Ethical Hacking Quizzes 1-10 Study Questions and Correct Answers
4 views 0 purchase
Course
Ethical Hacking
Institution
Ethical Hacking
A major difference between a hacker and an ethical hacker is the: a) level of technological proficiency each has accomplished. b) social position each has reached. c) education level each has obtained. d) code of ethics to which each subscribes. d) code of ethics to which each subscribes.
Breaking...
Ethical Hacking Quizzes 1-10 Study
Questions and Correct Answers
A major difference between a hacker and an ethical hacker is the:
a) level of technological proficiency each has accomplished.
b) social position each has reached.
c) education level each has obtained.
d) code of ethics to which each subscribes. ✅d) code of ethics to which each
subscribes.
Breaking the trust of the client has placed in the ethical hacker can lead to the:
a) rules of engagement having to be rewritten.
b) planning stage being deemed incomplete.
c) failure of the testing results to accurately portray the organization's assets.
d) question of other details, such as the result of the test. ✅d) question of other details
such as the result of the test.
During the planning phase of a penetration test, the aim should be to:
a) perform the attack and measure the results.
b) report the results of the attack to the organization.
c) research applicable state and federal regulations that apply to the proposed tests.
d)determine why a penetration test and its associated tasks are necessary. ✅d)
determine why a penetration test and its associated tasks are necessary.
Planning, discovery, attack, and reporting are considered:
a) intrusion detection steps.
b) hacking steps.
c) ethical hacking steps.
d) auditing steps. ✅c) ethical hacking steps
What type of penetration testing is most often used when an organization wants to
closely simulate how an attacker views a system?
a) Black-box testing
b) Black-hat testing
c) White-hat testing
d) White-box testing ✅a) Black-box testing
Which of the following is NOT considered on the the three types of controls you can use
in risk mitigation?
a) Administrative
b) Technical
c) Physical
d) Distribution ✅d) Distribution
,Which of the following refers to a pieces of software, a tool, or a technique that targets
or takes advantage of a vulnerability?
a) Asset
b) Exploit
c) Authentication
d) Hacker ✅b) Exploit
Which of the following refers to the structured and methodical means of investigating,
uncovering, attacking, and reporting on a target system's strengths and vulnerabilities?
a) Authentication
b) Penetration testing
c) Ethical evaluation
c) Hacktivism ✅b) Penetration testing
Which of the following tests includes anything that targets equipment or facilities and
can also include actions against people, such as social engineering-related threats?
a) Administrative attack
b) Assessment attack
c) Technical attack
d) Physical attack ✅d) Physical attack
Which of the following tests is designed to simulate an attack against technology from
either the inside or the outside depending on the goals and intentions of the client?
a) Assessment attack
b) Technical attack
c) Physical attack
d) Administrative attack ✅b) Technical attack
A hierarchical system of servers and services specifically designed to translate IP
addresses into domain names (forward lookups) as well as revers (reverse lookups_ is
called?
a) a sniffer.
b) Domain Name Service (DNS).
c) User Datagram Protocol (UDP).
d) a packet filter. ✅b) Domain Name Service (DNS).
Blocking everything and allowing only what is needed is known as:
a) the deny-all principle.
b) the blocking principle.
c) encapsulation.
d) port scanning. ✅a) the deny-all principle.
Repeaters, hubs, bridges, and switches are part of:
a) Network and Internet Layer equipment
b) Host-to-Host Layer equipment
c) Physical or Network Access Layer equipment
The act of a third party covertly monitoring Internet and telephone conversations is
called:
a) eavesdropping.
b) spoofing.
c) interception.
d) wiretapping. ✅d) wiretapping.
Which of the following is a connection-less protocol that offers speed and low overhead
as its primary advantage?
a) Layer 2 Tunneling Protocol
b) Serial Line Interface Protocol
c) User Datagram Protocol
d) Reverse Address Resolution Protocol ✅c) User Datagram Protocol
Which of the following is a largely obsolete protocol that was originally designed for the
use in the connections established by modems?
a) Serial Line Interface Protocol
b) Reverse Address Resolution Protocol
c) Layer 2 Tunneling Protocol
d) User Datagram Protocol ✅a) Serial Line Interface Protocol
Which of the following is method of separating a network into segments for better
management and performance?
a) Teardrop
b) Frame
c) Subnet mask
d) Sniffer ✅c) Subnet mask
Which of the following offers the greatest level of security for wireless networks?
a) Wi-Fi Protected Access 2 (WPA2)
b) Wi-Fi Protected Access (WPA)
c) WIred Equivalent Privacy (WEP)
d) Wi-Fi Protected Access 3 (WPA3) ✅a) Wi-Fi Protected Access 2 (WPA2)
Which of the following regulates the flow of traffic between different networks?
a) A firewall
b) A frame
c) A sniffer
d) Encapsulation ✅a) A firewall
Which routing protocol calculates the best path to a target network by one or more
metrics such as delay, speed, or bandwidth?
a) Static
, b) Broadcast
c) Distance vector
d) Link state ✅d) Link state
A hash algorithm can be compromised with a collision, which occurs when two separate
and different messages or inputs pass through the hashing process and generate:
a) values so different that they appear to be an attack.
b) the same value.
c) similar values.
d) values that are not prime numbers. ✅b) the same value.
A one-way hashing function is designed to be:
a) difficult to compute as well as undo or reverse.
b) relatively easy to compute as well as undo or reverse.
c) relatively easy to compute one way, but hard to undo or reverse.
d) difficult to compute one way, but easy to undo or reverse. ✅c) relatively easy to
compute one way, but easy to undo or reverse.
Cryptography provides an invaluable service to security by providing all of the following
except:
a) a means to safeguard information against unauthorized disclosure.
b) a means to detect modification of information.
c) the ability to have confidence as to the true origin of information through what is
known as nonrepudiation.
d) the ability to hack into systems and remain undetected. ✅d) the ability to hack into
systems and remain undetected.
Digital certificates:
a) cannot be used as legal tender
b) provide a list of certificates that have been revoked.
c) determine key lifetime.
d) provide a form of identification on the Internet and in other areas. ✅d) provide a
form of identification on the Internet and in other areas.
In using symmetric encryption to encrypt a given pieces of information, there are two
different mechanisms an algorithm can use, either:
a) voice or audio.
b) cleartext or plaintext.
c) a stream cipher or a block cipher.
d) A Caesar cipher or ciphertext. ✅c) a stream cipher or a block cipher.
Message Security Protocol (MSP), Secure Shell (SSH), and Secure Hypertext Transfer
Protocol (S-HTTP) are:
a) forms of brute-force password attacks.
b) common cryptographic systems.
c) common hashing algorithms.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller twishfrancis. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $11.99. You're not tied to anything after your purchase.
