🛡️ 130+ Questions • Updated 2026

Ethical Hacking Multiple Choice Questions

Master Ethical Hacking with 130+ curated MCQs covering footprinting, scanning, system hacking, malware, network attacks, web security, cryptography, social engineering, wireless security, tools, and forensics. Perfect for CEH, exams, interviews, and placements.

📚13 Topics
130+ Questions
🎯Exam Ready

📚Explore Ethical Hacking Topics

📝Ethical Hacking MCQs(131 questions)

1

What is ethical hacking?

  • A

    Hacking with permission to find vulnerabilities

  • B

    Hacking for financial gain

  • C

    Hacking for personal revenge

  • D

    Hacking without permission

Show Answer
A. Hacking with permission to find vulnerabilities
2

What is a white hat hacker?

  • A

    An ethical hacker who works with permission

  • B

    A hacker who breaks the law

  • C

    A hacker who steals data

  • D

    A hacker who attacks governments

Show Answer
A. An ethical hacker who works with permission
3

What is a black hat hacker?

  • A

    A hacker who breaks into systems illegally

  • B

    An ethical hacker

  • C

    A hacker who helps organizations

  • D

    A penetration tester

Show Answer
A. A hacker who breaks into systems illegally
4

What is a grey hat hacker?

  • A

    A hacker who may break laws but not for malicious purposes

  • B

    A hacker who is always ethical

  • C

    A hacker who works for the government

  • D

    A hacker who only attacks criminals

Show Answer
A. A hacker who may break laws but not for malicious purposes
5

Which certification is common for ethical hackers?

  • A

    CEH (Certified Ethical Hacker)

  • B

    CCNA

  • C

    MCSE

  • D

    OCP

Show Answer
A. CEH (Certified Ethical Hacker)
6

What is the difference between vulnerability assessment and penetration testing?

  • A

    VA identifies weaknesses; PT exploits them

  • B

    PT identifies weaknesses; VA exploits them

  • C

    Both are the same

  • D

    VA is automated; PT is manual

Show Answer
A. VA identifies weaknesses; PT exploits them
7

What is footprinting in ethical hacking?

  • A

    Gathering information about a target system

  • B

    Scanning for open ports

  • C

    Exploiting vulnerabilities

  • D

    Gaining access to a system

Show Answer
A. Gathering information about a target system
8

Which tool is used for DNS enumeration?

  • A

    nslookup

  • B

    Nmap

  • C

    Metasploit

  • D

    Wireshark

Show Answer
A. nslookup
9

Which of the following is a passive reconnaissance technique?

  • A

    Searching public records

  • B

    Port scanning

  • C

    Network sniffing

  • D

    Social engineering

Show Answer
A. Searching public records
10

What is WHOIS used for?

  • A

    To query domain registration information

  • B

    To scan ports

  • C

    To crack passwords

  • D

    To encrypt data

Show Answer
A. To query domain registration information
11

Which command is used to trace the route to a target?

  • A

    tracert

  • B

    nslookup

  • C

    ping

  • D

    netstat

Show Answer
A. tracert
12

What is the purpose of Google dorking?

  • A

    To find sensitive information using advanced search operators

  • B

    To hack Google

  • C

    To scan for open ports

  • D

    To perform DDoS attacks

Show Answer
A. To find sensitive information using advanced search operators
13

Which tool is widely used for network scanning?

  • A

    Nmap

  • B

    Metasploit

  • C

    Burp Suite

  • D

    John the Ripper

Show Answer
A. Nmap
14

What is a SYN scan?

  • A

    A TCP half-open scan

  • B

    A UDP scan

  • C

    A full TCP connect scan

  • D

    An Xmas scan

Show Answer
A. A TCP half-open scan
15

What is the purpose of a port scan?

  • A

    To discover open ports on a target

  • B

    To exploit vulnerabilities

  • C

    To crack passwords

  • D

    To perform social engineering

Show Answer
A. To discover open ports on a target
16

Which Nmap option performs a version detection scan?

  • A

    -sV

  • B

    -sS

  • C

    -sU

  • D

    -sA

Show Answer
A. -sV
17

What is banner grabbing?

  • A

    Retrieving service information from open ports

  • B

    Grabbing a banner from a website

  • C

    Stealing user credentials

  • D

    Performing a DoS attack

Show Answer
A. Retrieving service information from open ports
18

Which tool is used for SNMP enumeration?

  • A

    snmpwalk

  • B

    nmap

  • C

    netcat

  • D

    nslookup

Show Answer
A. snmpwalk
19

What is password cracking?

  • A

    Obtaining passwords through various techniques

  • B

    Encrypting passwords

  • C

    Changing passwords

  • D

    Deleting passwords

Show Answer
A. Obtaining passwords through various techniques
20

Which attack uses a dictionary of common words?

  • A

    Dictionary attack

  • B

    Brute force attack

  • C

    Rainbow table attack

  • D

    Phishing

Show Answer
A. Dictionary attack
21

What is a rainbow table?

  • A

    A precomputed table for reversing cryptographic hash functions

  • B

    A table of passwords

  • C

    A firewall rule set

  • D

    A routing table

Show Answer
A. A precomputed table for reversing cryptographic hash functions
22

What is privilege escalation?

  • A

    Gaining higher-level permissions on a system

  • B

    Lowering user permissions

  • C

    Encrypting files

  • D

    Deleting system files

Show Answer
A. Gaining higher-level permissions on a system
23

Which command is used to add a user in Linux?

  • A

    useradd

  • B

    adduser

  • C

    Both A and B

  • D

    usermod

Show Answer
C. Both A and B
24

What is a rootkit?

  • A

    Malware that hides its presence and provides backdoor access

  • B

    A type of antivirus

  • C

    A firewall

  • D

    A vulnerability scanner

Show Answer
A. Malware that hides its presence and provides backdoor access
25

What is a virus?

  • A

    Malware that replicates by attaching to files

  • B

    Malware that self-propagates over networks

  • C

    Malware that disguises as legitimate software

  • D

    Malware that encrypts files

Show Answer
A. Malware that replicates by attaching to files
26

What is a worm?

  • A

    Malware that self-propagates without user interaction

  • B

    Malware that attaches to files

  • C

    Malware that encrypts files

  • D

    Malware that steals passwords

Show Answer
A. Malware that self-propagates without user interaction
27

What is a Trojan horse?

  • A

    Malware disguised as legitimate software

  • B

    Malware that replicates like a virus

  • C

    Malware that spreads via email

  • D

    Malware that encrypts files

Show Answer
A. Malware disguised as legitimate software
28

What is ransomware?

  • A

    Malware that encrypts files and demands payment

  • B

    Malware that steals credentials

  • C

    Malware that spreads via USB drives

  • D

    Malware that logs keystrokes

Show Answer
A. Malware that encrypts files and demands payment
29

What is a keylogger?

  • A

    Malware that records keystrokes

  • B

    Malware that encrypts files

  • C

    Malware that steals passwords

  • D

    Malware that spreads via email

Show Answer
A. Malware that records keystrokes
30

What is the difference between a virus and a worm?

  • A

    Virus needs a host file; worm is standalone

  • B

    Worm needs a host file; virus is standalone

  • C

    Both are the same

  • D

    Virus spreads over networks; worm does not

Show Answer
A. Virus needs a host file; worm is standalone
31

What is a Denial of Service (DoS) attack?

  • A

    Flooding a system to make it unavailable

  • B

    Gaining unauthorized access

  • C

    Stealing sensitive data

  • D

    Modifying data

Show Answer
A. Flooding a system to make it unavailable
32

What is a DDoS attack?

  • A

    Distributed Denial of Service using multiple machines

  • B

    Direct Denial of Service

  • C

    Dynamic Denial of Service

  • D

    Data Denial of Service

Show Answer
A. Distributed Denial of Service using multiple machines
33

What is a man-in-the-middle (MITM) attack?

  • A

    Intercepting and possibly altering communication between two parties

  • B

    Impersonating a server

  • C

    Flooding a network

  • D

    Cracking passwords

Show Answer
A. Intercepting and possibly altering communication between two parties
34

What is ARP spoofing?

  • A

    Sending fake ARP messages to associate an attacker's MAC address with a target's IP

  • B

    Spoofing an IP address

  • C

    Spoofing a DNS

  • D

    Spoofing a MAC address

Show Answer
A. Sending fake ARP messages to associate an attacker's MAC address with a target's IP
35

What is a session hijacking attack?

  • A

    Stealing a valid session token to gain unauthorized access

  • B

    Overloading a session

  • C

    Encrypting session data

  • D

    Logging out a user

Show Answer
A. Stealing a valid session token to gain unauthorized access
36

What is sniffing?

  • A

    Capturing and analyzing network traffic

  • B

    Sending fake packets

  • C

    Decrypting encrypted traffic

  • D

    Flooding a network

Show Answer
A. Capturing and analyzing network traffic
37

What is the OWASP Top 10?

  • A

    A list of top web application security risks

  • B

    A list of secure coding practices

  • C

    A list of firewall rules

  • D

    A list of encryption algorithms

Show Answer
A. A list of top web application security risks
38

What is SQL Injection?

  • A

    Injecting SQL queries through input fields to manipulate the database

  • B

    Injecting JavaScript into web pages

  • C

    Injecting commands into the OS

  • D

    Injecting HTML tags

Show Answer
A. Injecting SQL queries through input fields to manipulate the database
39

What is Cross-Site Scripting (XSS)?

  • A

    Injecting malicious scripts into web pages

  • B

    Injecting SQL queries

  • C

    Injecting commands into the OS

  • D

    Faking HTTP requests

Show Answer
A. Injecting malicious scripts into web pages
40

What is Cross-Site Request Forgery (CSRF)?

  • A

    Forcing a user to execute unwanted actions on a web application

  • B

    Injecting scripts into web pages

  • C

    Stealing cookies

  • D

    SQL injection

Show Answer
A. Forcing a user to execute unwanted actions on a web application
41

Which tool is used for intercepting and modifying HTTP/S traffic?

  • A

    Burp Suite

  • B

    Nmap

  • C

    Metasploit

  • D

    Wireshark

Show Answer
A. Burp Suite
42

What is the purpose of input validation?

  • A

    To prevent injection attacks by sanitizing user input

  • B

    To speed up the application

  • C

    To improve UI

  • D

    To handle errors

Show Answer
A. To prevent injection attacks by sanitizing user input
43

What is the difference between encryption and hashing?

  • A

    Encryption is reversible; hashing is irreversible

  • B

    Hashing is reversible; encryption is irreversible

  • C

    Both are reversible

  • D

    Both are irreversible

Show Answer
A. Encryption is reversible; hashing is irreversible
44

What is symmetric encryption?

  • A

    Uses the same key for encryption and decryption

  • B

    Uses different keys for encryption and decryption

  • C

    Uses no key

  • D

    Uses a public and private key

Show Answer
A. Uses the same key for encryption and decryption
45

What is asymmetric encryption?

  • A

    Uses a pair of keys (public and private)

  • B

    Uses the same key

  • C

    Uses no key

  • D

    Uses a shared secret

Show Answer
A. Uses a pair of keys (public and private)
46

What is a hash function?

  • A

    A function that maps data of arbitrary size to a fixed-size value

  • B

    A function that encrypts data

  • C

    A function that decrypts data

  • D

    A function that compresses data

Show Answer
A. A function that maps data of arbitrary size to a fixed-size value
47

What is the purpose of digital signatures?

  • A

    To verify authenticity and integrity of a message

  • B

    To encrypt messages

  • C

    To compress messages

  • D

    To hide messages

Show Answer
A. To verify authenticity and integrity of a message
48

What is SSL/TLS used for?

  • A

    Secure communication over the internet

  • B

    File transfer

  • C

    Email encryption

  • D

    Database encryption

Show Answer
A. Secure communication over the internet
49

What is social engineering?

  • A

    Manipulating people into revealing confidential information

  • B

    Hacking computer systems

  • C

    Writing malware

  • D

    Performing penetration testing

Show Answer
A. Manipulating people into revealing confidential information
50

What is phishing?

  • A

    A fraudulent attempt to obtain sensitive information via email

  • B

    A type of malware

  • C

    A network attack

  • D

    A physical security breach

Show Answer
A. A fraudulent attempt to obtain sensitive information via email
51

What is pretexting?

  • A

    Creating a fabricated scenario to obtain information

  • B

    Sending fake emails

  • C

    Making phone calls pretending to be someone else

  • D

    Both A and C

Show Answer
D. Both A and C
52

What is baiting?

  • A

    Leaving infected USB drives to lure victims

  • B

    Sending emails with malware

  • C

    Creating fake websites

  • D

    Calling victims

Show Answer
A. Leaving infected USB drives to lure victims
53

What is tailgating?

  • A

    Following an authorized person into a restricted area

  • B

    Sending fake emails

  • C

    Calling to trick users

  • D

    Hacking a network

Show Answer
A. Following an authorized person into a restricted area
54

What is a vishing attack?

  • A

    Voice phishing via phone calls

  • B

    Email phishing

  • C

    SMS phishing

  • D

    Malware phishing

Show Answer
A. Voice phishing via phone calls
55

What is WEP?

  • A

    Wired Equivalent Privacy - an older wireless encryption protocol

  • B

    Wi-Fi Protected Access

  • C

    A type of firewall

  • D

    A routing protocol

Show Answer
A. Wired Equivalent Privacy - an older wireless encryption protocol
56

What is WPA?

  • A

    Wi-Fi Protected Access

  • B

    Wired Equivalent Privacy

  • C

    Wireless Personal Area Network

  • D

    Wide Area Network

Show Answer
A. Wi-Fi Protected Access
57

What is WPA2?

  • A

    An improved version of WPA using AES encryption

  • B

    An older version of WEP

  • C

    A wired security protocol

  • D

    A type of malware

Show Answer
A. An improved version of WPA using AES encryption
58

What is a rogue access point?

  • A

    An unauthorized wireless access point

  • B

    A secure access point

  • C

    A public Wi-Fi hotspot

  • D

    A VPN

Show Answer
A. An unauthorized wireless access point
59

What is a deauthentication attack?

  • A

    Sending deauth frames to disconnect clients from a WLAN

  • B

    Encrypting wireless traffic

  • C

    Scanning for open ports

  • D

    Performing a DOS attack

Show Answer
A. Sending deauth frames to disconnect clients from a WLAN
60

Which tool is used to crack WEP/WPA passwords?

  • A

    Aircrack-ng

  • B

    Nmap

  • C

    Metasploit

  • D

    John the Ripper

Show Answer
A. Aircrack-ng
61

What is Metasploit?

  • A

    A penetration testing framework

  • B

    A network scanner

  • C

    A password cracker

  • D

    A vulnerability scanner

Show Answer
A. A penetration testing framework
62

What is Wireshark?

  • A

    A network protocol analyzer

  • B

    A port scanner

  • C

    A password cracker

  • D

    A web application scanner

Show Answer
A. A network protocol analyzer
63

What is John the Ripper?

  • A

    A password cracking tool

  • B

    A network scanner

  • C

    A vulnerability scanner

  • D

    A firewall

Show Answer
A. A password cracking tool
64

What is Nessus?

  • A

    A vulnerability scanner

  • B

    A penetration testing framework

  • C

    A network sniffer

  • D

    A password cracker

Show Answer
A. A vulnerability scanner
65

What is Burp Suite used for?

  • A

    Web application security testing

  • B

    Network scanning

  • C

    Password cracking

  • D

    Wireless cracking

Show Answer
A. Web application security testing
66

What is Snort?

  • A

    An intrusion detection/prevention system

  • B

    A network scanner

  • C

    A password cracker

  • D

    A firewall

Show Answer
A. An intrusion detection/prevention system
67

What is the first step in incident response?

  • A

    Preparation

  • B

    Detection and analysis

  • C

    Containment

  • D

    Eradication

Show Answer
A. Preparation
68

What is the goal of digital forensics?

  • A

    To preserve, analyze, and present digital evidence

  • B

    To hack systems

  • C

    To install malware

  • D

    To crack passwords

Show Answer
A. To preserve, analyze, and present digital evidence
69

What is a write blocker?

  • A

    A device that prevents writing to a storage device during forensic analysis

  • B

    A software that encrypts data

  • C

    A firewall rule

  • D

    A type of malware

Show Answer
A. A device that prevents writing to a storage device during forensic analysis
70

What is a chain of custody?

  • A

    The chronological documentation of evidence handling

  • B

    A chain of command

  • C

    A type of lock

  • D

    A network topology

Show Answer
A. The chronological documentation of evidence handling
71

What is the difference between an incident and a breach?

  • A

    A breach is a specific type of incident involving data exposure

  • B

    They are the same

  • C

    Breach is an attempted attack; incident is successful

  • D

    Incident is always malicious

Show Answer
A. A breach is a specific type of incident involving data exposure
72

Which tool is commonly used for memory forensics?

  • A

    Volatility

  • B

    Wireshark

  • C

    Nmap

  • D

    Metasploit

Show Answer
A. Volatility
73

What is the CIA triad?

  • A

    Confidentiality, Integrity, Availability

  • B

    Confidentiality, Identity, Access

  • C

    Control, Integrity, Access

  • D

    Confidentiality, Integrity, Authentication

Show Answer
A. Confidentiality, Integrity, Availability
74

Which command is used for DNS zone transfer?

  • A

    dig axfr

  • B

    nslookup -type=any

  • C

    host -l

  • D

    All of the above

Show Answer
D. All of the above
75

What is a null scan?

  • A

    A TCP scan with no flags set

  • B

    A UDP scan

  • C

    A SYN scan

  • D

    A FIN scan

Show Answer
A. A TCP scan with no flags set
76

What is the SAM file in Windows?

  • A

    The Security Account Manager file storing password hashes

  • B

    A system log file

  • C

    A configuration file

  • D

    A network file

Show Answer
A. The Security Account Manager file storing password hashes
77

What is a polymorphic virus?

  • A

    A virus that changes its code to evade detection

  • B

    A virus that encrypts files

  • C

    A virus that steals passwords

  • D

    A virus that self-propagates

Show Answer
A. A virus that changes its code to evade detection
78

What is a Smurf attack?

  • A

    A DDoS attack using ICMP echo requests with spoofed source

  • B

    A SYN flood attack

  • C

    A UDP flood attack

  • D

    A DNS amplification attack

Show Answer
A. A DDoS attack using ICMP echo requests with spoofed source
79

What is command injection?

  • A

    Injecting operating system commands through input fields

  • B

    Injecting SQL commands

  • C

    Injecting JavaScript

  • D

    Injecting HTML

Show Answer
A. Injecting operating system commands through input fields
80

What is a certificate authority (CA)?

  • A

    An entity that issues digital certificates

  • B

    A hashing algorithm

  • C

    A symmetric encryption algorithm

  • D

    A type of firewall

Show Answer
A. An entity that issues digital certificates
81

What is spear phishing?

  • A

    A targeted phishing attack on a specific individual

  • B

    A mass phishing email

  • C

    A phishing attack via SMS

  • D

    A phishing attack via phone

Show Answer
A. A targeted phishing attack on a specific individual
82

What is EVIL Twin attack?

  • A

    Setting up a rogue access point with the same SSID as a legitimate one

  • B

    Cracking WEP keys

  • C

    Deauthenticating clients

  • D

    Sniffing wireless traffic

Show Answer
A. Setting up a rogue access point with the same SSID as a legitimate one
83

What is the purpose of a fuzzer?

  • A

    To send malformed input to find vulnerabilities

  • B

    To scan ports

  • C

    To crack passwords

  • D

    To sniff traffic

Show Answer
A. To send malformed input to find vulnerabilities
84

What is a forensic image?

  • A

    An exact bit-by-bit copy of a storage device

  • B

    A compressed backup

  • C

    A screenshot

  • D

    A log file

Show Answer
A. An exact bit-by-bit copy of a storage device
85

What is a security audit?

  • A

    A systematic evaluation of security controls

  • B

    A penetration test

  • C

    A vulnerability scan

  • D

    A social engineering test

Show Answer
A. A systematic evaluation of security controls
86

What is the purpose of using social media for footprinting?

  • A

    To gather personal information about targets

  • B

    To hack social media accounts

  • C

    To spread malware

  • D

    To perform phishing

Show Answer
A. To gather personal information about targets
87

What is an ICMP echo request?

  • A

    A ping packet

  • B

    A SYN packet

  • C

    A FIN packet

  • D

    A UDP packet

Show Answer
A. A ping packet
88

What is the difference between local and remote privilege escalation?

  • A

    Local is from within the system; remote is from outside

  • B

    Remote is from within; local is from outside

  • C

    Both are the same

  • D

    Local requires physical access

Show Answer
A. Local is from within the system; remote is from outside
89

What is a boot sector virus?

  • A

    A virus that infects the master boot record

  • B

    A virus that infects files

  • C

    A virus that infects email

  • D

    A virus that infects networks

Show Answer
A. A virus that infects the master boot record
90

What is a DNS spoofing attack?

  • A

    Forcing a DNS server to return a false IP address

  • B

    Flooding a DNS server

  • C

    Hacking a DNS server

  • D

    Encrypting DNS queries

Show Answer
A. Forcing a DNS server to return a false IP address
91

What is a directory traversal attack?

  • A

    Accessing files outside the web root directory

  • B

    Injecting SQL commands

  • C

    Injecting JavaScript

  • D

    Injecting commands

Show Answer
A. Accessing files outside the web root directory
92

What is a salt in password hashing?

  • A

    Random data added to passwords before hashing

  • B

    A type of encryption

  • C

    A hash function

  • D

    A type of key

Show Answer
A. Random data added to passwords before hashing
93

What is a watering hole attack?

  • A

    Compromising a website frequented by the target

  • B

    Phishing emails

  • C

    USB baiting

  • D

    Tailgating

Show Answer
A. Compromising a website frequented by the target
94

What is a WPS attack?

  • A

    Exploiting Wi-Fi Protected Setup to recover the PIN

  • B

    Cracking WEP

  • C

    Deauth attack

  • D

    Evil twin

Show Answer
A. Exploiting Wi-Fi Protected Setup to recover the PIN
95

What is the use of a honeypot?

  • A

    To lure attackers and study their behavior

  • B

    To block attacks

  • C

    To scan for vulnerabilities

  • D

    To encrypt traffic

Show Answer
A. To lure attackers and study their behavior
96

What is the purpose of a hash value in forensics?

  • A

    To verify the integrity of evidence

  • B

    To encrypt evidence

  • C

    To compress evidence

  • D

    To hide evidence

Show Answer
A. To verify the integrity of evidence
97

What is a zero-day vulnerability?

  • A

    A vulnerability unknown to the vendor

  • B

    A vulnerability that has been patched

  • C

    A vulnerability that is not exploitable

  • D

    A vulnerability found in old software

Show Answer
A. A vulnerability unknown to the vendor
98

What is the use of Shodan?

  • A

    To search for internet-connected devices and services

  • B

    To scan for vulnerabilities

  • C

    To crack passwords

  • D

    To perform DDoS

Show Answer
A. To search for internet-connected devices and services
99

What is an ACK scan?

  • A

    A TCP scan with the ACK flag set to determine firewall rules

  • B

    A SYN scan

  • C

    A UDP scan

  • D

    A FIN scan

Show Answer
A. A TCP scan with the ACK flag set to determine firewall rules
100

What is the /etc/passwd file in Linux?

  • A

    A file storing user account information

  • B

    A file storing passwords

  • C

    A configuration file

  • D

    A log file

Show Answer
A. A file storing user account information
101

What is a logic bomb?

  • A

    Malware that triggers when specific conditions are met

  • B

    Malware that replicates itself

  • C

    Malware that encrypts files

  • D

    Malware that steals credentials

Show Answer
A. Malware that triggers when specific conditions are met
102

What is a ping flood?

  • A

    A DoS attack using ICMP echo requests

  • B

    A DDoS attack using SYN packets

  • C

    A UDP flood

  • D

    A DNS amplification

Show Answer
A. A DoS attack using ICMP echo requests
103

What is a security misconfiguration?

  • A

    Improperly configured security settings leading to vulnerabilities

  • B

    A firewall rule

  • C

    An encryption key

  • D

    A strong password

Show Answer
A. Improperly configured security settings leading to vulnerabilities
104

What is the purpose of a nonce?

  • A

    A number used once in cryptographic communication

  • B

    A type of key

  • C

    A hash function

  • D

    A certificate

Show Answer
A. A number used once in cryptographic communication
105

What is the difference between phishing and spear phishing?

  • A

    Spear phishing is targeted at specific individuals

  • B

    Phishing is targeted; spear is broad

  • C

    Both are the same

  • D

    Spear phishing uses malware

Show Answer
A. Spear phishing is targeted at specific individuals
106

What is the purpose of a Wi-Fi jammer?

  • A

    To interfere with wireless signals

  • B

    To crack passwords

  • C

    To sniff traffic

  • D

    To secure a network

Show Answer
A. To interfere with wireless signals
107

What is the use of OpenVAS?

  • A

    An open-source vulnerability scanner

  • B

    A penetration testing framework

  • C

    A network sniffer

  • D

    A password cracker

Show Answer
A. An open-source vulnerability scanner
108

What is the difference between containment and eradication?

  • A

    Containment stops the incident from spreading; eradication removes the cause

  • B

    Eradication stops the spread; containment removes the cause

  • C

    Both are the same

  • D

    Containment is only for network incidents

Show Answer
A. Containment stops the incident from spreading; eradication removes the cause
109

What is a vulnerability?

  • A

    A weakness that can be exploited

  • B

    A threat actor

  • C

    A security control

  • D

    A patch

Show Answer
A. A weakness that can be exploited
110

What is the purpose of netcraft?

  • A

    To gather information about websites and servers

  • B

    To scan ports

  • C

    To crack passwords

  • D

    To perform DDoS

Show Answer
A. To gather information about websites and servers
111

What is the difference between a vulnerability scan and a penetration test?

  • A

    Vulnerability scan identifies potential weaknesses; penetration test exploits them

  • B

    Penetration test identifies weaknesses; scan exploits them

  • C

    Both are the same

  • D

    Scan is manual; test is automated

Show Answer
A. Vulnerability scan identifies potential weaknesses; penetration test exploits them
112

What is a backdoor?

  • A

    A hidden method of accessing a system

  • B

    A type of firewall

  • C

    A vulnerability scanner

  • D

    A password

Show Answer
A. A hidden method of accessing a system
113

What is a spyware?

  • A

    Malware that secretly gathers user information

  • B

    Malware that encrypts files

  • C

    Malware that self-propagates

  • D

    Malware that corrupts files

Show Answer
A. Malware that secretly gathers user information
114

What is a replay attack?

  • A

    Replaying captured network traffic to gain unauthorized access

  • B

    Flooding a network

  • C

    Cracking passwords

  • D

    Sniffing traffic

Show Answer
A. Replaying captured network traffic to gain unauthorized access
115

What is the purpose of a Web Application Firewall (WAF)?

  • A

    To filter and monitor HTTP traffic for attacks

  • B

    To scan for vulnerabilities

  • C

    To encrypt data

  • D

    To manage certificates

Show Answer
A. To filter and monitor HTTP traffic for attacks
116

What is the difference between public key and private key?

  • A

    Public key is shared; private key is kept secret

  • B

    Private key is shared; public key is secret

  • C

    Both are shared

  • D

    Both are secret

Show Answer
A. Public key is shared; private key is kept secret
117

What is an impersonation attack?

  • A

    Pretending to be someone else to gain information

  • B

    Sending fake emails

  • C

    Leaving infected USB drives

  • D

    Following someone into a building

Show Answer
A. Pretending to be someone else to gain information
118

What is the difference between WPA2-PSK and WPA2-Enterprise?

  • A

    PSK uses a pre-shared key; Enterprise uses a RADIUS server

  • B

    Enterprise uses a pre-shared key; PSK uses RADIUS

  • C

    Both use the same

  • D

    PSK is more secure

Show Answer
A. PSK uses a pre-shared key; Enterprise uses a RADIUS server
119

What is the use of Hydra?

  • A

    A password cracking tool for network services

  • B

    A vulnerability scanner

  • C

    A network sniffer

  • D

    A web application scanner

Show Answer
A. A password cracking tool for network services
120

What is the importance of timestamps in forensics?

  • A

    To establish a timeline of events

  • B

    To encrypt evidence

  • C

    To compress evidence

  • D

    To hide evidence

Show Answer
A. To establish a timeline of events
121

What is the difference between a vulnerability and an exploit?

  • A

    A vulnerability is a weakness; an exploit is a technique to use it

  • B

    An exploit is a weakness; a vulnerability is a technique

  • C

    Both are the same

  • D

    Vulnerabilities are always patched

Show Answer
A. A vulnerability is a weakness; an exploit is a technique to use it
122

What is a zone transfer?

  • A

    Copying DNS records from a DNS server

  • B

    Transferring files

  • C

    Transferring network packets

  • D

    Transferring email

Show Answer
A. Copying DNS records from a DNS server
123

What is the purpose of using nmap's -O option?

  • A

    To detect the operating system

  • B

    To scan for open ports

  • C

    To perform a version scan

  • D

    To perform a script scan

Show Answer
A. To detect the operating system
124

What is the difference between a local and remote exploit?

  • A

    Local exploit requires prior access; remote exploit works over the network

  • B

    Remote exploit requires prior access; local works over the network

  • C

    Both are the same

  • D

    Local exploits are more severe

Show Answer
A. Local exploit requires prior access; remote exploit works over the network
125

What is a dropper?

  • A

    Malware used to install other malware

  • B

    Malware that encrypts files

  • C

    Malware that steals credentials

  • D

    Malware that self-propagates

Show Answer
A. Malware used to install other malware
126

What is a teardrop attack?

  • A

    An attack using overlapping IP fragments to crash a system

  • B

    A SYN flood

  • C

    A UDP flood

  • D

    A DNS amplification

Show Answer
A. An attack using overlapping IP fragments to crash a system
127

What is the purpose of security headers like Content-Security-Policy?

  • A

    To prevent XSS and other injection attacks

  • B

    To encrypt data

  • C

    To compress data

  • D

    To authenticate users

Show Answer
A. To prevent XSS and other injection attacks
128

What is the purpose of a digital certificate?

  • A

    To bind a public key with an identity

  • B

    To encrypt data

  • C

    To hash data

  • D

    To compress data

Show Answer
A. To bind a public key with an identity
129

What is the difference between phishing and smishing?

  • A

    Phishing uses email; smishing uses SMS

  • B

    Smishing uses email; phishing uses SMS

  • C

    Both use email

  • D

    Both use phone calls

Show Answer
A. Phishing uses email; smishing uses SMS
130

What is the purpose of a wireless intrusion prevention system (WIPS)?

  • A

    To detect and prevent unauthorized wireless access

  • B

    To crack wireless passwords

  • C

    To sniff wireless traffic

  • D

    To amplify wireless signals

Show Answer
A. To detect and prevent unauthorized wireless access
131

What is the purpose of sqlmap?

  • A

    To automate SQL injection detection and exploitation

  • B

    To scan for open ports

  • C

    To crack passwords

  • D

    To sniff traffic

Show Answer
A. To automate SQL injection detection and exploitation

Frequently Asked Questions

What is ethical hacking and why is it important?
Ethical hacking involves legally breaking into systems to identify vulnerabilities before malicious hackers do. It is important because it helps organizations strengthen their security posture, protect sensitive data, and comply with regulatory requirements.
What are the phases of ethical hacking?
The typical phases are: Reconnaissance (footprinting), Scanning & Enumeration, Gaining Access (exploitation), Maintaining Access, and Covering Tracks. Some methodologies also include a reporting phase.
What is the difference between ethical hacking and penetration testing?
Ethical hacking is a broader term that encompasses all security testing activities, while penetration testing is a specific form of ethical hacking focused on exploiting vulnerabilities to assess risk.
What are the common tools used by ethical hackers?
Common tools include Nmap (network scanning), Metasploit (exploitation), Burp Suite (web testing), Wireshark (sniffing), John the Ripper (password cracking), Aircrack-ng (wireless), and Nessus (vulnerability scanning).
What is the OWASP Top 10?
The OWASP Top 10 is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications, including injection, XSS, broken authentication, etc.
What is the difference between a vulnerability, threat, and risk?
A vulnerability is a weakness. A threat is a potential harm (actor). Risk is the likelihood and impact of a threat exploiting a vulnerability. Risk = Threat x Vulnerability x Impact.
What is a zero-day vulnerability?
A zero-day vulnerability is a software flaw that is unknown to the vendor and has no patch. Attackers can exploit it before it is fixed, making it highly dangerous.
What is social engineering and how can it be prevented?
Social engineering is manipulating people into revealing confidential information. Prevention includes security awareness training, strict policies (e.g., verification procedures), and multi-factor authentication.