Asia Pacific Network Information Centre).

Correct Answer :   Ethics in black hat hacking

---

Explanation : Ethics in cyber-security is the branch of cyber security that deals with morality and provides different theories and principles’ regarding the view-points about what is right and what need not to be done.

Correct Answer :   Penetration Testing

---

Explanation : It is against the laws and ethics of ethical hackers that after doing penetration tests, the ethical hacker should never disclose client information to other parties. The protection of client data is in the hands of the ethical hacker who performed the tests.

Correct Answer :   Type of broadband company used by the firm

---

Explanation :

Correct Answer :   disclosure

---

Explanation : The legal risks of ethical hacking contains lawsuits due to disclosure of personal data during the penetration testing phase. Such disclosure of confidential data may lead to a legal fight between the ethical hacker and the organization.

Correct Answer :   Ethical Hacking

---

Explanation : Ethical hacking is that used by business organizations and firms for exploiting vulnerabilities to secure the firm. Ethical hackers help in increasing the capabilities of any organization or firm in protecting their IT and information assets.

Correct Answer :   443

---

Explanation : HTTPS uses TCP port 443. This is a well-known port number and can be found in the Windows services file.

Correct Answer :   Passive operating system fingerprinting

---

Explanation : Banner grabbing is not detectible; therefore it is considered passive OS fingerprinting.

Correct Answer :   Single quote

Correct Answer :   Both (A) and (B)

---

Explanation : Ethical hacking is also known as white hat hacking & penetration testing.

Correct Answer :   nslookup

---

Explanation : nslookup tool can be used to perform a DNS zone transfer on Windows .

Correct Answer :   Robert T. Morris

---

Explanation : Robert Tappan Morris, a Cornell University graduate student developed Morris Worm in 1988 and was accused of the crime (under US Computer Fraud and Abuse Act.) for spreading computer worms through Internet.

Correct Answer :   PGP (Pretty Good Privacy)

---

Explanation : This encryption program package name PGP (Pretty Good Privacy) became popular across the globe because it helps in providing authentication in data communication as well as help in maintaining privacy through cryptographic algorithms by encryption & decryption of plain texts (in emails and files) to cipher texts and vice versa.

Correct Answer :   Piggybacking

---

Explanation : Piggybacking is the technique used for social engineering, as the attacker or unauthorized person/individual follows behind an authorized person/employee & gets into an authorized area to observe the system, gain confidential data or for a fraudulent purpose.

Correct Answer :   False

---

Explanation : Physical hacking, like other types of hacking, is possible in any institutions, organizations, clinics, private firms, banks or any other financial institutions. Hence, the above statement is false.

Correct Answer :   Physical accessing

---

Explanation : Physical accessing without prior security checking is the ability of a person to gain access to any authorized area. Physical accessing is done using piggybacking or any other suspicious means.

Correct Answer :   Updating the patches in the software you’re working at your office laptop.

---

Explanation : Updating the patches in your working software does not come under security measures for physical hacking. Updating the patches will help your software get free from bugs and flaws in an application as they get a fix when patches are updated.

Correct Answer :   Phishing

---

Explanation : Phishing does not come under physical security. Walk-in without proper authorization, sneaking in through glass windows or other means and breaking in and stealing sensitive documents are examples of physical hacking.

Correct Answer :   a bad

---

Explanation : Overlooking or peeping into someone’s system when he/she is entering his/her password is a bad practice and is against the ethics of conduct for every individual. Shoulder surfing is a social engineering attack approach used by some cyber-criminals to know your password and gain access to your system later.