Ethical Hacking MCQs | Cloud & Innovation Security

Master your Certified Ethical Hacker (CEH) and OSCP exams with 300+ free penetration testing MCQs and interview questions.

CEH v12 Syllabus Penetration Testing Network Security Bug Bounty Prep
« First 9 10 11 12 Last »
« Previous Page Next Page »

181. What is "ISO 55001" standard?

  • a) Asset management system
  • b) Network penetration testing
  • c) Malware detection
  • d) Firewall configuration
Answer: A - Manages cybersecurity risks for physical/digital assets.

182. Which attack exploits "Windows PetitPotam vulnerability"?

  • a) Forcing domain controllers to authenticate via MS-EFSRPC
  • b) SQL injection
  • c) Cross-site scripting
  • d) DNS spoofing
Answer: A - Triggers NTLM relay attacks against AD Certificate Services.

183. What is "ISO 56005" standard?

  • a) Innovation management tools for cybersecurity
  • b) Network segmentation
  • c) Malware analysis
  • d) Cryptographic protocols
Answer: A - Guides R&D for security product development.

184. Which tool performs "Android application reverse engineering"?

  • a) JADX-GUI
  • b) Nmap
  • c) Wireshark
  • d) Metasploit
Answer: A - Decompiles APKs to Java/smali code for vulnerability analysis.

185. What is "ISO 56007" standard?

  • a) Idea management for security innovation
  • b) Network security controls
  • c) Malware detection
  • d) Physical security
Answer: A - Structures brainstorming for defensive/offensive security tools.

186. Which attack exploits "GCP Workload Identity Federation"?

  • a) Abusing external identity providers to gain GCP access
  • b) SQL injection
  • c) Cross-site scripting
  • d) DNS spoofing
Answer: A - Compromised OIDC tokens grant unauthorized cloud permissions.

187. What is "ISO 56010" standard?

  • a) Cybersecurity innovation assessment
  • b) Network penetration testing
  • c) Malware detection
  • d) Firewall configuration
Answer: A - Evaluates effectiveness of new security methodologies/tools.

188. Which tool performs "AWS Lambda function exploitation"?

  • a) Lambda-Proxy
  • b) Nmap
  • c) Wireshark
  • d) Burp Suite
Answer: A - Tests for insecure permissions/env vars in serverless functions.

189. What is "ISO 56030" standard?

  • a) Security innovation measurement framework
  • b) Network security controls
  • c) Malware analysis
  • d) Cryptographic algorithms
Answer: A - Quantifies ROI of security R&D investments.

190. Which attack exploits "Azure Function App vulnerabilities"?

  • a) Abusing insecure "Easy Auth" configurations
  • b) SQL injection
  • c) Cross-site scripting
  • d) DNS spoofing
Answer: A - Default auth bypass exposes sensitive APIs/data.

191. What is "ISO 56031" standard?

  • a) Security innovation portfolio management
  • b) Network segmentation
  • c) Malware detection
  • d) Physical security
Answer: A - Prioritizes security tool development based on risk/impact.

192. Which tool performs "Terraform IaC scanning"?

  • a) Checkov
  • b) Nmap
  • c) Wireshark
  • d) Metasploit
Answer: A - Detects misconfigurations in Terraform/CloudFormation templates.

193. What is "ISO 56040" standard?

  • a) Security innovation knowledge management
  • b) Network penetration testing
  • c) Malware detection
  • d) Firewall configuration
Answer: A - Documents lessons learned from red/blue team exercises.

194. Which attack exploits "Kubernetes RBAC misconfigurations"?

  • a) Escalating privileges via overly permissive ClusterRoles
  • b) SQL injection
  • c) Cross-site scripting
  • d) DNS spoofing
Answer: A - Example: kubectl create clusterrolebinding abuse.

195. What is "ISO 56050" standard?

  • a) Security innovation culture development
  • b) Network security controls
  • c) Malware analysis
  • d) Cryptographic protocols
Answer: A - Fosters organizational mindset for continuous security improvement.

196. Which tool performs "GCP Cloud Function testing"?

  • a) GCPBucketBrute
  • b) Nmap
  • c) Wireshark
  • d) Burp Suite
Answer: A - Identifies publicly accessible cloud functions with sensitive data.

197. What is "ISO 56060" standard?

  • a) Security innovation leadership guidelines
  • b) Network segmentation
  • c) Malware detection
  • d) Physical security
Answer: A - Helps CISOs drive security R&D initiatives.

198. Which attack exploits "Azure Logic Apps vulnerabilities"?

  • a) Abusing insecure connectors/workflow triggers
  • b) SQL injection
  • c) Cross-site scripting
  • d) DNS spoofing
Answer: A - Malicious workflows can exfiltrate data or escalate privileges.

199. What is "ISO 56070" standard?

  • a) Security innovation implementation framework
  • b) Network penetration testing
  • c) Malware detection
  • d) Firewall configuration
Answer: A - Operationalizes new security tools/processes across teams.

200. Which header prevents "Cross-Origin-Resource-Sharing (CORS) attacks"?

  • a) Access-Control-Allow-Origin
  • b) Content-Security-Policy
  • c) X-Frame-Options
  • d) Strict-Transport-Security
Answer: A - Restricts domains allowed to access APIs (e.g., Access-Control-Allow-Origin: https://trusted.com).
« First 9 10 11 12 Last »
« Previous Page Next Page »

Ethical Hacking MCQs - Master Cybersecurity & Penetration Testing | PCBooks

🔐 Preparing for CEH, OSCP, or cybersecurity interviews? Get free practice MCQs covering ethical hacking, penetration testing, network security, and cyber defense. Perfect for:

🛡️ Ethical Hacking Fundamentals MCQs

👉 Footprinting & reconnaissance techniques
👉 Scanning networks (Nmap, Nessus)
👉 System hacking methodologies
👉 Social engineering attacks

💻 Penetration Testing MCQs

🎯 Web application security tests
- SQL injection and XSS vulnerabilities
- CSRF and session hijacking defenses
🎯 Network penetration strategies
- Firewall evasion techniques
- IDS/IPS bypass methods
🎯 Wireless security assessments

🔐 Cryptography & Security MCQs

👉 Symmetric vs asymmetric encryption
👉 SSL/TLS implementation
👉 PKI infrastructure concepts
👉 GDPR compliance requirements

🚀 Start Your Cybersecurity Practice

Ethical Hacking Practice Questions →

🏆 Trusted by 70,000+ cybersecurity aspirants for CEH, CISSP, and OSCP exam success!

ethical hacking multiple choice questions with answers PDF, Top 50 ethical hacking interview questions and answers, CEH v12 MCQ questions and answers, Basic ethical hacking quiz for beginners, OSCP interview questions and answers, Penetration testing MCQ questions, Cybersecurity multiple choice questions for beginners, Top 100 cybersecurity interview questions 2024, CISSP exam questions and answers PDF, Network security MCQ with explanations, Cybersecurity quiz for freshers, Security+ SY0-701 practice questions, Cryptography MCQ questions for interviews, Web application security interview questions, SOC analyst technical interview questions, Bug bounty hunter interview questions, Cloud security MCQ questions and answers, GDPR compliance interview questions, Free ethical hacking practice questions with answers, How to prepare for cybersecurity technical interview, Best websites for cybersecurity MCQs, Scenario-based ethical hacking interview questions, Difference between XSS and CSRF MCQ