1. What is the primary goal of ethical hacking?
- a) To exploit vulnerabilities for personal gain
- b) To identify and fix security weaknesses
- c) To disrupt network services
- d) To steal sensitive data
Answer: B - Ethical hacking aims to discover and remediate security flaws to protect systems.
2. Which phase of ethical hacking involves gathering information about the target?
- a) Scanning
- b) Enumeration
- c) Reconnaissance
- d) Exploitation
Answer: C - Reconnaissance (or footprinting) is the initial data-collection phase.
3. What is a "zero-day vulnerability"?
- a) A flaw with no known patch
- b) A bug fixed within 24 hours
- c) A low-risk security issue
- d) A hardware failure
Answer: A - Zero-day vulnerabilities are unpatched and often exploited before developers can fix them.
4. Which tool is commonly used for network scanning?
- a) Wireshark
- b) Nmap
- c) Metasploit
- d) Burp Suite
Answer: B - Nmap (Network Mapper) scans for open ports and services.
5. What does SQL injection target?
- a) Database vulnerabilities
- b) Firewall configurations
- c) Physical security
- d) Wireless networks
Answer: A - SQL injection manipulates database queries through input fields.
6. Which protocol is vulnerable to "man-in-the-middle" attacks?
- a) HTTPS
- b) SSH
- c) HTTP
- d) FTP
Answer: D - FTP transmits data in plaintext, making it susceptible to interception.
7. What is "phishing"?
- a) A physical break-in attempt
- b) Tricking users into revealing sensitive data
- c) Encrypting files for ransom
- d) Scanning for open ports
Answer: B - Phishing uses deceptive emails/websites to steal credentials or data.
8. Which type of test simulates a real-world attack?
- a) Vulnerability assessment
- b) Penetration testing
- c) Risk analysis
- d) Compliance audit
Answer: B - Penetration testing (pentesting) actively exploits vulnerabilities.
9. What is "ARP spoofing"?
- a) Faking MAC addresses to intercept traffic
- b) Encrypting network packets
- c) Blocking IP addresses
- d) Scanning for DNS leaks
Answer: A - ARP spoofing redirects traffic by falsifying ARP responses.
10. Which tool is used for password cracking?
- a) John the Ripper
- b) Tcpdump
- c) Nessus
- d) Snort
Answer: A - John the Ripper is a popular offline password-cracking tool.
11. What is "DDoS" short for?
- a) Distributed Denial of Service
- b) Data Deletion over System
- c) Direct Disk Operating System
- d) Dynamic Domain of Security
Answer: A - DDoS floods a target with traffic from multiple sources to overwhelm it.
12. Which encryption method is asymmetric?
- a) AES
- b) RSA
- c) DES
- d) Blowfish
Answer: B - RSA uses public/private key pairs, unlike symmetric methods (AES/DES).
13. What does "IDS" stand for?
- a) Intrusion Detection System
- b) Internet Data Security
- c) Integrated Defense System
- d) Internal Disk Storage
Answer: A - IDS monitors networks/systems for malicious activity.
14. Which file extension is commonly associated with ransomware?
- a) .txt
- b) .exe
- c) .jpg
- d) .pdf
Answer: B - Ransomware often arrives as an executable (.exe) file.
15. What is "OSINT"?
- a) Open-Source Intelligence
- b) Operating System Interface
- c) Offensive Security Initiative
- d) Online System Integrity Test
Answer: A - OSINT involves collecting publicly available data for reconnaissance.
16. Which attack exploits session tokens?
- a) XSS
- b) CSRF
- c) Session hijacking
- d) Buffer overflow
Answer: C - Session hijacking steals valid session IDs to impersonate users.
17. What is "shodan.io" used for?
- a) Password cracking
- b) Searching vulnerable IoT devices
- c) Encrypting emails
- d) Detecting malware
Answer: B - Shodan is a search engine for exposed devices/servers.
18. Which law governs hacking activities in the U.S.?
- a) DMCA
- b) CFAA
- c) HIPAA
- d) GDPR
Answer: B - The Computer Fraud and Abuse Act (CFAA) criminalizes unauthorized access.
19. What does "VPN" protect against?
- a) Eavesdropping on public networks
- b) Phishing attacks
- c) SQL injection
- d) DDoS attacks
Answer: A - VPNs encrypt traffic to prevent interception on untrusted networks.
20. Which header helps prevent XSS attacks?
- a) Content-Security-Policy
- b) X-Frame-Options
- c) Strict-Transport-Security
- d) Cache-Control
Answer: A - CSP restricts sources of executable scripts to mitigate XSS.