Industrial Training (Ethical Hacking) Exa

What is the correct way to Remove/Delete a directory named “hey” with some the content inside it in Linux?

a) root@user# Del hey
b) root@user# rm -d hey
c) root@user# rm -d -f hey
d) root@user# rm -R hey

2) In which phase the hacker exploits the network or system vulnerabilities.

a) Scanning
b) Maintaining access
c) Reconnaissance
d) Gaining access

3) Which command is used to check the processes running in a Linux system?

a) root@root# netstat -pint
b) root@root# service –status-all
c) root@root# ps -au
d) root@root# netdiscover

4) What is the sequence of a TCP connection?

a) SYN-ACK-FIN
b) SYN-SYN-ACK
c) SYN-SYN-ACK-ACK
d) SYN-ACK

5) Which of the following Services or commands are associated with troubleshooting network connections?

a) root@root# ifconfig

b) root@root# service network-manager restart

c) root@root# service networking restart

d) root@root# service apache2 start

a) A and B
b) A, C and D
c) A,B and C
d) A, B and D

6) Which of the following services use TCP(Transmission Control Protocol)? 1:RIP 2:SSH 3:TFTP 4:DHCP 5:HTTP 6:FTP

a) 2,5,3&1
b) 6,1&3
c) 2,5 &6
d) All of the Above

7) What port does Metasploitable’s IRC service run on?

a) 135
b) 1337
c) 6667
d) 4343

8) Which of the following statements are TRUE for cookies:

a) Cookies have executable code which help server to track down user activity.

b) Cookies have limitation of storing data up-to 4 Kb per cookie.

c) Cookies are made for both Client side programming and Server side programming.

d) Cookies can be used for activating re-targeting advertisements.

a) A and C
b) B and C
c) C and D
d) B and D

9) Which algorithms belong to asymmetric cryptography?

a) Blowfish
b) RSA
c) 3DES (Triple DES)
d) AES

10) In Reconnaissance, an organization or system compromises which CIA triad of security?

a) Availability
b) Integrity
c) Confidentiality
d) Authentication

11) PKI (Public Key Infrastructure) uses which of the following elements:

a) Symmetric Key Algorithm
b) Hashing
c) Asymmetric Key Algorithm
d) All of these

12) When to start investigation?

a) After receiving permission from cyber cell.
b) After receiving authority from Sr. Inspector of Police.
c) In case of cognizable offense after lodging of the FIR under section 154 of C.R.P.C
d) As soon as non cognizable offence is brought to the notice of police.

13) Which attack is called the “Evil Twin” ?

a) Rogue access point
b) ARP poisoning
c) Session Hijacking
d) MAC spoofing

14) Digital signature certificate is requirement under various applications

a) Statutory
b) Legislative
c) Governmental
d) Voluntary

15) What is the difference between session cookies and persistent cookies?

a) Session cookies stay on the client's machine forever, whereas persistent cookies get deleted.
b) Session cookies do not stay forever but get deleted.<br>Persistent cookies stay on the client's machine forever, whereas session cookies get deleted.
c) Persistent cookies stay on the client's machine for as long as their max-age or Expires attribute specifies, whereas session cookies get deleted at the end of a session.
d) None of the above.

16) Recently you discovered a new vulnerability in an application that is handling the Financial sector which leaks some sensitive data of the users and the vendor is not responding. Which one of the following approaches would be the most responsible way for you to report this?

a) Notify the vendor and agree to wait indefinitely
b) Notify the vendor by posting it on social media.
c) Notify the Computer Emergency Response Team.
d) Notify the National Critical Information Infrastructure Protection Centre

17) Which of the following deals with network intrusion detection and real-time traffic analysis?

a) John the Ripper
b) LOphtCrack
c) Snort
d) Nessus

18) How to scan a target using default scripts?

a) nmap -SS
b) nmap -SC
c) nmap –scripts vuln i
d) nmap -O -V

19) A hacker finds a system that has a poorly design and unpatched program installed. He wants to create a backdoor for himself. Which of the following tools could he use to establish a backdoor?

a) Metasploit
b) Nmap
c) Legion
d) Timestomp

20) Mention what flaw arises from session tokens having poor randomness across a range of values?

a) Session hijacking
b) CrOSs Site scripting
c) SQL Injectiion
d) None

21) What is the attack technique used to exploit web sites by altering backend database queries through inputting manipulated queries?

a) LDAP Injection
b) XML Injection
c) SQL Injection
d) OS Commanding

22) when user input is placed into EMAIL headers without adequate sanitization, allowing an attacker to inject additional headers with arbitrary values. This results in:

a) SQL Injection
b) OS Command Injection
c) XSS
d) SMTP header injection

23) Which of the following is most common intercepting tool?

a) Commix
b) BeEF
c) SQL Map
d) Owasp ZAP

24) Which of the following best describes the difference between a port scanner and a vulnerability scanner?

a) Port scanners test only for the availability of services; vulnerability scanners check for a particular version or patch level of service.
b) Port scanners compile a listing of all hardware present within a network segment; vulnerability scanners check for the availability of services.
c) Vulnerability scanners test only for the availability of services; port scanners check for a particular version or patch level of service
d) Vulnerability scanners compile a listing of all hardware present within a network segment; port scanners test for the availability of services.

25) Point out the wrong statement.

a) SQL injection vulnerabilities occur whenever input is used in the construction of an SQL query without being adequately constrained or sanitized.
b) SQL injection allows an attacker to access the SQL servers and execute SQL code under the privileges of the user used to connect to the database.
c) The use of PL-SQL opens the door to these vulnerabilities
d) None of the mentioned

26) Point out the correct statement.

a) Parameterized data cannot be manipulated by a skilled and determined attacker
b) Procedure that constructs SQL statements should be reviewed for injection vulnerabilities
c) The primary form of SQL injection consists of indirect insertion of code
d) None of the mentioned

27) A hacker has managed to gain access to the /etc/passwd file on a Linux host. What can the hacker obtain from this file?

a) The root username and password
b) Userņames, but no passwords
c) No Usernames and passwords
d) Usernames and passwords

28) Which of the following input sources can be directly controlled by a malicious user?

a) Windows users
b) Server configuration files
c) GET/POST parameters
d) Ports and network resources

29) ______ is an attack that forces an end user to execute unwanted actions on a web application in which he/she is currently authenticated?

a) Two-factor authentication
b) Cross-site request forgery
c) Cross-site scripting
d) Cross-site scoring scripting

30) Mention what threat can be avoided by having unique usernames produced with a high degree of entropy?

a) Insecure Deserialization
b) Authorization Bypass
c) DOS Attack
d) SQL injection

31) Which of the following refers to a solution allowing administrators to block internet access for users until they perform a required action?

a) Honeypot
b) Quarantine network
c) Captive portal
d) Firewall

32) How is risk affected if users have direct access to a database at the system level?

a) Risk of unauthorized access increases, but the risk of untraceable changes to the database decrease
b) Risk of unauthorized and untraceable changes to the database increase
c) Risk of unauthorized access decreases, but the risk of untraceable changes to the database increase
d) Risk of unauthorized and untraceable changes to the database decrease

33) Which attack can execute scripts in the user’s browser and is capable of hijacking user sessions, defacing websites or redirecting the user to malicious sites?

a) SQL Injection
b) Malware Uploading
c) Man in the middle
d) Cross-site scripting

34) Enumeration is done to gain information. Which of the following cannot be achieved using enumeration?

a) IP Tables
b) SNMP data, if not secured appropriately
c) Private chats
d) List of user name and password policies

35) Which of the command is not correct for network host discovery?

a) Netdiscover
b) Netstat -vn
c) Nmap -sP <ip»/24
d) Arp-scan <ip>/24

36) Even our emails contain the IP address of the sender which helps in the enumeration. We can get this IP from _______ from within the email.

a) 'forward' option
b) 'show original option
c) 'Show full email
d) 'View Original option

37) Which of the tool in the Linux environment can help you to route complete system traffic to the onion.

a) Tails
b) Nipe
c) Proxychains
d) Tor

38) Which of the following statement is NOT true?

a) Disaster recovery deals with how to cope when something goes wrong.
b) Physical security is the term used to describe protection provided outside a computer system.
c) Contingency planning is not part of the disaster recovery process.
d) Backing up data is a recovery method.

39) Attackers commonly target _____________ for fetching IP address of a target or victim user.

a) Websites
b) Web pages
c) IP Tracker
d) Emails

40) Point out the correct statement.

a) Different types of cloud computing service models provide different levels of security services
b) Adapting your on-premises systems to a cloud model requires that you determine what security mechanisms are required and mapping those to controls that exist in your chosen cloud service provider
c) Data should be transferred and stored in an encrypted format for security purpose
d) All of the mentioned

41) How to set SUID bit to the file?

a) #chmod 4555 [path]
b) #chmod 2555 [path]
c) #chmod 1777 [path]
d) None of the above

42) “\/bin/ls -al” is a payload for which injection attack?

a) SQL Injection
b) HTML Injection
c) OS Command Injection
d) All of the above

44) Maximum no of IP’s that can be given to hosts on a single subnet that use 255.255.255.224 subnet mask?

a) 16
b) 24
c) 30
d) 27

45) In the process of Reconnaissance a organisation or system compromise of which CIA triad of security?

a) Availability
b) Integrity
c) Confidentiality
d) Authentication

Industrial Training (Ethical Hacking) Exa

Industrial Training (Ethical Hacking) Exa

Exam Summary

Information

Results

Results

Categories

1. Question

2. Question

3. Question

4. Question

5. Question

6. Question

7. Question

8. Question

9. Question

10. Question

11. Question

12. Question

13. Question

14. Question

15. Question

16. Question

17. Question

18. Question

19. Question

20. Question

21. Question

22. Question

23. Question

24. Question

25. Question

26. Question

27. Question

28. Question

29. Question

30. Question

31. Question

32. Question

33. Question

34. Question

35. Question

36. Question

37. Question

38. Question

39. Question

40. Question

41. Question

42. Question

43. Question

44. Question

Our Live Interactive Session Uncut Version

Our Live Interactive Session
Uncut Version