General Ethical Hacking MCQs

1. Which of the given types of viruses has the following characteristics?

2. Which is correct about stealth scan or half-Open scan? i) With stealth scan, the chances of triggering the detection mechanism are high. ii) Stealth scan is less reliable as compared to full-Open scan.

3. Which of the following is the syntax of ping sweep using Nmap for ICMP scanning?

4. In relation to ethical hacking. which of the following options refers to a method. which is used for determining the type of operating system running on a remote computer?

5. In relation to switched network sniff‌ing, which of the following options is represented by a switchport?

6. attack sends a combination of malformed IP packets to the victim system and causes the system to crash. The malformed packets consist of invalid/unexpected fragmentation. TCP segments, protocol, header values, packet size. offsets. routing flags. etc.

7. Which of the following commands can be used for creating a firewall rule in iptable, which will result the blocking of ICMP ECHO requests from the outside sources and will disable ping sweeps on a network?

8. Which of the following keyboard shortcuts stops working during a Trojan infection?

9. In relation to f‌ingerprinting, which of the following is the correct syntax ofthe nmap command, which is used for checking whether or not port 443 is Open? (Assume the domain name as abcExample.com.)

10. Which of the following commands is used for performing a Xmas tree scan with Nmap?

11. In relation to the Metasploit framework, which of the following commands is used for loading a particular auxiliary/exploit module?

12. While using the Netcap tool, which of the following commands is used for performing port scanning?

13. In relation to the nmap command in OS f‌ingerprinting, which of the following options can be used for performing both OS and service version detection?

14. Which of the following frameworks is simpler and more eff‌icient for creating and manipulating PDF frameworks?

15. During which of the following attacks, a custom wordlist containing a list of all possible username and password combinations is used?

16. Which of the following is/are the possible way(s) to manipulate programs through which a technical user may exploit stack-based overflows?

17. While using the BackTrack tool with Linux, which of the following commands can be used for displaying the contents of the password.txt file?

18. While using the Netcat tool, which of the following commands is used for setting up a listener?

19. In relation to f‌ingerprinting, which of the following is the correct syntax of the command, which is used for identifying the operating system that is serving a website and all the opened ports associated with the domain name? (Assume the domain name as abcExample.com.)

20. Using Nmap, which Of the following is the correct syntax for performing a ping to a remote Windows or Linux Operating system?

21. During which type of scan, an attacker sends frames to a victim, without setting any f‌lag?

22. Which of the following options is a Linux/Unix sniff‌ing tool that is designed for graphically displaying a system's incoming and outgoing connections?

23. In relation to Buffer overflows, which of the following canaries does not exist?

24. This attack queues up the packets that have bad source IP; uses memory and resources; and eventually hangs, reboots or crashes the system

25. Which is effects Of a DOS attack? i)Resource unavailability. ii)lncreased spam e-mail. iii)lncreased ads and pop-ups.

26. During which ofthe following attacks, an attacker has the plaintext and ciphertext of one or more messages and this information is used for determining the key in use?

27. Which of the following Linux commands is used for displaying the information of logged on users and their activities?

28. Which of the following options is the correct netcat command that can be used to open up ports for the SET webserver?

29. Which of the following options represents the process of exploiting holes in a poorly-configured software?

30. Which of the following wardriving tools is a network detector, sniffer, and intrusion detection system used on Linux?

31. What is the hexadecimal value of the NOP instruction that is applied to an Intel processor?

32. Which of the following protocols is used by the BOCK tool that is used for exploiting covert channels?

33. In relation to ethical hacking, which of the following statements is correct about botnet?

34. While using the BackTrack tool with Linux. which of the following commands is used for changing the password of the Linux box?

35. Proxies operate at which of the following layers of the Open System Interconnection model?

36. Which of the following Wireshark CLl tools is a small program that is only used for capturing traff‌ic?

37. Which of the following lPSec mechanisms is used for providing methods for the purpose of authenticating information as well as for encrypting the data?

38. Trinoo/TrinOO is a set of programs to conduct a distributed denial-of-service (DDOS) attack. It is written in which language?

39. Which of the following ports is used for HTTPS traff‌ic, which is secured by SSL?

40. While testing for weak authentication during fingerprinting MYSOL, which of the following commands is used for logging in to the MYSQL server and manipulating things after the credentials have been cracked?

41. During fingerprinting, which elements are analyzed for determining the operating system? i)Don‘t fragment bit ii)Window size iii)Time-to-live on the outbound packet iv)Type of service

42. Which of the following options indicates a special Linux permission, which makes a file unchangeable?

43. Which of the following operating systems are vulnerable to distributed denial-of—service (DDOS) attacks?

44. For specifying a maximum transmission unit {MTU), which of the following is the correct nmap command that will generate a 32 byte packet?

45. Which of the following Linux commands is used for showing local or remote established connections?

46. In order to prevent Trojan attacks, which ofthe following tools should be used for real-time tracking of port usage?

47. Which of the following Linux directories contains programs for use by the system and system administrator?

48. While using the Trojan detection tool, netstat, which of the following commands is used for detecting open ports?

49. In the Linux operating system, which of the following commands can be used for retrieving DNS and host-related information?

50. Which are sniffing tools? i) Wireshark ii) Cain and Abel iii) Dsniff iv) Ettercap v) Tcpdump

51. Sniffing can be done in both ways, i.e. from command line utility and graphic user interface (GUI).

52. Which of the following options is a program that is used for automating an action in such a way that the action can be repeatedly performed at a much higher rate and for a longer period than a human Operator could perform?

53. Which type of malware has the following characteristics?

54. Which malware performs, Displays pop-ups and nag screens. Changes the start page of a browser.

55. While creating a backdoor with the SET tool, which Of the following commands can be used for interacting with the shell after the session has been opened?

56. Which of the following is the correct syntax of the HpingZ command that can be used for scanning a vulnerable host for the zombie scan?

57. Which of the following Linux directories is used for containing references (represented as f‌iles with special properties) to all the CPU peripheral hardware?

58. While performing a check for open ports via three-way handshake in port scanning, which of the following TCP f‌lags is used for instructing the sending system to immediately send all buffered data?

59. The amitis tool, which is used for creating Trojans, opens which of the following ports for giving a hacker complete control over a victim's computer?

60. In which ofthe following types of attacks, cipher text is compared against the pro-computed hashes for f‌inding the match?

61. While scanning source ports using the nmap command, which of the following parameters is used for helping a user in specifying a source port?

62. During which of the following DOS attacks, custom-crafted fragmented packets, having offset values that overlap during the attempted rebuild. are sent by an attacker?

63. Which of the following is the correct syntax of the command for creating an ACK packet using HPING3 and sending it to port 80 on a victim?

64. In which ofthe following application-level attacks, SQL queries are crafted by an attacker for corrupting a database?

65. While creating a PDF document with launch action, which of the following parameters is used for defining the type of application that should run?

66. During which of the following types of scanning, carefully crafted messages or packets are sent to a target computer by using wellsknown port numbers that are less than or equal to 1024?

67. Which of the following echo requests is used by a Fraggle attack?

68. While using Medusa for brute force attack, which of the following parameters is used for 'Service to attack'?

69. Which of the following is the syntax of Hydra for brute-forcing a service with the username set to 'administrator'?

70. Which of the following network scanning processes involves the use of an Internet Control Message Protocol (ICMP) message?

71. Which of the following is a DOS-based wardialing program, which uses a modem for dialing ranges of numbers in search of a carrier frequency from a modem/ fax?

72. Which of the following is the correct syntax of the command that can be used for performing a sneaky scan and for analyzing its behavior in Wireshark?

73. ARP poisoning can be prevented by enabling which of the following options on Cisco switches?

74. While using the BackTrack tool with Linux, which of the following commands can be used for creating a directory named Example?

75. While using the BackTrack tool with Linux, which of the following commands can be used for creating a text file named example?

76. While installing the Origami framework on BackTrack, which of the following is the correct tar command that can be used for extracting the contents?

77. Which of the following is the correct syntax of the command that can be used to test whether or not a target FTP server is vulnerable to the FTP bounce attack?

78. Which of the following protocols send clear information and can be easy targets for sniff‌ing? i) HTTP ii) NNTP iii) FTP iv) IMAP

79. While using the BackTrack tool with Linux, which of the following commands can be used for renaming a text file from oIdExample.txt to newExample.txt?

80. Which of the following is an asymmetric encryption algorithm, which is of a variable length, is a one-way hash function and is a modification of MD5?

81. Which of the following can help in the prevention of Buffer overflows?

82. Which of the following are the correct syntaxes for using ping command on Windows?

83. Which two of the following are the features of symmetric encryption algorithm, Blowf‌ish?

84. Which of the following operating systems are affected by the Stacheldraht tool for denial-of—service attacks?

85. Identify the features of session hijacking.

86. ln ethical hacking, which Of the following information is gathered during the enumeration phase?

87. Which of the following are the advantages of using the symmetric cryptography algorithms?

88. In relation to Wireshark filters, which of the following operators is/are equivalent to the equal function?

89. Which of the following programming languages are commonly associated with Buffer overflows?

90. What are the features of worms?

91. Hackers can gain access to computer systems through the use of ____.

92. Hackers use __________ to execute arbitrary scripts through the web browser.

93. With ____, you can have your desktop computer or laptop start in both windows and linux.

94. _____ is a protocol for securely accessing a remote computer.