CSI454 Sample Practice Questions Semester TWO 2022

//– Information Security Fundamentals

What are the main challenges associated with information security in most
organisations today?
i. Compliance to government laws and regulations
ii. Lack of qualified and skilled cybersecurity professionals
iii. Relocation of sensitive data from legacy data centers to the cloud
iv. Difficulty in centralizing security in a distributed computing
environment
v. Bring Your Own Device (BYOD) policies in companies
vi. Fragmented and complex privacy and data protection regulations{
a) All
b) i, ii, iii and iv
c) ii, iii, iv, v and vi
d) None
}

Which of the following best describes the relationship between the attacker
Motives, Goals, and Objectives in Information Security Attacks?{
a) Attacks = Motive (Goal) + Method + Vulnerability
b) Attacks = Motive (Goal) + Method + objectives
c) Attacks = Motive + Objectives+ Method
None
}

Below are some of the classification of attacks in information security except?

{
a) Active
b) passive
c) Insider Attacks
d) DDoS
}

With reference to information security vectors, what term is used to describe

an attack that is focused on stealing information from the victim machine
without the user being aware of it?
a) Advanced Persistent Threats (APT)
b) Ransomware
c) Cloud Computing Threats
d) Viruses and Worms

With reference to information security, which vector restricts access to the

computer system’s files and folders and demands an online ransom payment
to the malware creator(s) in order to remove the restrictions?{
a) Advanced Persistent Threats (APT)
b) Ransomware
c) Cloud Computing Threats
d) Viruses and Worms

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

The practice of sending an illegitimate email falsely claiming to be from a

legitimate site in an attempt to acquire a user’s personal or account
information is known as? {
a) Botnet
b) Phishing
c) Insider Attack
d) Viruses and Worms
}

Which proprietary information security standard is widely adopted by

organizations that handle cardholder information for major debit, credit,
prepaid, e-purse, ATM, and POS cards?{
a) PCI DSS
b) ISO/IEC 27001:2013
c) HIPAA
d) SOX)
}

Which proprietary information security standard is widely adopted by

organizations that specifies the requirements for establishing, implementing,
maintaining, and continually improving an information security management
system within the context of the organization?{
a) PCI DSS
b) ISO/IEC 27001:2013
c) HIPAA
d) SOX)
}

Which proprietary information security standard is widely adopted by

organizations that provides a comprehensive framework for ensuring the
effectiveness of information security controls over information resources that
support Federal operations and assets? ?{
a) FISMA
b) NIST
c) HIPAA
d) SOX
}

Which act in information security protect individuals concerning the

processing of personal data?{
a) DPA
b) GDPR
c) Privacy Act
d) Copyright Act
}

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

In order to show improvement of security over time, what must be

developed?
A. Reports
B. Testing tools
C. Metrics
D. Taxonomy of vulnerabilities

The use of technologies like IPSec can help guarantee the following:
authenticity, integrity, confidentiality and:
A. non-repudiation.
B. operability.
C. security.
D. usability.

A security policy will be more accepted by employees if it is consistent and

has the support of:
A. coworkers.
B. executive management.
C. the security officer.
D. a supervisor.

1. Which of the following elements of information security ensures that a

recipient
receives the original message from the sender without any modifications
during transit?
a. Confidentiality
b. Integrity
c. Availability
d. Authenticity

2. Which of the following attack vectors involves the use of a huge network of
compromised systems by attackers to perform denial-of-service attacks on
the target
network or systems?
a. Botnet

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

b. Virus
c. APT
d. Keylogger
3. Which of the following civilian acts enforces “Electronic Transactions and
Code Set
Standards”?
a. HIPAA
b. ISO/IEC
c. PCI/DSS
d. Sarbanes Oxley Act

Which of the following is not a responsibility of the data or systems owner?

a. To identify, describe, and designate the sensitivity of their applications
systems
b. To ensure that appropriate security control requirements are included
in specifications
c. To assess security requirements by evaluating application assets,
threats, and vulnerabilities
d. To develop industry best practices

When implementing a security control, an information security manager

needs to be especially aware of:
a. Change control management
b. What the organization’s competition is doing
c. A promotion to production procedure
d. The impact on the end-user community

A security analyst is performing an audit on the network to determine if there

are any deviations from the security policies in place. The analyst discovers
that a user from the IT department had a dial-out modem installed. Which
security policy must the security analyst check to see if dial-out modems are
allowed?

A. Firewall-management policy
B. Acceptable-use policy
C. Remote-access policy
D. Permissive policy

//– Ethical Hacking Fundamentals

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

What term is used by security professionals to understand the adversary’s

tactics, techniques, and procedures beforehand?{
A. Cyber Kill Chain Methodology
B. Cyber threat modelling
C. Cyber threat actors
D. Cyberbullying
}

In cyber kill chain, what defines an attacker who create a deliverable

malicious payload using an exploit and a backdoor? {
A. Weaponization
B. Exploitation
C. Command and Control
D. Installation
}

In cyber kill chain, what defines an attacker who install malware on the
target system? {
A. Weaponization
B. Exploitation
C. Command and Control
D. Installation
}

What is the term used to describe patterns of activities and methods

associated with specific threat actors or groups of threat actors in information
security? {
A. Tactics
B. TTPs
C. Techniques
D. Procedures
}

Which of the following best describes the clues, artifacts, and pieces of
forensic data found on the network or operating system of an organization
that indicate a potential intrusion or malicious activity in the organization’s
infrastructure?{
A. Indicators of Attack (IoA)
B. Indicators of Malware(IoM)
C. Indicators of Compromise (IoC)
D. Indicators of Threats (IoT)

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

Which of the best following describes exploiting system vulnerabilities and

compromising security controls to gain unauthorized or inappropriate access
to a system’s resources?{
A. Exploitation
B. Weaponization
C. Hacking
D. Vulnerability Scanning
}

Which of the best following describes a class of hacker that exploit system
vulnerabilities with no knowledge of the target organisation?{
A. White hats
B. grey hats
C. Black hats
D. Suicide hackers
}

Type of reconnaissance that involves directly interacting with the target by

any means is known as.{
A. Active
B. Passive
C. Idle
D. None
}

Below are the hacking methodologies that are used during the penetration
testing exercise {
A. Reconnaissance, Scanning, Gaining access, Maintaining access and
Clearing tracks.
B. Reconnaissance, Gaining access, Maintaining access and Clearing
tracks.
C. Reconnaissance, Gaining access, Enumeration, Maintaining access
and Clearing tracks.
D. None
}

Most organizations recruit ethical hackers due to the following except?{

A. To analyze and strengthen an organization’s security posture

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

B. To provide adequate preventive measures in order to avoid security

breaches
C. To uncover vulnerabilities in systems and explore their potential as a
security risk
D. To act as sponsored hackers
}

Below are the tools that are used for performing reconnaissance except?{
A. IMCP Traceroute
B. TCP Traceroute
C. UDP Traceroute
D. Nmap
}

Below are the tools that are used for performing scanning except?{
A. IMCP Traceroute
B. Unicornscan
C. MegaPing
D. Nmap
}

Below are the tools that are used for performing enumeration except?{
A. NetScan
B. Nbtstat
C. NetBIOS Enumerator
D. Hyena
}

//True of false
Security professionals do not need to perform continuous monitoring of IoCs
to effectively and efficiently detect and respond to evolving cyber threats { }
Understanding IoCs helps security professionals to quickly detect the threats
against the organization and protect the organization from evolving threats {
}
Behavioral Indicators cannot be used to identify specific behavior related to
malicious activities { }
Criminal syndicates are groups of individuals that are involved in organized,
planned, and prolonged criminal activities. They illegally embezzle money by
performing sophisticated cyberattacks { }

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

An ethical hacker can only help the organization to better understand its
security system; it is up to the organization to place the right safeguards on
the network. { }

Technical skills of an Ethical Hacker involves the ability to learn and adopt
new technologies quickly. { }
Non-Technical skills of an Ethical Hacker In-depth knowledge of major
operating environments such as Windows, Unix, Linux, and Macintosh. { }

Which indicator of compromise (IoC) is discovered by performing an analysis

of the infected system within the organizational network?{
A. Email Indicators
B. Behavioural Indicators
C. Network Indicators
D. Host-Based Indicators
}

Which indicator of compromise (IoC) is used to send malicious data to the

target organization or individual?{
A. Email Indicators
B. Behavioural Indicators
C. Network Indicators
D. Host-Based Indicators
}

Which indicator of compromise (IoC) is useful for command and control,

malware delivery, identifying the operating system, and other tasks?{
A. Email Indicators
B. Behavioural Indicators
C. Network Indicators
D. Host-Based Indicators
}

Which command line switch would be used in NMAP to perform operating

system detection?
A. -OS
B. -sO
C. -sP
D. -O

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

Which of the following problems can be solved by using Wireshark?

A. Tracking version changes of source code
B. Checking creation dates on all webpages on a server
C. Resetting the administrator password on multiple systems
D. Troubleshooting communication resets between two systems

A penetration tester was hired to perform a penetration test for a bank. The
tester began searching for IP ranges owned by the bank, performing lookups
on the bank's DNS servers, reading news articles online about the bank,
watching what times the bank employees come into work and leave from
work, searching the bank's job postings (paying special attention to IT related
jobs), and visiting the local dumpster for the bank's corporate office. What
phase of the penetration test is the tester currently in?
A. Information reporting
B. Vulnerability assessment
C. Active information gathering
D. Passive information gathering

A tester has been hired to do a web application security test. The tester
notices that the site is dynamic and must make use of a back end database.
In order for the tester to see if SQL injection is possible, what is the first
character that the tester should use to attempt breaking a valid SQL request?
A. Semicolon
B. Single quote
C. Exclamation mark
D. Double quote

A security consultant is trying to bid on a large contract that involves

penetration testing and reporting. The company accepting bids wants proof
of work so the consultant prints out several audits that have been performed.
Which of the following is likely to occur as a result?

A. The consultant will ask for money on the bid because of great work.
B. The consultant may expose vulnerabilities of other companies.
C. The company accepting bids will want the same type of format of testing.
D. The company accepting bids will hire the consultant because of the great
work performed.

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

In which of the following phases of the cyber kill chain methodology does the
adversary create a tailored malicious payload based on the vulnerabilities
identified??
a. Installation
b. Command and control
c. Exploitation
d. Weaponization

2. Which of the following terms refers to the patterns of activities and methods
associated with specific threat actors or groups of threat actors that are used
to analyze and profile them to enhance an organization’s security?
a. Tactics, techniques, and procedures
b. Tactics, technology, and procedures
c. Tactics, tricks, and process
d. Tactics, technology, and process

3. Identify the type of hackers recruited by organizations to enhance their

cybersecurity by reporting all vulnerabilities to the system and network for
remediation.
a. State sponsor hacker
b. Ethical hacker
c. Industrial spy
d. Organized hacker

4. Ethical hackers can be categorised in to various classes. The following are

hackers classes except?
~Whitehat
~Blackhat
~Greyhat
=Bluehat

These hackers have limited or no training and know how to use only basic
techniques or tools. What kind of hackers are we talking about?
A. Black-Hat Hackers
B. Script Kiddies
C. White-Hat Hackers

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

D. Gray-Hat Hacker

While checking the settings on the internet browser, a technician finds that
the proxy server settings have been checked and a computer is trying to use
itself as a proxy server. What specific octet within the subnet does the
technician see?
A. 10.10.10.10
B. 127.0.0.1
C. 192.168.1.1
D. 192.168.168.168

// Module 03 – Information Security Threats and Vulnerability Assessment

Which of the following best explains a potential occurrence of an

undesirable event that can eventually damage and disrupt the operational
and functional activities of an organization?{
A. Threat
B. Hacker
C. Vulnerability
D. Risk
}

Below are broad categories of threat sources except?{

A. Natural
B. Unintentional
C. Intentional
D. Internal or external
}

What term is used in information security to describe a malicious software that

damages or disables computer systems and gives limited or full control of the
systems to the malware creator for the purpose of theft or fraud?{
A. Threat
B. Ransomware
C. Spyware
D. Malware
}

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

Below are the significances of malware after it penetrate through

organisations network and systems except? {
A. Steal personal information
B. Track websites
C. Disable computing programs
D. Speed up computer processes
}

Malware can enter a system through diverse ways. Which one of the
following way can deliver malware using phishing campaign? {
A. Email attachment
B. Portable hardware
C. Instant Messenger applications
D. Bluetooth and wireless networks
}

Common Techniques are used by Attackers Use to Distribute Malware on the

Web. Which on the following technique involves mimicking legitimate
institutions in an attempt to steal login credentials?{
A. Spear-phishing Sites
B. Spam Emails
C. Social Engineered Click-jacking
D. Malvertising
}

A components of Malware that incorporate a program that conceals its

code and intended purpose via various techniques, and thus, makes it hard
for security mechanisms to detect or remove it is referred to as?{
A. Obfuscator
B. Crypter
C. Dropper
D. Payload
}

A components of Malware that incorporate A type of Trojan that covertly

installs other malware files on to the system?{
A. Obfuscator
B. Crypter
C. Dropper
D. Payload
}

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

//True/False
The components of a malware software depend on the requirements of the
malware author who designs it for a specific target to perform intended tasks
{}
A malicious code is a command that defines malware’s basic functionalities
such as stealing data and creating backdoors { }
An injector is a program that injects its code into other vulnerable running
processes and changes how they execute to hide or prevent its removal { }

Below are the main types of Malware in information security except?{

A. Trojan
B. Ransomware
C. Viruses
D. Crypter
}

What type of malware show Indications of Attack that results in to the

computer screen blinking, flipping upside-down, or is inverted so that
everything is displayed backward, the default background or wallpaper
settings change automatically, Web pages suddenly open without input from
the user, antivirus programs are automatically disabled and pop-ups with
bizarre messages suddenly appear? {
A. Trojan
B. Ransomware
C. Viruses
D. Computer Worms
}

A self-replicating program that produces its own copy by attaching itself to

another program, computer boot sector or document is known as?{
A. Trojan
B. Ransomware
C. Viruses
D. Computer Worms
}
Viruses are generally transmitted through file downloads, infected disk/flash
drives, and as email attachments{ }

Below are the indications of virus attack infection except?{

A. degraded performance

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

B. Browser window “freezes”

C. Constant antivirus alerts
D. computer screen blinks
}

A virus can be created in two different ways?{

A. Writing a Virus Program and Virus Maker Tools
B. Using scripting and PowerShell
C. Using Email attachment and batch file
D. None
}

Which type of malware that restricts access to the computer system’s files
and folders. This malware also demands users for online ransom payment to
the malware creator(s) to remove the restrictions? {
A. Trojan
B. Ransomware
C. Viruses
D. Computer Worms

Which type of malware execute malicious programs that independently

replicate, execute, and spread across the network connections and
consume available computing resources without human interaction then
attackers in turn use payloads to install backdoors in infected computers? {
A. Trojan
B. Ransomware
C. Viruses
D. Computer Worms }

A worm is a special type of malware that can replicate itself and use memory
but cannot attach itself to other programs { }
A worm takes advantage of file or information transport features on
computer systems and automatically spreads through the infected network,
but a virus does not { }

Below are the tools that can be used to generate worms except?{
A. Batch Worm Generator
B. C++ Worm Generator
C. Maker Thing

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

D. Bat Tool
}

What are programs that hide their presence as well as attacker’s malicious
activities, granting them full access to the server or host at that time, and in
the future? {
A. Rootkits
B. Viruses
C. Ransomware
D. Worms
}

PUAs and also referred to as grayware or junkware and are harmful that they
may pose severe risks to the security and privacy of data stored in the system
where they are installed. What does PUA stand for? {
A. Potentially Unwanted Application
B. Potentially Uninfected Application
C. Potentially Unwanted Access
D. Potentially Uninfected Access
}

Below are the types of PUAs except {

A. Adware
B. Crypto mining
C. Torrent
D. Crypter
}

A stealthy program that records the user's interaction with the computer and
the Internet without the user's knowledge and sends the information to the
remote attackers is known as?{
A. Spyware
B. Viruses
C. Ransomware
D. Worms
}

What type of malware works by collection of compromised computers

connected to the Internet to perform a distributed task resulting in to an

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

infected system that performs repetitive work or acts as an agent or as a user

interface to control other programs?{
A. Botnets
B. Spyware
C. Ransomware
D. Worms
}

Attackers use Botnets to perform DDoS attacks, which consume the

bandwidth of the victim’s computers { }
Attackers cannot use sniffer to steal information from one botnet and use it
against another botnet{ }
What type of malware infects legitimate software, applications, and other
protocols existing in the system to perform various malicious activities. This
type of malware also leverages any existing vulnerabilities to infect the
system and resides in the system’s RAM? {
A. Fileless Malware
B. Spyware
C. Rootkits
D. Worms
}

Below are the reasons for using Fileless malware in cyber attacks? {
A. All
B. Stealthy in nature, exploits legitimate system tools
C. Living-off the-land, exploits default system tools
D. Trustworthy, Uses tools that are frequently used and trusted
}

Fileless malware can be propagated using phishing, Infection through lateral

movement, Registry manipulation, Malicious websites, Memory code injection
and Script-based Injection techniques { }

Avoid opening email attachments received from unknown senders, Block all
unnecessary ports at the host and firewall, Avoid accepting programs
transferred by instant messaging, Harden weak and default configuration
settings. Which malware type exhibit the above countermeasures? {
A. Trojan
B. Spyware
C. Ransomware
D. Worms

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

Install antivirus software and update it regularly, Schedule regular scans for all
drives after the installation of antivirus software, Pay attention to the
instructions while downloading files from the Internet, Avoid opening
attachments received from an unknown sender and Regularly maintain data
backup. Which malware type exhibit the above countermeasures?{
A. Virus and Worm
B. Spyware
C. Ransomware
D. Trojan
}

A newly discovered flaw in a software application would be considered

which kind of security vulnerability?
A. Input validation flaw
B. HTTP header injection vulnerability
C. 0-day vulnerability
D. Time-to-check to time-to-use flaw

Which of the following is an application that requires a host application for

replication?
A. Micro
B. Worm
C. Trojan
D. Virus

Which of the following is considered an acceptable option when managing

a risk?
A. Reject the risk.
B. Deny the risk.
C. Mitigate the risk.
D. Initiate the risk.

1. Sam recently joined as a network admin in an organization. He failed to

comprehend all the security practices during his training but pretended to
have acquired adequate skills. With mediocre knowledge, he left a few
loopholes in the firewall implementation that eventually led to unwanted
network intrusions. Identify the threat source that led the way to this perimeter
breach.

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

a. External threat
b. Intentional threat
c. Natural threat
d. Unintentional threat

2. Which of the following malware components hides the malware presence

and protects the malware from reverse engineering, thus making it difficult to
be detected by security solutions?
a. Exploit
b. Injector
c. Crypter
d. Payload

3. Which of the following Trojans can an attacker use for the auto-deletion of
files, folders,
and registry entries as well as local network drives to cause the operating
system to fail?
a. Defacement Trojan
b. Backdoor Trojan
c. Destructive Trojan
d. e-Banking Trojan

The results of the likelihood that a given threat-source were to be used is

termed:

a. Vulnerability
b. Risk
c. Control
d. Probability

There are three basic forms of threat-sources. These are human threats,
environmental threats, and what other kind of threat?
a. Tangible
b. Intangible
c. Terror
d. Natural

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

A flaw or weakness in system security procedures, design, implementation, or

internal controls that could be exercised and result in a security breach or
violation of the system’s security policy is called:
a. Vulnerability
b. Typical
c. Virus
d. Logic bomb

Two major types of risk analysis are:

a. Threat and controls
b. Errors and omissions
c. Quantitative and qualitative
d. Vulnerability and management

To convey a risk by using other options to compensate for loss, such as

purchasing insurance, is referred to as:
a. Risk transfer
b. Risk assumption
c. Risk planning
d. Risk limitation

A hacker named Jack is trying to compromise a bank's computer system. He

needs to know the operating system of that computer to launch further
attacks. What process would help him?
A. Banner Grabbing
B. IDLE/IPID Scanning
C. SSDP Scanning
D. UDP Scanning

When a security analyst prepares for the formal security assessment - what of
the following should be done in order to determine inconsistencies in the
secure assets database and verify that system is compliant to the minimum
security baseline?
A. Data items and vulnerability scanning
B. Interviewing employees and network engineers
C. Reviewing the firewalls configuration
D. Source code review

Which of the following tools will scan a network to perform vulnerability

checks and compliance auditing?

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

A. NMAP
B. Metasploit
C. Nessus
D. BeEF

// Module 04 – Password Cracking Techniques and Countermeasures

Which of the following best describes Password Cracking Techniques?
I. Password cracking techniques are used to recover passwords from
computer systems
II. Attackers use password cracking techniques to gain unauthorized
access to vulnerable systems
III. Most of the password cracking techniques are successful because
of weak or easily guessable passwords
{
A. I and II only
B. I, II and III only
C. III only
D. All
}

Use of alphanumeric passwords is one of the best practice that need to be

adopted by any organisation that requires password complexity { }

The attacker creates a list of all possible passwords from the information
collected through social engineering or any other way and manually inputs
them on the victim’s machine to crack the passwords with high Failure rate.
What is type of password attack is explained? {
A. Password Guessing
B. Offline Attacks
C. Dictionary Attack
D. Brute-Force Attack
}

Which of the following is a type of password attack?{

A. All
B. Passive Online Attacks
C. Dictionary Attack
D. Brute-Force Attack

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

Which of the following tools are used to perform password cracking?

A. Aircrack.
B. Cain and Abel.
C. Medusa.
D. All of them

1. Identify the default authentication method in Microsoft operating systems

that uses secret-key cryptography for validating identities.
a. Kerberos
b. LM
c. NTLM
d. SAM
2. Which of the following techniques involves gaining information by listening
to someone’s conversion or reading private messages being shared between
them?
a. Tailgating
b. Dumpster diving
c. Eavesdropping
d. Piggybacking

3. Messy, an ex-employee of an organization, was fired because of misuse of

resources and security violations. He sought revenge against the company
and targeted its network, as he is already aware of its network topology.
Which of the following categories of insiders does Messy belong to?
a. Malicious insider
b. Negligent insider
c. Professional insider
d. Compromised insider

// Module 05 – Social Engineering Techniques and Countermeasures

The art of convincing people to reveal confidential information is known as?{

A. Social Engineering
B. Phishing
C. Cyber Tricking

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

D. None
}

Social engineers depend on the fact that people are aware of the valuable
information to which they have access and are careless about protecting it {
}

Common Targets of Social Engineering applies to?{

A. All
B. Receptionists and Help-Desk Personnel
C. System Administrators and Senior Executives
D. Vendors of the Target Organization
}

Below is the impact of Social Engineering Attack on any Organization?{

A. All
B. Damage of goodwill and Loss of privacy
C. Lawsuits and arbitration
D. Dangers of terrorism and Economic losses
}

Below can be a Factor that Make Companies Vulnerable to social

engineering attack?{
A. All
B. Insufficient security training
C. Unregulated access to information
D. Lack of security policies
}

Social engineering does not deal with network security issues; instead, it deals
with the psychological manipulation of a human being to extract desired
information. With the above statement why do you think Social Engineering
can be much effective to avert attacks? {
A. All
B. Security policies are as strong as their weakest link, and human
behavior is the most susceptible factor
C. It is difficult to detect social engineering attempts
D. There is no method that can be applied to ensure complete security
from social engineering attacks
}

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

Which phases of a Social Engineering Attack involves Identifying frustrated

employees of the target company and then Collect sensitive account and
financial information as well as current technologies respectively?{
A. Select a Target and Develop a Relationship
B. Research the Target Company and Develop a Relationship
C. Select a Target and Exploit the Relationship
D. Research the Target Company and Exploit the Relationship
}

What of the following is a type of Social Engineering?{

A. Human-based Social Engineering
B. Computer-based Social Engineering
C. Mobile-based Social Engineering
D. All
}

Impersonation is a ________________ type of social engineering?{

A. Human-based
B. Computer-based
C. Mobile-based
D. Phishing based
}

During social engineering, you discover that some windows suddenly pop up
while surfing the Internet and ask for user information to login or sign-in. What
type social engineering displays such? {
A. Human-based Social Engineering
B. Computer-based Social Engineering
C. Mobile-based Social Engineering
D. None
}

Harmful insiders who use their technical knowledge to identify weaknesses

and vulnerabilities in the company’s network and sell confidential information
to competitors or black-market bidders are known as?{
A. Professional Insider
B. Malicious Insider
C. Compromised Insider
D. Negligent Insider

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

Below are Types of Insider Threats that organisations can surface? {

A. Professional Insider
B. Malicious Insider
C. Compromised Insider
D. All
}

A cybercrime activity that involves an imposter who steals your personally

identifiable information such as name, credit card number, social security or
driver’s license numbers, etc. to commit fraud or other crimes is know as?{
A. Identity Theft
B. Insider Threat
C. Outsider Threat
D. Identity smuggling
}

Which of the following is a countermeasure to Social Engineering? {

A. Password Policies
B. Physical Security Policies
C. Defence Strategy
D. All
}

Which of the following tool can be used for performing Social Engineering
task? {
A. SET
B. GoPhish and OhPhish
C. Netcraft and phishtank
D. All
}

//Module 06 – Network Level Attacks and Countermeasures

What type of attack technique sends specially crafted packets to the remote
OS and analyses the received response by interacting directly with the
target system?
A. Passive
B. Reflective

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

C. Active
D. Distributive

1.Below are various network-level attacks except

a. Sniffing
b. denial-of-service
c. session hijacking
d. password cracking

2. Which of the following techniques does an attacker use to compromise the

network switches’ security for sniffing all the traffic passing through it?
a. MAC flooding
b. UDP flooding
c. SYN flooding
d. DNS spoofing

3. Martin, a hacker, aimed to crash a target system. For this purpose, he

spoofed the source IP address with the target’s IP address and sent many
ICMP ECHO request packets to an IP broadcast network, causing all the hosts
to respond to the received ICMP ECHO requests and ultimately crashing the
target machine. Identify the type of attack performed by Martin in the above
scenario.
a. UDP flood attack
b. Smurf attack
c. Fragmentation attack
d. Multi-vector attack

4. In which of the following phases of session hijacking does an attacker

change the sequence number or acknowledgment number (SEQ/ACK) of
the server to halt data transmission to a legitimate user?
a. Command injection
b. Session desynchronization
c. Session ID prediction
d. Packet injection
Which of the following attacks would compromise the integrity of system
information?
a. Denial-of-service
b. Smurf

DrTM
CSI454 Sample Practice Questions Semester TWO 2022

c. SQL Injection
d. Fraggle

//Module 07 - Web Application Attacks and Countermeasures

1. Which of the following web-server components facilitates storage on

another machine or disk if the original disk becomes full, in addition to
providing object-level security?
a. Server root
b. Document root
c. Virtual document tree
d. Web proxy

2. Which of the following web application vulnerabilities allow untrusted data

to be interpreted and executed as part of a command or query?
a. Injection flaws
b. Insufficient logging
c. Insufficient monitoring
d. Broken access control

3. In which of the following attacks does an attacker inject an additional

malicious query into an original query to make a DBMS execute multiple SQL
queries?
a. Piggybacked query
b. Illegal/logically incorrect query
c. System stored procedure
d. Tautology

DrTM