Government Polytechnic, Ratnagiri

Computer Engineering Department

ETI 22618 QUESTION BANK
UNIT NO 5 BASICS OF HACKING
a) Black Hat hackers
Hackers who help in finding bugs and vulnerabilities in
b) White Hat Hackers
1 a system & don’t intend to crack a system are
c) Grey Hat Hackers
termed as _________
d) Red Hat Hackers
a) Cracking
Which is the legal form of hacking based on which jobs b) Non ethical Hacking
2 c) Ethical hacking
are provided in IT industries and firms?
d) Hactivism
They are nefarious hackers, and their main motive is to a) Gray Hat Hackers
3 gain financial profit by doing cybercrimes. b) White Hat Hackers
c) Hactivists
Who are “they” referred to here? d) Black Hat Hackers
a) Grey Hat hackers
_______ are the combination of both white as well as b) Green Hat hackers
4
black hat hackers. c) Blue Hat Hackers
d) Red Hat Hackers
a) Sponsored Hackers
The amateur or newbie in the field of hacking who don’t
b) Hactivists
5 have many skills about coding and in-depth working of
c) Script Kiddies
security and hacking tools are called _____
d) Whistle Blowers
a) who break a system for some specific purpose with or without keeping in mind that they
b) individuals with no knowledge of codes but an expert in using hacking tools footprints
6 Suicide Hackers are those _____
c) who know the consequences of their hacking activities and hence try to prevent them by
d) who are employed in an organization to do malicious activities on other firms
a) State sponsored hackers
Criminal minded individuals who work for terrorist
b) Blue Hat Hackers
7 organizations and steal information of nations and
c) Cyber Terrorists
other secret intelligence are ________
d) Red Hat Hackers
One who disclose information to public of a company, a) Sponsored hackers
organization, firm, government and private agency and b) Crackers
8
he/she is the member or employee of that organization; c) Hactivist
such individuals are termed as _________ d) Whistleblowers
These types of hackers are the most skilled hackers in a) White hat Hackers
b) Elite Hackers
9 the hackers’ community. Who are “they”
c) Licensed Penetration Testers
referred to?
d) Red Hat Hackers
 Government Polytechnic, Ratnagiri
Computer Engineering Department
ETI 22618 QUESTION BANK
UNIT NO 5 BASICS OF HACKING
a) IT Security Engineer
_______ are those individuals who maintain and handles b) Cyber Security Interns
10
IT security in any firm or organization. c) Software Security Specialist
d) Security Auditor
a) secure the network
b) probe for safety and security of organization"s security components and systems
11 Role of security auditor is to __
c) detects and prevents cyber-attacks and threats to organization
d) does penetration testing on different web applications
______are senior level corporate employees who have a) Ethical Hackers
b) Chief Technical Officer
12 the role and responsibilities of creating and
c) IT Security Engineers
designing secured network or security structures. d) Security Architect
_______ security consultants uses database security a) Database
b) Network
13 monitoring & scanning tools to maintain security to
c) System
different data residing in the database / servers / cloud.
d) Hardware
a) Special Hackers
Governments hired some highly skilled hackers. These b) Government Hackers
14
types of hackers are termed as _____ c) Cyber Intelligence Agents
d) Nation / State sponsored hackers
Someone (from outside) who tests security issues for a) Black Hat hacker
b) External penetration tester
15 bugs before launching a system or application, and who
c) Blue Hat hacker
is not a part of that organization or company are ______ d) White Hat Hacker
a) Malfunctioned Software
b) Multipurpose Software
16 The full form of Malware is ______
c) Malicious Software
d) Malfunctioning of Security
a) Criminal organizations, Black hat hackers, malware developers, cyber-terrorists
b) Criminal organizations, White hat hackers, malware developers, cyber-terrorists
17 Who deploy Malwares to a system or network?
c) Criminal organizations, Black hat hackers, software developers, cyber-terrorists
d) Criminal organizations, gray hat hackers, Malware developers, Penetration testers
a) HTML injection
_________ is a code injecting method used for attacking b) SQL Injection
18
the database of a system / website. c) Malicious code injection
d) XML Injection
 Government Polytechnic, Ratnagiri
Computer Engineering Department
ETI 22618 QUESTION BANK
UNIT NO 5 BASICS OF HACKING
a) Extreme Secure Scripting
b) Cross Site Security
19 XSS is abbreviated as ___________
c) X Site Scripting
d) Cross Site Scripting
a) SQL injection
. This attack can be deployed by infusing a malicious
b) HTML Injection
20 code in a website’s comment section. What is
c) Cross Site Scripting (XSS)
“this” attack referred to here?
d) Cross Site Request Forgery (XSRF)
a) Database crash attack
When there is an excessive amount of data flow, which
b) DoS (Denial of Service) attack
21 the system cannot handle, attack
c) Data overflow Attack
takes place.
d) Buffer Overflow attack
Compromising a user’s session for exploiting the user’s a) Session Hijacking
data and do malicious activities or misuse b) Session Fixation
22
user’s credentials is called _____ c) Cookie stuffing
d) Session Spying
a) Remote Unauthorised access
b) Inserting malware loaded USB to a system
23 Which of this is an example of physical hacking?
c) SQL Injection on SQL vulnerable site
d) DDoS (Distributed Denial of Service) attack
a) Eavesdropping
b) MAC Spoofing
24 Which of them is not a wireless attack?
c) Wireless Hijacking
d) Phishing
a) Cyber-crime
An attempt to harm, damage or cause threat to a system b) Cyber Attack
25
or network is broadly termed as ____ c) System hijacking
d) Digital crime
a) Keyhijacking
Which method of hacking will record all your b) Keyjacking
26
keystrokes? c) Keylogging
d) Keyboard monitoring
 Government Polytechnic, Ratnagiri
Computer Engineering Department
ETI 22618 QUESTION BANK
UNIT NO 5 BASICS OF HACKING
a) Keylogger
_________are the special type of programs used for b) Trojans
27
recording and tracking user’s keystroke. c) Virus
d) Worms
a) Worm
b) Virus
28 Stuxnet is a ______
c) Trojan
d) Antivirus
a) Confidentiality
According to the CIA Triad, which of the below- b) Integrity
29
mentioned element is not considered in the triad? c) Authenticity
d) Availability
a) Big data
______is the latest technology that faces an extra b) Database systems
30
challenge because of CIA paradigm. c) Cloud storages
d) Smart dust
a) Data clustering
b) Data backup
31 One common way to maintain data availability is ____
c) Data recovery
d) Data Altering
______is the practice and precautions taken to protect a) Network Security
valuable information from unauthorised b) Database Security
32
access, recording, disclosure or destruction. c) Information Security
d) Physical Security
a) flood
From the options below, which of them is not a b) without deleting data, disposal of storage media
33
vulnerability to information security? c) unchanged default password
d) latest patches and updates not done
a) Cloud workload protection platforms
_____ platforms are used for safety and protection of b) Cloud security protocols
34
information in the cloud. c) AWS
d) One Drive
 Government Polytechnic, Ratnagiri
Computer Engineering Department
ETI 22618 QUESTION BANK
UNIT NO 5 BASICS OF HACKING
a) Cloud access security brokers (CASBs)
___ technology is used for analyzing and monitoring b) Managed detection and response (MDR)
35
traffic in network and information flow. c) Network Security Firewall
d) Network traffic analysis (NTA)
a) Bug
Compromising confidential information comes under b) Threat
36
____ c) Vulnerability
d) Attack
a) Bug
b) Threat
37 Lack of access control policy is a _____
c) Vulnerability
d) Attack
a) reduced
b) transferred
38 Possible threat to any information cannot be ________
c) protected
d) ignored
a) 4
. How many basic processes or steps are there in ethical b) 5
39
hacking? c) 6
d) 7
a) Reconnaissance
______ is the information gathering phase in ethical b) Scanning
40
hacking from the target user. c) Gaining access
d) Maintaining access
a) Hping
Which of the following is not a reconnaissance tool or b) NMAP
41
technique for information gathering? c) Google Dorks
d) Nexpose
a) 2
b) 3
42 There are ______ subtypes of reconnaissance
c) 4
d) 5
 Government Polytechnic, Ratnagiri
Computer Engineering Department
ETI 22618 QUESTION BANK
UNIT NO 5 BASICS OF HACKING
a) Searching public records
Which of the following is an example of active b) Telephone calls as a help desk or fake customer care person
43
reconnaissance? c) Looking forthetarget"sdetails inthedatabase
d)Searchingthetarget"sdetails inpaperfiles
a) Telephonic calls to target victim
. Which of the following is an example of passive b) Attacker as a fake person for Help Desk support
44
reconnaissance? c) Talk to the target user in person
d) Search about target records in online people database
a) Vulnerability scanning
Which of them does not comes under scanning b) Sweeping
45
methodologies? c) Port Scanning
d) Google Dorks
a) NMAP
b) Nexpose
46 Which of them is not a scanning tool?
c) Maltego
d) Nessus
a) Scanning
Which of the following comes after scanning phase in b) Maintaining access
47
ethical hacking? c) Reconnaissance
d) Gaining access
a) Scanning
In ______ phase the hacker exploits the network or b) Maintaining access
48
system vulnerabilities. c) Reconnaissance
d) Gaining access
a) security officer
A ___can gain access illegally to a system if the system
b) malicious hacker
49 is not properly tested in scanning
c) security auditor
and gaining access phase
d) network analyst
a) Rootkits
Which of the following hacking tools and techniques
b) Backdoors
50 hackers’ do not use for maintaining access in
c) Trojans
a system?
d) Wireshark
 Government Polytechnic, Ratnagiri
Computer Engineering Department
ETI 22618 QUESTION BANK
UNIT NO 5 BASICS OF HACKING
a) Scanning
b) Tracks clearing
51 In _____ phase, the hackers try to hide their footprints
c) Reconnaissance
d) Gaining access
a) Altering log files
b) Tunnelling
52 Which of them is not a track clearing technique?
c) Port Scanning
d) Footprint removing
a) Scanning
b) Tracks clearing
53 ______ is the last phase of ethical hacking process.
c) Reconnaissance
d) Reporting
a) Black Hat hacking
b) White Hat hacking
54 Ethical Hacking is also known as _____
c) Encrypting
d) None of these
a) Scanner
b) Decoder
55 Tool(s) used by ethical hackers _______
c) Proxy
d) All of these
a) Strengths
b) Weakness
56 Vulnerability scanning in Ethical hacking finds
c) a & b
d) None of these
a) Remove
. Ethical hacking will allow to ________ all the massive
b) measure
57 security breaches.
c) Reject
d) None of these
Vulnerability scanning in Ethical hacking finds __, ___, a) B, C, D, A
__ ,__ b) B, A C, D
A) Maintaining Access
58 c) A, B, C, D
B) Reconnaissance
C) Scanning d) D, C, B, A
D) Gaining Access
 Government Polytechnic, Ratnagiri
Computer Engineering Department
ETI 22618 QUESTION BANK
UNIT NO 5 BASICS OF HACKING
a) Reconnaissance
____ phase in ethical hacking is known as the pre-attack b) Scanning
59
phase. c) Gaining access
d) Maintaining access
A. Social Engineering.
. ______ is the art of exploiting the human elements to
B. IT Engineering.
60 gain access to the authorized user.
C. Ethical Hacking.
D. None of the above.
A. G. Palma.
Who described a dissertation on fundamentals of B. Raymond.
61
hacker’s attitude? C. Either.
D. Jhon Browman.
A. Decade.
Computer Hackers have been in existence for more than B. Year.
62
a____. C. Century
D. Era.
A. Fame.
B. Profit.
63 Hackers do hack for?
C. Revenge.
D. All the above
A. Victims.
The intent of ethical hacker is to discover vulnerabilities
B. Attackers.
64 from a_____ point of view to better
C. Both A & B
secure system
D. None of these.
A. Entries.
B. Checklists.
65 Security audits are usually based on___
C. Both A & B
D. None of the above
A. Penetration testing.
B. Intrusion testing.
66 Ethical hacking consist of _______
C. Red teaming.
D. All of the above
 Government Polytechnic, Ratnagiri
Computer Engineering Department
ETI 22618 QUESTION BANK
UNIT NO 5 BASICS OF HACKING
A. Victim
._______ is a person who find and exploits the weakness B. Hacker
67
in computer system. C. Developer
D. None of the above.
A. Fix identifies weakness
B. Steal the data
68 A white hat hacker is the one who _____
C. Identifies the weakness and leave message to owner
D. None of the above
A. Fix identifies weakness
B. Steal the data
69 A black hat hacker is the one who _______
C. Identifies the weakness and leave message to owner
D. None of the above.
A. Fix identifies weakness

70 A grey hat hacker is the one who_______ B. Steal the data

C. Identifies the weakness and leave message to owner
D. None of the above
A. True
Keeping information secured can protect an organization B. False
71
image and save and organization lot of money

A. True
Information is a one of the most valuable assets of B. False
72
organization

A. Police
B. Forensics
73 To catch a thief, think like _____
C. Thief
D. Hacker
A. Firewall
B. Encryption
74 ._______can create false feeling of safety
C. VNPs
D. All the above
 Government Polytechnic, Ratnagiri
Computer Engineering Department
ETI 22618 QUESTION BANK
UNIT NO 5 BASICS OF HACKING
A. Nontechnical attacks
.______ exploits that involves manipulating people and
B. Network infrastructure attack
75 user even your self are the greatest
vulnerability within any computer C. Operating system attack
D. Application and other specialized attack
A. Nontechnical attacks
Connecting into network through a rogue modem
B. Network infrastructure attack
76 attached to computer behind a firewall is an
example of ____- C. Operating system attack
D. Application and other specialized attack
A. Nontechnical attacks
.______ comprise of large portion of hacker attacks
B. Network infrastructure attack
77 simply because every computer has one
C. Operating system attack
and so well know exploits can be used against them
D. Application and other specialized attack
A. Data gathering.
B. Attacking
78 .______ should be done before ethical hacking process.
C. Planning
D. Research
A. Written permission.
B. Decision maker permission
79 Which permission is necessary before ethical hacking?
C. Privacy permission
D. Risk permission.
A. Nmap
B. LC4
80 Which tool is used to crack the password?
C. ToneLOC
D. Nessus
A. Whisker
Which tool is used for depth analysis of a web B. Super scan
81
application? C. Nikto
D. Kismet
A. WebInspect
B. QualyGuard
82 Which tool is used to encrypt Email?
C. PGP (pretty good privacy)
D. None of the above.
 Government Polytechnic, Ratnagiri
Computer Engineering Department
ETI 22618 QUESTION BANK
UNIT NO 5 BASICS OF HACKING
A. Thieves
83 Malicious attacker often think like? B. Kidnapper
C. Both A & B
D. None of the above
A. Black hat hacker
Which hacker try to distribute political or social message B. Hactivist
84
through their work? C. Script kiddes
D. White hat hacker
A. Criminal
B. Antinationalist
85 ._______ are part of organized crime on internet.
C. Hacker for hire
D. None of the above
A. 2600
B. Hackin9
86 Which magazines releases the latest hacking methods?
C. PHRACK
D. All the above
A. a good
Performing a shoulder surfing in order to check other’s
B. not so good
87 password is ____________ ethical
C. very good social engineering practice
practice.
D. a bad
A. Automated apps
___________ has now evolved to be one of the most
B. Database software
88 popular automated tools for unethical
C. Malware
hacking.
D. Worms
A. True
Leaking your company data to the outside network
B. False
89 without prior permission of senior authority
is a crime.

A penetration tester must identify and keep in mind the A. privacy and security
___________ & ___________ B. rules and regulations
90
requirements of a firm while evaluating the security C. hacking techniques
postures. D. ethics to talk to seniors
 Government Polytechnic, Ratnagiri
Computer Engineering Department
ETI 22618 QUESTION BANK
UNIT NO 5 BASICS OF HACKING
A. stealing

The legal risks of ethical hacking include lawsuits due to B. disclosure

91
__________ of personal data. C. deleting
D. hacking
A. Know the nature of the organization
Before performing any penetration test, through legal
B. Characteristics of work done in the firm
92 procedure, which key points listed below
C. System and network
is not mandatory?
D. Type of broadband company used by the firm
a) A technique to identify vulnerabilities in a system or network
b) A technique to exploit vulnerabilities in a system or network
93 What is social engineering?
c) A technique to manipulate people into giving up sensitive information
d) A technique to fix vulnerabilities in a system or network
a) Black hat hacker.
b) White hat hacker.
94 The term cracker refers to……….
c) Grey hat hacker.
d) None of the above.
a) Black Hat Hacker
b) White Hat Hacker
95 The term refers hackers with unlawful intentions.
c) Gray Hat Hacker
d) Script kiddies
a) Black Hat Hacker.
Which type of hackers hack systems to discover
b) Gray Hat Hacker
96 vulnerabilities to protect against unauthorized
c) Ethical Hacker
access, abuse, and misuse?
d) Script kiddies
a) White Hat Hacker
Which type of hackers uses hacking to send social, b) Black Hat Hacker
97
religious, and political, etc. messages? c) Hacktivist
d) Script kiddies
a) White Hat Hacker
Which type of hacker hacks into computer systems
b) Black Hat Hacker
98 without authority with a view to identify weaknesses and
c) Gray Hat Hacker
reveal them to the system owner?
d) Hacktivist
 Government Polytechnic, Ratnagiri
Computer Engineering Department
ETI 22618 QUESTION BANK
UNIT NO 5 BASICS OF HACKING
a) Penetration testing.
b) Intrusion testing.
99 Ethical Hacking is also known as _____
c) Red teaming.
d) All of the above.
a) To cause damage to system
b) To gain unauthorized access to a system
100 What is main goal of ethical hacking?
c) To identify and fix security vulnerabilities
d) To steal sensitive information
a) Victim
……….. is a person who find and exploits the weakness b) Hacker
101
in computer system. c) Developer
d) None of the above.
a) Replication
……is similar to a backup, but it is a complete image of b) Backup
102
a protected system, including data and system files. c) Snapshots
d) DPLR
a) Authentication
b) Authorization
103 ……..assure that user privileges are applied correctly.
c) Replication
d) All of the Above
a) Right to erasure
Data subjects can ask data controllers to “forget” their b) Automated decision making
104
personal data is………. c) Transferring data outside the EU
d) Right to Control
a) GDPR Data Controller
Which entity that holds or processes personnel data on b) GDPR Data Processor
105
behalf of another organization? c) Data Protection Officer
d) All of the Above
a) Data privacy
____ is a set of strategies and processes you can use to
b) Data protection
106 secure the privacy, availability, and integrity of your
data. c) Data security
d) Both b and c
 Government Polytechnic, Ratnagiri
Computer Engineering Department
ETI 22618 QUESTION BANK
UNIT NO 5 BASICS OF HACKING
a) Data availability
…………involves automating the transmission of b) Data lifecycle management
107
critical data to offline and online storage. c) Information lifecycle management
d) All of the Above
a) Hack your systems in a non-destructive fashion.
b) Enumerate vulnerabilities and, if necessary, prove to upper management that vulnerabilities exis
108 Which of following is/are goal of ethical hacker?
c) Apply results to remove vulnerabilities and better secure your systems.
d) All of the Above
a) Protect the privacy of the organization been hacked.
b) Transparently report all the identified weaknesses in the computer system to the organization.
109 Which of following rule must obey by ethical hacker?
c) Inform hardware and software vendors of the identified weaknesses.
d) All of the Above
a) Nontechnical attacks
Breaking file system security is an example of which b) Network infrastructure attack
110
type of attack c) Operating system attack
d) Application and other specialized attack
a) Viruses
b) Worms,
111 Malicious software includes………..
c) Trojan horses
d) All of the Above
a) Working ethically
Ethical Hacker must obey which of following ethical b) Respecting privacy
112
hacking principle c) Not crashing your systems
d) All of the Above
a) A tool used to identify weaknesses in a system or network
b) A tool used to exploit vulnerabilities in a system or network
113 What is vulnerability scanner?
c) A tool used to monitor network traffic
d) A tool used to block email spam
a) 27th October 2000
The Information Technology Act 2000 is an Act of b) 15th December 2000
114
Indian Parliament notified on……….. c) 17th November 2000
d) 17th October 2000
 Government Polytechnic, Ratnagiri
Computer Engineering Department
ETI 22618 QUESTION BANK
UNIT NO 5 BASICS OF HACKING
a) 66B
The offense “Receiving stolen computer or
b) 67A
115 communication device” comes under ……section of
c) 66E
Cyber security Act 2000.
d) 66C
a) 68
The offense “Failure /refusal to decrypt data” comes b) 69
116
under ……..section of Cyber security Act 2000. c) 70
d) 71
a) Section 66A
b) Section 66B
117 Which section penalized sending "offensive messages"?
c) Section 66C
d) Section 66D
ities exist.

zation.