2
Ethical Hacking Essentials Complete Practice Test questions || || || || || || ||
with accurate detailed answers
|| || ||
The assurance that the systems responsible for delivering, storing, and processing
|| || || || || || || || || || ||
information are accessible when required by authorized users is referred to by which of the
|| || || || || || || || || || || || || || ||
following elements of information security? - ✔✔Available
|| || || || || ||
Identify the element of information security that refers to the quality of being genuine or
|| || || || || || || || || || || || || || ||
uncorrupted as a characteristic of any communication, documents, or any data. -
|| || || || || || || || || || || ||
✔✔Authenticity
Mark, a professional hacker, targets his opponent's website. He finds susceptible user
|| || || || || || || || || || || ||
inputs, injects malicious SQL code into the database, and tampers with critical information.
|| || || || || || || || || || || ||
Which of the following types of attack did Mark perform in the above scenario? - ✔✔Active
|| || || || || || || || || || || || || || || ||
Attack
Ruby, a hacker, visited her target company disguised as an aspiring candidate seeking a job.
|| || || || || || || || || || || || || || ||
She noticed that certain sensitive documents were thrown in the trash near an employee's
|| || || || || || || || || || || || || ||
desk. She collected these documents, which included critical information that helped her to
|| || || || || || || || || || || || ||
perform further attacks. || ||
Identify the type of attack performed by Ruby in the above scenario. - ✔✔Close in Attack
|| || || || || || || || || || || || || || ||
James, a malware programmer, intruded into a manufacturing plant that produces
|| || || || || || || || || || ||
computer peripheral devices. James tampered with the software inside devices ready to be
|| || || || || || || || || || || || ||
delivered to clients. The tampered program creates a backdoor that allows unauthorized
|| || || || || || || || || || || ||
access to the systems.
|| || ||
Identify the type of attack performed by James in the above scenario to gain unauthorized
|| || || || || || || || || || || || || || ||
access to the delivered systems. - ✔✔Distribution Attack
|| || || || || || ||
,2
Williams, an employee, was using his personal laptop within the organization's premises.
|| || || || || || || || || || || ||
He connected his laptop to the organization's internal network and began eavesdropping on
|| || || || || || || || || || || || ||
the communication between other devices connected to the internal network. He sniffed
|| || || || || || || || || || || ||
critical information such as login credentials and other confidential data passing through
|| || || || || || || || || || || ||
the network.
||
Identify the type of attack performed by Williams in the above scenario. - ✔✔Insider Attack
|| || || || || || || || || || || || || ||
David, a professional hacker, has initiated a DDoS attack against a target organization. He
|| || || || || || || || || || || || || ||
developed a malicious code and distributed it through emails to compromise the systems.
|| || || || || || || || || || || || ||
Then, all the infected systems were grouped together to launch a DDoS attack against the
|| || || || || || || || || || || || || || ||
organization.
Identify the type of attack launched by David on the target organization. - ✔✔Botnet
|| || || || || || || || || || || || ||
Jack is working as a malware analyst in an organization. He was assigned to inspect an
|| || || || || || || || || || || || || || || ||
attack performed against the organization. Jack determined that the attacker had restricted
|| || || || || || || || || || || ||
access to the main computer's files and folders and was demanding an online payment to
|| || || || || || || || || || || || || || ||
remove these restrictions. || ||
Which of the following type of attack has Jack identified in the above scenario? -
|| || || || || || || || || || || || || || ||
✔✔Ransomware
Identify the type of attack vector that focuses on stealing information from the victim
|| || || || || || || || || || || || || ||
machine without its user being aware and tries to deliver a payload affecting computer
|| || || || || || || || || || || || || ||
performance. - ✔✔APT Attack || || ||
Andrew, a professional hacker, drafts an email that appears to be legitimate and attaches
|| || || || || || || || || || || || || ||
malicious links to lure victims; he then distributes it through communication channels or
|| || || || || || || || || || || || ||
mails to obtain private information like account numbers.
|| || || || || || ||
Identify the type of attack vector employed by Andrew in the above scenario. - ✔✔Phishing
|| || || || || || || || || || || || || ||
Identify the civilian act designed to protect investors and the public by increasing the
|| || || || || || || || || || || || || ||
accuracy and reliability of corporate disclosures. - ✔✔Sarbanes - Oxley Act
|| || || || || || || || || ||
,2
Which of the following ISO/IEC standard specifies the requirements for establishing,
|| || || || || || || || || || ||
implementing, maintaining, and continually improving an information security || || || || || || || ||
management system within the context of an organization? - ✔✔ISO/IEC 27001:2013 || || || || || || || || || ||
An organization located in Europe maintains a large amount of user data by following all
|| || || || || || || || || || || || || || ||
the security-related laws. It also follows GDPR protection principles, one of which states
|| || || || || || || || || || || || ||
that the organization should only collect and process data necessary for the specified task.
|| || || || || || || || || || || || ||
Which of the following GDPR protection principle is discussed in the above scenario? -
|| || || || || || || || || || || || || ||
✔✔Data Minimization ||
Which of the following titles in The Digital Millennium Copyright Act (DMCA) allows the
|| || || || || || || || || || || || || ||
owner of a copy of a program to make reproductions or adaptations when these are
|| || || || || || || || || || || || || || ||
necessary to use the program in conjunction with a system? - ✔✔Title III: Computer
|| || || || || || || || || || || || || ||
Maintenance or Repair || ||
Which of the following countries has implemented "The Copyright Act 1968" and "The
|| || || || || || || || || || || || ||
Patents Act 1990"? - ✔✔Australia || || || ||
Given below are the various phases involved in the cyber kill chain methodology.
|| || || || || || || || || || || ||
1. Installation
||
2. Delivery
||
3. Reconnaissance
||
4. Actions on objectives
|| || ||
5. Weaponization
||
6. Exploitation
||
7. Command and control
|| || ||
What is the correct sequence of phases involved in the cyber kill chain methodology? - ✔✔3
|| || || || || || || || || || || || || || ||
-> 5 -> 2 -> 6 -> 1 -> 7 -> 4
|| || || || || || || || || || || ||
, 2
In which of the following phases of cyber kill chain methodology does an adversary
|| || || || || || || || || || || || || ||
distribute USB drives containing malicious payload to the employees of the target
|| || || || || || || || || || || ||
organization? - ✔✔Delivery || ||
Don, a professional hacker, initiated an attack on a target organization. During the course of
|| || || || || || || || || || || || || ||
this attack, he employed automated tools to collect maximum weak points, vulnerabilities,
|| || || || || || || || || || || || ||
and other sensitive information across the target network.
|| || || || || || ||
Which of the following phases of cyber kill chain methodology is Don currently executing
|| || || || || || || || || || || || || ||
in the above scenario? - ✔✔Reconnaissance
|| || || || ||
In which of the following phases of cyber kill chain methodology does the adversary create
|| || || || || || || || || || || || || || ||
a deliverable malicious payload using an exploit and a backdoor? - ✔✔Weaponization
|| || || || || || || || || || ||
Clara, a security professional, while checking the data feeds of the domains, detects
|| || || || || || || || || || || || ||
downloaded malicious files and unsolicited communication with the outside network based || || || || || || || || || ||
on the domains.
|| || ||
Which of the following adversary behaviors was detected by Clara? - ✔✔Unspecified proxy
|| || || || || || || || || || || || ||
activities
John, a professional hacker, was hired by a government agency to penetrate, gain top-secret
|| || || || || || || || || || || || || ||
information from, and damage other government agencies' information systems or || || || || || || || || || ||
networks.
Based on the above scenario, which of the following classes of hacker does John fall in? -
|| || || || || || || || || || || || || || || || ||
✔✔state-sponsored hackers ||
Lionel, a professional hacker motivated by political beliefs, plans to employ various
|| || || || || || || || || || || ||
techniques to create fear of large-scale disruption of computer networks. || || || || || || || || ||
Which of the following types of threat actors does Lionel belong to in the above scenario? -
|| || || || || || || || || || || || || || || || ||
✔✔Cyber Terrorists ||
Ethical Hacking Essentials Complete Practice Test questions || || || || || || ||
with accurate detailed answers
|| || ||
The assurance that the systems responsible for delivering, storing, and processing
|| || || || || || || || || || ||
information are accessible when required by authorized users is referred to by which of the
|| || || || || || || || || || || || || || ||
following elements of information security? - ✔✔Available
|| || || || || ||
Identify the element of information security that refers to the quality of being genuine or
|| || || || || || || || || || || || || || ||
uncorrupted as a characteristic of any communication, documents, or any data. -
|| || || || || || || || || || || ||
✔✔Authenticity
Mark, a professional hacker, targets his opponent's website. He finds susceptible user
|| || || || || || || || || || || ||
inputs, injects malicious SQL code into the database, and tampers with critical information.
|| || || || || || || || || || || ||
Which of the following types of attack did Mark perform in the above scenario? - ✔✔Active
|| || || || || || || || || || || || || || || ||
Attack
Ruby, a hacker, visited her target company disguised as an aspiring candidate seeking a job.
|| || || || || || || || || || || || || || ||
She noticed that certain sensitive documents were thrown in the trash near an employee's
|| || || || || || || || || || || || || ||
desk. She collected these documents, which included critical information that helped her to
|| || || || || || || || || || || || ||
perform further attacks. || ||
Identify the type of attack performed by Ruby in the above scenario. - ✔✔Close in Attack
|| || || || || || || || || || || || || || ||
James, a malware programmer, intruded into a manufacturing plant that produces
|| || || || || || || || || || ||
computer peripheral devices. James tampered with the software inside devices ready to be
|| || || || || || || || || || || || ||
delivered to clients. The tampered program creates a backdoor that allows unauthorized
|| || || || || || || || || || || ||
access to the systems.
|| || ||
Identify the type of attack performed by James in the above scenario to gain unauthorized
|| || || || || || || || || || || || || || ||
access to the delivered systems. - ✔✔Distribution Attack
|| || || || || || ||
,2
Williams, an employee, was using his personal laptop within the organization's premises.
|| || || || || || || || || || || ||
He connected his laptop to the organization's internal network and began eavesdropping on
|| || || || || || || || || || || || ||
the communication between other devices connected to the internal network. He sniffed
|| || || || || || || || || || || ||
critical information such as login credentials and other confidential data passing through
|| || || || || || || || || || || ||
the network.
||
Identify the type of attack performed by Williams in the above scenario. - ✔✔Insider Attack
|| || || || || || || || || || || || || ||
David, a professional hacker, has initiated a DDoS attack against a target organization. He
|| || || || || || || || || || || || || ||
developed a malicious code and distributed it through emails to compromise the systems.
|| || || || || || || || || || || || ||
Then, all the infected systems were grouped together to launch a DDoS attack against the
|| || || || || || || || || || || || || || ||
organization.
Identify the type of attack launched by David on the target organization. - ✔✔Botnet
|| || || || || || || || || || || || ||
Jack is working as a malware analyst in an organization. He was assigned to inspect an
|| || || || || || || || || || || || || || || ||
attack performed against the organization. Jack determined that the attacker had restricted
|| || || || || || || || || || || ||
access to the main computer's files and folders and was demanding an online payment to
|| || || || || || || || || || || || || || ||
remove these restrictions. || ||
Which of the following type of attack has Jack identified in the above scenario? -
|| || || || || || || || || || || || || || ||
✔✔Ransomware
Identify the type of attack vector that focuses on stealing information from the victim
|| || || || || || || || || || || || || ||
machine without its user being aware and tries to deliver a payload affecting computer
|| || || || || || || || || || || || || ||
performance. - ✔✔APT Attack || || ||
Andrew, a professional hacker, drafts an email that appears to be legitimate and attaches
|| || || || || || || || || || || || || ||
malicious links to lure victims; he then distributes it through communication channels or
|| || || || || || || || || || || || ||
mails to obtain private information like account numbers.
|| || || || || || ||
Identify the type of attack vector employed by Andrew in the above scenario. - ✔✔Phishing
|| || || || || || || || || || || || || ||
Identify the civilian act designed to protect investors and the public by increasing the
|| || || || || || || || || || || || || ||
accuracy and reliability of corporate disclosures. - ✔✔Sarbanes - Oxley Act
|| || || || || || || || || ||
,2
Which of the following ISO/IEC standard specifies the requirements for establishing,
|| || || || || || || || || || ||
implementing, maintaining, and continually improving an information security || || || || || || || ||
management system within the context of an organization? - ✔✔ISO/IEC 27001:2013 || || || || || || || || || ||
An organization located in Europe maintains a large amount of user data by following all
|| || || || || || || || || || || || || || ||
the security-related laws. It also follows GDPR protection principles, one of which states
|| || || || || || || || || || || || ||
that the organization should only collect and process data necessary for the specified task.
|| || || || || || || || || || || || ||
Which of the following GDPR protection principle is discussed in the above scenario? -
|| || || || || || || || || || || || || ||
✔✔Data Minimization ||
Which of the following titles in The Digital Millennium Copyright Act (DMCA) allows the
|| || || || || || || || || || || || || ||
owner of a copy of a program to make reproductions or adaptations when these are
|| || || || || || || || || || || || || || ||
necessary to use the program in conjunction with a system? - ✔✔Title III: Computer
|| || || || || || || || || || || || || ||
Maintenance or Repair || ||
Which of the following countries has implemented "The Copyright Act 1968" and "The
|| || || || || || || || || || || || ||
Patents Act 1990"? - ✔✔Australia || || || ||
Given below are the various phases involved in the cyber kill chain methodology.
|| || || || || || || || || || || ||
1. Installation
||
2. Delivery
||
3. Reconnaissance
||
4. Actions on objectives
|| || ||
5. Weaponization
||
6. Exploitation
||
7. Command and control
|| || ||
What is the correct sequence of phases involved in the cyber kill chain methodology? - ✔✔3
|| || || || || || || || || || || || || || ||
-> 5 -> 2 -> 6 -> 1 -> 7 -> 4
|| || || || || || || || || || || ||
, 2
In which of the following phases of cyber kill chain methodology does an adversary
|| || || || || || || || || || || || || ||
distribute USB drives containing malicious payload to the employees of the target
|| || || || || || || || || || || ||
organization? - ✔✔Delivery || ||
Don, a professional hacker, initiated an attack on a target organization. During the course of
|| || || || || || || || || || || || || ||
this attack, he employed automated tools to collect maximum weak points, vulnerabilities,
|| || || || || || || || || || || || ||
and other sensitive information across the target network.
|| || || || || || ||
Which of the following phases of cyber kill chain methodology is Don currently executing
|| || || || || || || || || || || || || ||
in the above scenario? - ✔✔Reconnaissance
|| || || || ||
In which of the following phases of cyber kill chain methodology does the adversary create
|| || || || || || || || || || || || || || ||
a deliverable malicious payload using an exploit and a backdoor? - ✔✔Weaponization
|| || || || || || || || || || ||
Clara, a security professional, while checking the data feeds of the domains, detects
|| || || || || || || || || || || || ||
downloaded malicious files and unsolicited communication with the outside network based || || || || || || || || || ||
on the domains.
|| || ||
Which of the following adversary behaviors was detected by Clara? - ✔✔Unspecified proxy
|| || || || || || || || || || || || ||
activities
John, a professional hacker, was hired by a government agency to penetrate, gain top-secret
|| || || || || || || || || || || || || ||
information from, and damage other government agencies' information systems or || || || || || || || || || ||
networks.
Based on the above scenario, which of the following classes of hacker does John fall in? -
|| || || || || || || || || || || || || || || || ||
✔✔state-sponsored hackers ||
Lionel, a professional hacker motivated by political beliefs, plans to employ various
|| || || || || || || || || || || ||
techniques to create fear of large-scale disruption of computer networks. || || || || || || || || ||
Which of the following types of threat actors does Lionel belong to in the above scenario? -
|| || || || || || || || || || || || || || || || ||
✔✔Cyber Terrorists ||
