What is ethical hacking?
- A
Hacking with permission to find vulnerabilities
- B
Hacking for financial gain
- C
Hacking for personal revenge
- D
Hacking without permission
Master Ethical Hacking with 130+ curated MCQs covering footprinting, scanning, system hacking, malware, network attacks, web security, cryptography, social engineering, wireless security, tools, and forensics. Perfect for CEH, exams, interviews, and placements.
What is ethical hacking?
Hacking with permission to find vulnerabilities
Hacking for financial gain
Hacking for personal revenge
Hacking without permission
What is a white hat hacker?
An ethical hacker who works with permission
A hacker who breaks the law
A hacker who steals data
A hacker who attacks governments
What is a black hat hacker?
A hacker who breaks into systems illegally
An ethical hacker
A hacker who helps organizations
A penetration tester
What is a grey hat hacker?
A hacker who may break laws but not for malicious purposes
A hacker who is always ethical
A hacker who works for the government
A hacker who only attacks criminals
Which certification is common for ethical hackers?
CEH (Certified Ethical Hacker)
CCNA
MCSE
OCP
What is the difference between vulnerability assessment and penetration testing?
VA identifies weaknesses; PT exploits them
PT identifies weaknesses; VA exploits them
Both are the same
VA is automated; PT is manual
What is footprinting in ethical hacking?
Gathering information about a target system
Scanning for open ports
Exploiting vulnerabilities
Gaining access to a system
Which tool is used for DNS enumeration?
nslookup
Nmap
Metasploit
Wireshark
Which of the following is a passive reconnaissance technique?
Searching public records
Port scanning
Network sniffing
Social engineering
What is WHOIS used for?
To query domain registration information
To scan ports
To crack passwords
To encrypt data
Which command is used to trace the route to a target?
tracert
nslookup
ping
netstat
What is the purpose of Google dorking?
To find sensitive information using advanced search operators
To hack Google
To scan for open ports
To perform DDoS attacks
Which tool is widely used for network scanning?
Nmap
Metasploit
Burp Suite
John the Ripper
What is a SYN scan?
A TCP half-open scan
A UDP scan
A full TCP connect scan
An Xmas scan
What is the purpose of a port scan?
To discover open ports on a target
To exploit vulnerabilities
To crack passwords
To perform social engineering
Which Nmap option performs a version detection scan?
-sV
-sS
-sU
-sA
What is banner grabbing?
Retrieving service information from open ports
Grabbing a banner from a website
Stealing user credentials
Performing a DoS attack
Which tool is used for SNMP enumeration?
snmpwalk
nmap
netcat
nslookup
What is password cracking?
Obtaining passwords through various techniques
Encrypting passwords
Changing passwords
Deleting passwords
Which attack uses a dictionary of common words?
Dictionary attack
Brute force attack
Rainbow table attack
Phishing
What is a rainbow table?
A precomputed table for reversing cryptographic hash functions
A table of passwords
A firewall rule set
A routing table
What is privilege escalation?
Gaining higher-level permissions on a system
Lowering user permissions
Encrypting files
Deleting system files
Which command is used to add a user in Linux?
useradd
adduser
Both A and B
usermod
What is a rootkit?
Malware that hides its presence and provides backdoor access
A type of antivirus
A firewall
A vulnerability scanner
What is a virus?
Malware that replicates by attaching to files
Malware that self-propagates over networks
Malware that disguises as legitimate software
Malware that encrypts files
What is a worm?
Malware that self-propagates without user interaction
Malware that attaches to files
Malware that encrypts files
Malware that steals passwords
What is a Trojan horse?
Malware disguised as legitimate software
Malware that replicates like a virus
Malware that spreads via email
Malware that encrypts files
What is ransomware?
Malware that encrypts files and demands payment
Malware that steals credentials
Malware that spreads via USB drives
Malware that logs keystrokes
What is a keylogger?
Malware that records keystrokes
Malware that encrypts files
Malware that steals passwords
Malware that spreads via email
What is the difference between a virus and a worm?
Virus needs a host file; worm is standalone
Worm needs a host file; virus is standalone
Both are the same
Virus spreads over networks; worm does not
What is a Denial of Service (DoS) attack?
Flooding a system to make it unavailable
Gaining unauthorized access
Stealing sensitive data
Modifying data
What is a DDoS attack?
Distributed Denial of Service using multiple machines
Direct Denial of Service
Dynamic Denial of Service
Data Denial of Service
What is a man-in-the-middle (MITM) attack?
Intercepting and possibly altering communication between two parties
Impersonating a server
Flooding a network
Cracking passwords
What is ARP spoofing?
Sending fake ARP messages to associate an attacker's MAC address with a target's IP
Spoofing an IP address
Spoofing a DNS
Spoofing a MAC address
What is a session hijacking attack?
Stealing a valid session token to gain unauthorized access
Overloading a session
Encrypting session data
Logging out a user
What is sniffing?
Capturing and analyzing network traffic
Sending fake packets
Decrypting encrypted traffic
Flooding a network
What is the OWASP Top 10?
A list of top web application security risks
A list of secure coding practices
A list of firewall rules
A list of encryption algorithms
What is SQL Injection?
Injecting SQL queries through input fields to manipulate the database
Injecting JavaScript into web pages
Injecting commands into the OS
Injecting HTML tags
What is Cross-Site Scripting (XSS)?
Injecting malicious scripts into web pages
Injecting SQL queries
Injecting commands into the OS
Faking HTTP requests
What is Cross-Site Request Forgery (CSRF)?
Forcing a user to execute unwanted actions on a web application
Injecting scripts into web pages
Stealing cookies
SQL injection
Which tool is used for intercepting and modifying HTTP/S traffic?
Burp Suite
Nmap
Metasploit
Wireshark
What is the purpose of input validation?
To prevent injection attacks by sanitizing user input
To speed up the application
To improve UI
To handle errors
What is the difference between encryption and hashing?
Encryption is reversible; hashing is irreversible
Hashing is reversible; encryption is irreversible
Both are reversible
Both are irreversible
What is symmetric encryption?
Uses the same key for encryption and decryption
Uses different keys for encryption and decryption
Uses no key
Uses a public and private key
What is asymmetric encryption?
Uses a pair of keys (public and private)
Uses the same key
Uses no key
Uses a shared secret
What is a hash function?
A function that maps data of arbitrary size to a fixed-size value
A function that encrypts data
A function that decrypts data
A function that compresses data
What is the purpose of digital signatures?
To verify authenticity and integrity of a message
To encrypt messages
To compress messages
To hide messages
What is SSL/TLS used for?
Secure communication over the internet
File transfer
Email encryption
Database encryption
What is social engineering?
Manipulating people into revealing confidential information
Hacking computer systems
Writing malware
Performing penetration testing
What is phishing?
A fraudulent attempt to obtain sensitive information via email
A type of malware
A network attack
A physical security breach
What is pretexting?
Creating a fabricated scenario to obtain information
Sending fake emails
Making phone calls pretending to be someone else
Both A and C
What is baiting?
Leaving infected USB drives to lure victims
Sending emails with malware
Creating fake websites
Calling victims
What is tailgating?
Following an authorized person into a restricted area
Sending fake emails
Calling to trick users
Hacking a network
What is a vishing attack?
Voice phishing via phone calls
Email phishing
SMS phishing
Malware phishing
What is WEP?
Wired Equivalent Privacy - an older wireless encryption protocol
Wi-Fi Protected Access
A type of firewall
A routing protocol
What is WPA?
Wi-Fi Protected Access
Wired Equivalent Privacy
Wireless Personal Area Network
Wide Area Network
What is WPA2?
An improved version of WPA using AES encryption
An older version of WEP
A wired security protocol
A type of malware
What is a rogue access point?
An unauthorized wireless access point
A secure access point
A public Wi-Fi hotspot
A VPN
What is a deauthentication attack?
Sending deauth frames to disconnect clients from a WLAN
Encrypting wireless traffic
Scanning for open ports
Performing a DOS attack
Which tool is used to crack WEP/WPA passwords?
Aircrack-ng
Nmap
Metasploit
John the Ripper
What is Metasploit?
A penetration testing framework
A network scanner
A password cracker
A vulnerability scanner
What is Wireshark?
A network protocol analyzer
A port scanner
A password cracker
A web application scanner
What is John the Ripper?
A password cracking tool
A network scanner
A vulnerability scanner
A firewall
What is Nessus?
A vulnerability scanner
A penetration testing framework
A network sniffer
A password cracker
What is Burp Suite used for?
Web application security testing
Network scanning
Password cracking
Wireless cracking
What is Snort?
An intrusion detection/prevention system
A network scanner
A password cracker
A firewall
What is the first step in incident response?
Preparation
Detection and analysis
Containment
Eradication
What is the goal of digital forensics?
To preserve, analyze, and present digital evidence
To hack systems
To install malware
To crack passwords
What is a write blocker?
A device that prevents writing to a storage device during forensic analysis
A software that encrypts data
A firewall rule
A type of malware
What is a chain of custody?
The chronological documentation of evidence handling
A chain of command
A type of lock
A network topology
What is the difference between an incident and a breach?
A breach is a specific type of incident involving data exposure
They are the same
Breach is an attempted attack; incident is successful
Incident is always malicious
Which tool is commonly used for memory forensics?
Volatility
Wireshark
Nmap
Metasploit
What is the CIA triad?
Confidentiality, Integrity, Availability
Confidentiality, Identity, Access
Control, Integrity, Access
Confidentiality, Integrity, Authentication
Which command is used for DNS zone transfer?
dig axfr
nslookup -type=any
host -l
All of the above
What is a null scan?
A TCP scan with no flags set
A UDP scan
A SYN scan
A FIN scan
What is the SAM file in Windows?
The Security Account Manager file storing password hashes
A system log file
A configuration file
A network file
What is a polymorphic virus?
A virus that changes its code to evade detection
A virus that encrypts files
A virus that steals passwords
A virus that self-propagates
What is a Smurf attack?
A DDoS attack using ICMP echo requests with spoofed source
A SYN flood attack
A UDP flood attack
A DNS amplification attack
What is command injection?
Injecting operating system commands through input fields
Injecting SQL commands
Injecting JavaScript
Injecting HTML
What is a certificate authority (CA)?
An entity that issues digital certificates
A hashing algorithm
A symmetric encryption algorithm
A type of firewall
What is spear phishing?
A targeted phishing attack on a specific individual
A mass phishing email
A phishing attack via SMS
A phishing attack via phone
What is EVIL Twin attack?
Setting up a rogue access point with the same SSID as a legitimate one
Cracking WEP keys
Deauthenticating clients
Sniffing wireless traffic
What is the purpose of a fuzzer?
To send malformed input to find vulnerabilities
To scan ports
To crack passwords
To sniff traffic
What is a forensic image?
An exact bit-by-bit copy of a storage device
A compressed backup
A screenshot
A log file
What is a security audit?
A systematic evaluation of security controls
A penetration test
A vulnerability scan
A social engineering test
What is the purpose of using social media for footprinting?
To gather personal information about targets
To hack social media accounts
To spread malware
To perform phishing
What is an ICMP echo request?
A ping packet
A SYN packet
A FIN packet
A UDP packet
What is the difference between local and remote privilege escalation?
Local is from within the system; remote is from outside
Remote is from within; local is from outside
Both are the same
Local requires physical access
What is a boot sector virus?
A virus that infects the master boot record
A virus that infects files
A virus that infects email
A virus that infects networks
What is a DNS spoofing attack?
Forcing a DNS server to return a false IP address
Flooding a DNS server
Hacking a DNS server
Encrypting DNS queries
What is a directory traversal attack?
Accessing files outside the web root directory
Injecting SQL commands
Injecting JavaScript
Injecting commands
What is a salt in password hashing?
Random data added to passwords before hashing
A type of encryption
A hash function
A type of key
What is a watering hole attack?
Compromising a website frequented by the target
Phishing emails
USB baiting
Tailgating
What is a WPS attack?
Exploiting Wi-Fi Protected Setup to recover the PIN
Cracking WEP
Deauth attack
Evil twin
What is the use of a honeypot?
To lure attackers and study their behavior
To block attacks
To scan for vulnerabilities
To encrypt traffic
What is the purpose of a hash value in forensics?
To verify the integrity of evidence
To encrypt evidence
To compress evidence
To hide evidence
What is a zero-day vulnerability?
A vulnerability unknown to the vendor
A vulnerability that has been patched
A vulnerability that is not exploitable
A vulnerability found in old software
What is the use of Shodan?
To search for internet-connected devices and services
To scan for vulnerabilities
To crack passwords
To perform DDoS
What is an ACK scan?
A TCP scan with the ACK flag set to determine firewall rules
A SYN scan
A UDP scan
A FIN scan
What is the /etc/passwd file in Linux?
A file storing user account information
A file storing passwords
A configuration file
A log file
What is a logic bomb?
Malware that triggers when specific conditions are met
Malware that replicates itself
Malware that encrypts files
Malware that steals credentials
What is a ping flood?
A DoS attack using ICMP echo requests
A DDoS attack using SYN packets
A UDP flood
A DNS amplification
What is a security misconfiguration?
Improperly configured security settings leading to vulnerabilities
A firewall rule
An encryption key
A strong password
What is the purpose of a nonce?
A number used once in cryptographic communication
A type of key
A hash function
A certificate
What is the difference between phishing and spear phishing?
Spear phishing is targeted at specific individuals
Phishing is targeted; spear is broad
Both are the same
Spear phishing uses malware
What is the purpose of a Wi-Fi jammer?
To interfere with wireless signals
To crack passwords
To sniff traffic
To secure a network
What is the use of OpenVAS?
An open-source vulnerability scanner
A penetration testing framework
A network sniffer
A password cracker
What is the difference between containment and eradication?
Containment stops the incident from spreading; eradication removes the cause
Eradication stops the spread; containment removes the cause
Both are the same
Containment is only for network incidents
What is a vulnerability?
A weakness that can be exploited
A threat actor
A security control
A patch
What is the purpose of netcraft?
To gather information about websites and servers
To scan ports
To crack passwords
To perform DDoS
What is the difference between a vulnerability scan and a penetration test?
Vulnerability scan identifies potential weaknesses; penetration test exploits them
Penetration test identifies weaknesses; scan exploits them
Both are the same
Scan is manual; test is automated
What is a backdoor?
A hidden method of accessing a system
A type of firewall
A vulnerability scanner
A password
What is a spyware?
Malware that secretly gathers user information
Malware that encrypts files
Malware that self-propagates
Malware that corrupts files
What is a replay attack?
Replaying captured network traffic to gain unauthorized access
Flooding a network
Cracking passwords
Sniffing traffic
What is the purpose of a Web Application Firewall (WAF)?
To filter and monitor HTTP traffic for attacks
To scan for vulnerabilities
To encrypt data
To manage certificates
What is the difference between public key and private key?
Public key is shared; private key is kept secret
Private key is shared; public key is secret
Both are shared
Both are secret
What is an impersonation attack?
Pretending to be someone else to gain information
Sending fake emails
Leaving infected USB drives
Following someone into a building
What is the difference between WPA2-PSK and WPA2-Enterprise?
PSK uses a pre-shared key; Enterprise uses a RADIUS server
Enterprise uses a pre-shared key; PSK uses RADIUS
Both use the same
PSK is more secure
What is the use of Hydra?
A password cracking tool for network services
A vulnerability scanner
A network sniffer
A web application scanner
What is the importance of timestamps in forensics?
To establish a timeline of events
To encrypt evidence
To compress evidence
To hide evidence
What is the difference between a vulnerability and an exploit?
A vulnerability is a weakness; an exploit is a technique to use it
An exploit is a weakness; a vulnerability is a technique
Both are the same
Vulnerabilities are always patched
What is a zone transfer?
Copying DNS records from a DNS server
Transferring files
Transferring network packets
Transferring email
What is the purpose of using nmap's -O option?
To detect the operating system
To scan for open ports
To perform a version scan
To perform a script scan
What is the difference between a local and remote exploit?
Local exploit requires prior access; remote exploit works over the network
Remote exploit requires prior access; local works over the network
Both are the same
Local exploits are more severe
What is a dropper?
Malware used to install other malware
Malware that encrypts files
Malware that steals credentials
Malware that self-propagates
What is a teardrop attack?
An attack using overlapping IP fragments to crash a system
A SYN flood
A UDP flood
A DNS amplification
What is the purpose of security headers like Content-Security-Policy?
To prevent XSS and other injection attacks
To encrypt data
To compress data
To authenticate users
What is the purpose of a digital certificate?
To bind a public key with an identity
To encrypt data
To hash data
To compress data
What is the difference between phishing and smishing?
Phishing uses email; smishing uses SMS
Smishing uses email; phishing uses SMS
Both use email
Both use phone calls
What is the purpose of a wireless intrusion prevention system (WIPS)?
To detect and prevent unauthorized wireless access
To crack wireless passwords
To sniff wireless traffic
To amplify wireless signals
What is the purpose of sqlmap?
To automate SQL injection detection and exploitation
To scan for open ports
To crack passwords
To sniff traffic