Ethical Hacking Essentials Complete Practice Test

Identify the element of information security that refers to the quality of being genuine or uncorrupted as a characteristic of any communication, documents, or any data.

Authenticity

John, a professional hacker, was hired by a government agency to penetrate, gain top-secret information from, and damage other government agencies' information systems or networks. Based on the above scenario, which of the following classes of hacker does John fall in?

state-sponsored hackers

The assurance that the systems responsible for delivering, storing, and processing information are accessible when required by authorized users is referred to by which of the following elements of information security?

Available

Identify the type of vulnerability assessment where the chances of finding the vulnerabilities related to OS and applications are higher, and it is highly unclear who owns the assets in large enterprises.

Credentialed assessment

Identify the type of threat actors that include groups of individuals or communities involved in organized, planned, and prolonged criminal activities and who exploit victims from distinct jurisdictions on the Internet, making them difficult to locate.

Criminal Syndicates

Identify the severity of CVSS v3.0 ratings with a base score range of 9.0-10.0.

Critical

Which of the following technique is a brute-force attack on encryption where all possible keys are tested in an attempt to recover the plaintext used to produce a particular ciphertext?

Cryptanalysis

Lionel, a professional hacker motivated by political beliefs, plans to employ various techniques to create fear of large-scale disruption of computer networks. Which of the following types of threat actors does Lionel belong to in the above scenario?

Cyber Terrorists

Elon, a disgruntled employee with access to sensitive data, intends to damage the organization's reputation. He shares all the critical information and blueprints with the competitor and benefits financially. Identify the threat source in the above scenario.

Internal threat

Given below is the syntax of the nbtstat command. "nbtstat [-a RemoteName] [-A IP Address] [-c] [-n] [-r] [-R] [-RR] [-s] [-S] [Interval]" Which of the following Nbtstat parameters in the above syntax purges the name cache and reloads all #PRE-tagged entries from the Lmhosts file?

-R

Identify the Nbtstat parameter that lists the contents of the NetBIOS name cache, the table of NetBIOS names, and their resolved IP addresses.

-c

Identify the Nbtstat parameter that displays a count of all names resolved by a broadcast or WINS server.

-r

Given below are different steps involved in password guessing. 1. Find a valid user 2. Rank passwords from high to low probability 3. Create a list of possible passwords 4. Key in each password until the correct password is discovered What is the correct sequence of steps involved in password guessing?

1 -> 3 -> 2 -> 4

Given below are the various phases of hacking. 1. Reconnaissance 2. Gaining access 3. Maintaining access 4. Clearing tracks 5. Scanning What is the correct sequence of phases involved in hacking?

1 -> 5 -> 2 -> 3 -> 4

John, a security specialist, was requested by a client organization to check whether the security testing process was performed according to standard. He implemented a security audit on the organization's network to ensure that the performed test was well-organized, efficient, and ethical. John has conducted the audit following the steps given below. 1. Talk to the client and discuss the needs to be addressed during testing 2. Analyze the results of the testing and prepare a report 3. Organize an ethical hacking team and prepare a schedule for testing 4. Conduct the test 5. Prepare and sign NDA documents with the client 6. Present the findings to the client Identify the correct sequence of the steps John has followed while performing the security audit.

1 -> 5 -> 3 -> 4 -> 2 -> 6

Which of the following port numbers is used by trojans such as Silencer and WebEx?

1001

Given below are the various phases involved in the cyber kill chain methodology. 1. Installation 2. Delivery 3. Reconnaissance 4. Actions on objectives 5. Weaponization 6. Exploitation 7. Command and control What is the correct sequence of phases involved in the cyber kill chain methodology?

3 -> 5 -> 2 -> 6 -> 1 -> 7 -> 4

Given below are various stages involved in the virus lifecycle. 1. Replication 2. Incorporation 3. Launch 4. Execution of the damage routine 5. Design 6. Detection Identify the correct sequence of stages involved in the virus lifecycle.

5 -> 1 -> 3 -> 6 -> 2 -> 4

Which of the following port numbers is used by the trojan "Telecommando" to perform malicious activities on the target machine?

61466

Joy, a professional hacker, targeted an organization's system using a special type of virus that hides its actual source of infection. The virus employed by Joy diverts the antivirus solutions by providing certain other random location even though it is residing in the system. Identify the type of virus employed by Joy in the above scenario.

Armored Virus

Identify the type of attack vector that focuses on stealing information from the victim machine without its user being aware and tries to deliver a payload affecting computer performance.

APT Attack

Mark, a professional hacker, targets his opponent's website. He finds susceptible user inputs, injects malicious SQL code into the database, and tampers with critical information. Which of the following types of attack did Mark perform in the above scenario?

Active Attack

Meghan, a professional hacker, was trying to gain unauthorized access to the admin-level system of the target organization. To hack the passwords used by admins, she employed various password cracking techniques such as internal monologue attack, Markov-chain attack, Kerberos password cracking, and LLMNR/NBT-NS poisoning. Identify the type of password attack performed by Meghan in the above scenario.

Active Online Attack

Don, a professional hacker, targeted Bob to steal the credentials of his bank account. Don lured Bob to install malicious software embedded with a keylogger. The keylogger installed on Bob's machine recorded all of Bob's keystrokes and transmitted them to Don. Using the keylogger, Don obtained the credentials of Bob's bank account and performed illegal transactions on his account. Identify the type of attack Don has performed in the above scenario.

Active online attacks

Which of the following countries has implemented "The Copyright Act 1968" and "The Patents Act 1990"?

Australia

David, a professional hacker, has initiated a DDoS attack against a target organization. He developed a malicious code and distributed it through emails to compromise the systems. Then, all the infected systems were grouped together to launch a DDoS attack against the organization. Identify the type of attack launched by David on the target organization.

Botnet

Which of the following types of trojan tricks regular computer users into downloading trojan-infected files to their systems through URL redirection and, post-download, connects back to the attacker using IRC channels?

Botnet trojans

Identify the technique used by the attacker that involves keyword stuffing, inserting doorway pages, page swapping, and adding unrelated keywords to get higher rankings for malware pages.

Black hat search engine optimization

Don, a professional hacker, targeted Johana's official email to steal sensitive information related to a project. Using a password cracking tool, Don tried all the possible combinations of password characters until it was cracked. Identify the type of password attack performed by Don in the above scenario.

Brute-force attack

Identify the type of software vulnerability that occurs due to coding errors and allows the attackers to gain access to the target system.

Buffer overflow

Which of the following viruses stores itself with the same filename as the target program file, infects the computer upon executing the file, and uses DoS to run COM files before executing EXE files?

Camouflage viruses

Identify the type of virus that overwrites a part of the host file with null constant without increasing the length of the file and maintains a constant file size when infecting, which allows the virus to evade detection.

Cavity Virus

In which of the following phases of hacking does an attacker employ steganography and tunneling techniques to retain access to the victim's system, remain unnoticed, and remove evidence that might lead to prosecution?

Clearing Tracks

Peter, a professional hacker, managed to gain total control of his target system and was able to execute scripts in the trojan. He then used techniques such as steganography and tunneling to remain undetected and to avoid legal trouble. Which of the following hacking phase was Peter currently performing in the above scenario?

Clearing Tracks

Ruby, a hacker, visited her target company disguised as an aspiring candidate seeking a job. She noticed that certain sensitive documents were thrown in the trash near an employee's desk. She collected these documents, which included critical information that helped her to perform further attacks. Identify the type of attack performed by Ruby in the above scenario.

Close in Attack

Identify the civilian act designed to protect investors and the public by increasing the accuracy and reliability of corporate disclosures.

Sarbanes - Oxley Act

In which of the following hacking phases do attackers extract information such as live machines, port, port status, OS details, device type, and system uptime to launch further attacks?

Scanning

An organization located in Europe maintains a large amount of user data by following all the security-related laws. It also follows GDPR protection principles, one of which states that the organization should only collect and process data necessary for the specified task. Which of the following GDPR protection principle is discussed in the above scenario?

Data Minimization

Identify the trojan that targets websites and physically changes the underlying HTML format, resulting in content modification.

Defacement trojans

In which of the following phases of cyber kill chain methodology does an adversary distribute USB drives containing malicious payload to the employees of the target organization?

Delivery

A computer user was trying to read the latest news articles from a popular website, but the user was prevented from accessing the resources of the website as certain underlying vulnerabilities in the webpage allowed an attacker to inject fake requests into the network; as a result, the server stopped responding to legitimate user requests. What is the impact caused due to vulnerabilities in the above scenario?

Denial of Service

James, a malware programmer, intruded into a manufacturing plant that produces computer peripheral devices. James tampered with the software inside devices ready to be delivered to clients. The tampered program creates a backdoor that allows unauthorized access to the systems. Identify the type of attack performed by James in the above scenario to gain unauthorized access to the delivered systems.

Distribution Attack

Benson, a professional hacker, uses a technique that can exploit browser vulnerabilities. Using this technique, he is able to install malware simply by visiting a web page, and the victim system gets exploited whenever the webpage is being explored. Which of the following technique was mentioned in the above scenario?

Drive by downloads

Which of the following malware distribution techniques involves exploiting flaws in browser software to install malware by merely visiting a web page?

Drive-by downloads

Eyan, a professional hacker, developed malicious code that contains a sequence of commands that can take advantage of a bug or vulnerability in a digital system or device. He used the malicious code to spy on information, install malware, and compromise system security. Identify the component of the malware developed by Eyan in the above scenario.

Exploit

Identify the trojan that uses port number 443 to infect the target systems and propagate malicious software to other systems.

Emotet

Identify the term that refers to IT professionals who employ their hacking skills for defensive purposes, such as auditing their systems for known vulnerabilities and testing the organization's network security for possible loopholes and vulnerabilities.

Ethical Hacker

Which of the following is the practice of employing computer and network skills in order to assist organizations in testing their network security for possible loopholes and vulnerabilities?

Ethical Hacking

In which of the following stages of the virus lifecycle does a user install antivirus updates and eliminate virus threats?

Execution of the damage routine

Jack, a professional hacker, was recruited by an agency to steal sensitive data from a rival company. From a remote location, he discovered vulnerabilities in the target company's network using a vulnerability scanner. He exploited them to intrude into the network and steal confidential data. Identify the threat source exploited by Jack in the above scenario.

External threats

Mark, a professional hacker, scanned the target system to check for running services or open ports. After successful scanning, he discovered an open FTP port, exploited it to install malware, and performed malicious activities on the victim system. In which of the following ways did Mark installed malware in the victim system?

File sharing services

Lopez, a penetration tester, executes different phases of the hacking cycle in her organization. She detects that the network is susceptible to password cracking, buffer overflows, denial of service, and session hijacking attacks. Identify the hacking phase Lopez was executing in the above scenario.

Gaining Access

Which of the following types of threat actors helps both hackers find various vulnerabilities in a system and vendors improve products by checking limitations to make them more secure?

Gray Hats

James, a professional pen tester, was appointed by an organization to perform a vulnerability assessment on server systems. James conducted a configuration-level check to identify system configurations, user directories, and file systems to evaluate the possibility of compromise for all the systems. Identify the type of vulnerability assessment James performed in the above scenario.

Host-based assessment

Which of the following ISO/IEC standard specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system within the context of an organization?

ISO/IEC 27001:2013

Allen, a CEO of a business organization, targeted his competitor. He penetrated the target network by using APTs and stayed undetected for years. He consequently gained access to critical information such as blueprints, formulas, product designs, marketing strategies, and trade secrets. Identify the class of hackers to which Allen belongs in the above scenario.

Industrial spies

Williams, an employee, was using his personal laptop within the organization's premises. He connected his laptop to the organization's internal network and began eavesdropping on the communication between other devices connected to the internal network. He sniffed critical information such as login credentials and other confidential data passing through the network. Identify the type of attack performed by Williams in the above scenario.

Insider Attack

Which of the following protocols was upgraded as a default authentication protocol on Windows OS to provide stronger authentication for client/server applications?

Kerberos

Which of the following protocols employs a key distribution center (KDC) that consists of two logically distinct parts, an authentication server (AS) and a ticket-granting server (TGS), and uses "tickets" to prove a user's identity?

Kerberos authentication

Kevin, a professional hacker, was hired to break into an organization's network and gather sensitive information. Kevin installed a virus that will be triggered when a specific date/time is reached, using which he can gain remote access and retrieve sensitive information. Identify the type of virus used by Kevin in the above scenario.

Logic bomb virus

Freddy, a professional hacker, targets sensitive information stored in document files of programs like Microsoft word. For this purpose, he uses a virus program that is written using VBA, which infects the documents and converts the infected documents into template files while maintaining their appearance as standard document files. Identify the type of virus employed by Freddy in the above scenario.

Macro virus

Anisha, a shopping freak, frequently uses many online websites for purchasing products without checking their legitimacy. While doing so, she unknowingly clicked on one of the shopping commercials expecting it to be authentic. However, this activity made her lose a huge amount of money from her account. Identify the technique employed to distribute malware in the above scenario.

Malvertising

Which of the following tools includes scanners such as comprehensive security scanners and port scanners and provides information such as NetBIOS names, configuration info, open TCP and UDP ports, transports, and shares?

MegaPing

Steve, a forensic expert, was appointed to evaluate an attack initiated on the organization's network. He performed an overall assessment of the network to identify the cause. During this process, he identified outbound connections to Internet services and a few applications running with debugging enabled. Which following category of vulnerabilities did Steve identify in the above scenario?

Misconfiguration

Which of the following viruses combines the approach of file infectors and boot record infectors and attempts to simultaneously attack both the boot sector and executable or program files?

Multipartite viruses

Which of the following is a default authentication scheme that performs authentication using a challenge/response strategy as it does not rely on any official protocol specification and has no guarantee to work effectively in every situation?

NTLM

Which of the following is a U.S. government repository of standards-based vulnerability management data and enables the automation of vulnerability management, security measurement, and compliance?

National Vulnerability Database (NVD)

Which of the following file less propagation techniques involves exploiting pre-installed tools in Windows OS such as PowerShell and Windows Management Instrumentation (WMI) to install and run malicious code?

Native applications

Daniel, an employee working from home, was assigned a task to complete within a half-day, but due to frequent power failures at his residential area, he failed to accomplish the task. Which of the following threats was demonstrated in the above scenario?

Natural threats

Identify the malware component that compresses the malware file by using compression techniques to convert the code and data of the malware into an unreadable format.

Packer

Timberly, a professional hacker, targeted a Windows machine to leverage the Kerberos authentication mechanism to manipulate its services. Timberly compromised the machine of an end-user who was trying to access the target machine's services and stole their ST/TGT to masquerade as a valid user. Using the stolen TGT, Timberly gained unauthorized access to the network services of the target machine. Identify the type of attack performed by Timberly in the above scenario.

Pass the ticket

Which of the following attacks is launched either by stealing the ST/TGT from an end-user machine and using it to disguise the attackers as valid users or by stealing the ST/TGT from a compromised AS?

Pass the ticket

Which of the following malware components performs the desired activity when activated and is used to delete or modify files to compromise system security?

Payload

Andrew, a professional hacker, drafts an email that appears to be legitimate and attaches malicious links to lure victims; he then distributes it through communication channels or mails to obtain private information like account numbers. Identify the type of attack vector employed by Andrew in the above scenario.

Phishing

Irin is a security professional in an organization. The organization instructed her to investigate a security incident that exposed critical information such as credit card/debit card details, account holder name, and CVV number. While investigating the incident, Irin found that the systems are infected with financial fraudulent malware that targeted the payment equipment. Identify the type of malware detected by Irin in the above scenario.

Point-of-sale trojans

Melvin, an attacker, targeted an administrator of the targeted organization to gain unauthorized access to its server machine. He created a lookup file containing precomputed hashes of the password previously obtained using brute-force attempts. He compared these hashes with the administrator credentials and discovered a match to access the server. Identify the attack technique implemented by Melvin in the above scenario.

Rainbow table attack

Jack is working as a malware analyst in an organization. He was assigned to inspect an attack performed against the organization. Jack determined that the attacker had restricted access to the main computer's files and folders and was demanding an online payment to remove these restrictions. Which of the following type of attack has Jack identified in the above scenario?

Ransomware

Don, a professional hacker, initiated an attack on a target organization. During the course of this attack, he employed automated tools to collect maximum weak points, vulnerabilities, and other sensitive information across the target network. Which of the following phases of cyber kill chain methodology is Don currently executing in the above scenario?

Reconnaissance

John, a professional hacker, targeted an employee of an organization to intrude and gain access to the corporate network. He employed a sniffer to capture packets and authentication tokens between the employee and the organization's server. After extracting relevant information, he transmitted the captured tokens back to the server to gain access as a legitimate user. Identify the type of attack performed by John in the above scenario.

Replay attack

Joe, a professional hacker, initiated an attack against Bob by tricking him into downloading a free software program embedded with a keylogger labeled as trusted. As the program was labeled trusted, the antivirus software installed on Bob's system failed to identify it as malicious software. As a result, the malicious software recorded all the key strokes entered by Bob and transmitted them to Joe. Identify the application Joe employed in the above scenario to lure Bob into installing malicious software.

Rogue / Decoy application

Serin, a professional hacker, injected a backdoor into a target system that specifically attacked the root or system OS. When the backdoor is executed, he will obtain administrator-level access to the target system. Identify the type of malware utilized by Serin in the above scenario.

Rootkit trojans

Which one of the following vulnerabilities is NOT an example of misconfiguration vulnerability?

Running only necessary services on a machine

Jack, a professional hacker, created a malicious hyperlink and injected it into a website that appeared legitimate to trick users into clicking the link. When a victim clicked on a malicious link, the malware embedded in the link is executed without the knowledge or consent of the victim. Identify the technique employed by Jack to distribute malware in the above scenario. Jack, a professional hacker, created a malicious hyperlink and injected it into a website that appeared legitimate to trick users into clicking the link. When a victim clicked on a malicious link, the malware embedded in the link is executed without the knowledge or consent of the victim. Identify the technique employed by Jack to distribute malware in the above scenario.

Social engineered click-jacking

Which of the following malware distribution techniques involves mimicking legitimate institutions in an attempt to steal login credentials?

Spear-phishing sites

Identify the metric used in CVSS assessment that represents the features that continue to change during the lifetime of the vulnerability.

Temporal Metric

Which of the following titles in The Digital Millennium Copyright Act (DMCA) allows the owner of a copy of a program to make reproductions or adaptations when these are necessary to use the program in conjunction with a system?

Title III: Computer Maintenance or Repair

Which of the following PUAs compel users to download large files to download unwanted programs with peer-to-peer file sharing features?

Torrent

Identify the type of virus whose life is directly proportional to the life of its host, which means it executes only upon the execution of its attached program and terminates upon the termination of its attached program.

Transient virus

Which of the following malware masks itself as a benign application or software that initially appears to perform a desirable or benign function but steals information from a system?

Trojan

Identify the reason why organizations recruit ethical hackers.

Uncover vulnerabilities in systems and explore their potential as a risk

Sam, a new employee at an organization, received a phishing mail from an unauthorized source on his official email ID. As Sam was not trained on email security, he opened the email and clicked on the malicious link within the email, allowing the attacker to gain backdoor access to the office network. Identify the threat source in the above scenario.

Unintentional threats

Clara, a security professional, while checking the data feeds of the domains, detects downloaded malicious files and unsolicited communication with the outside network based on the domains. Which of the following adversary behaviors was detected by Clara?

Unspecified proxy activities

James, a student, was curious about hacking. Although he does not possess much knowledge about the subject, he initiated a DoS attack on a website using freely available tools on the Internet. As the website already has some sort of security controls, it detected unusual traffic and blocked James's IP address. Which of the following types of threat sources is discussed in the above scenario?

Unstructured external threats

Which of the following types of trojan uses port number 445 to infect the target system entry and exit points for application traffic?

WannaCry

In which of the following phases of cyber kill chain methodology does the adversary create a deliverable malicious payload using an exploit and a backdoor?

Weaponization

Identify the individuals who are also known as security analysts or ethical hackers.

White Hats

Lucifer, a professional hacker, targeted an organization for certain financial benefits. He employed a technique that sniffs out credentials during transit by capturing Internet packets from the target network. Using this technique, Lucifer gained passwords to rlogin sessions. Identify the type of attack performed by Lucifer in the above scenario.

Wiretapping

Which of the following malware programs can replicate, execute, and spread across network connections independent of human intervention?

Worms

Identify the type of vulnerabilities exploited by an attacker before they are identified and patched by the developers.

Zero-day vulnerabilities

Which of the following Google advanced search operators displays websites that are similar to the URL specified?

related