Ethical Hacking Quiz 6
Which of the following statement(s) is/are true?
A) Hypervisor allows one host system to support multiple virtual machines by sharing the resources.
B) Hypervisor allows one host system to support multiple virtual machines; however, it does not allow resource sharing.
C) Kali-linux is a Debian-based Linux distribution that has collection of tools that are useful for penetration testing.
A) Hypervisor allows one host system to support multiple virtual machines by sharing the resources.
B) Hypervisor allows one host system to support multiple virtual machines; however, it does not allow resource sharing.
C) Kali-linux is a Debian-based Linux distribution that has collection of tools that are useful for penetration testing.
A) Hypervisor allows one host system to support multiple virtual machines by sharing the resources.
C) Kali-linux is a Debian-based Linux distribution that has collection of tools that are useful for penetration testing.
C) Kali-linux is a Debian-based Linux distribution that has collection of tools that are useful for penetration testing.
Which of the following statement(s) is/are true about “Active Reconnaissance”?
A) Information about the target is collected indirectly.
B) Information about the target is collected directly.
C) There is a chance of detection.
D) There is no chance of detection.
A) Information about the target is collected indirectly.
B) Information about the target is collected directly.
C) There is a chance of detection.
D) There is no chance of detection.
B) Information about the target is collected directly.
C) There is a chance of detection.
C) There is a chance of detection.
Which of the following information cannot be retrieved using Whois database lookup?
A) Registration details
B) Name Servers.
C) IP Address
D) History of the website
A) Registration details
B) Name Servers.
C) IP Address
D) History of the website
The information that cannot be retrieved using a Whois database lookup is History of the website.
What is the main objective of port scan?
A) Identification of live hosts.
B) Identification of services running in the target system.
C) Identification of the operating system of the target systems.
D) None of these.
A) Identification of live hosts.
B) Identification of services running in the target system.
C) Identification of the operating system of the target systems.
D) None of these.
The main objective of a port scan is to identify the services running on the target system.
Which of the following statement(s) is/are true for host discovery using ICMP ECHO sweep?
A) For ICMP ECHO sweep; -PP option is used.
B) The attacker sends out an ICMP ECHO request packet to the target, and waits for an ICMP ECHO reply response.
C) If the attacker does not receive an ICMP ECHO reply then the host is considered as down.
A) For ICMP ECHO sweep; -PP option is used.
B) The attacker sends out an ICMP ECHO request packet to the target, and waits for an ICMP ECHO reply response.
C) If the attacker does not receive an ICMP ECHO reply then the host is considered as down.
B) The attacker sends out an ICMP ECHO request packet to the target, and waits for an ICMP ECHO reply response.
C) If the attacker does not receive an ICMP ECHO reply then the host is considered as down.
C) If the attacker does not receive an ICMP ECHO reply then the host is considered as down.
Which of the following options are used for host discovery using TCP and UDP sweep respectively?
A) PE, PA
B) PP, PU
C) PM, PA
D) PA, PU
A) PE, PA
B) PP, PU
C) PM, PA
D) PA, PU
For host discovery, TCP and UDP sweeps use PA and PU respectively.
Which of the following option is used for OS detection?
A) PU
B) Os
C) O
D) so
A) PU
B) Os
C) O
D) so
The option used for OS detection is O.
How many ports are scanned in NMAP for a target system if we use -F option ________ ?
100
If we want to disable host discovery in port scanning, then which of the following options can be used?
A) F
B) p
C) Pn
D) sn
A) F
B) p
C) Pn
D) sn
To disable host discovery in port scanning, the option to use is Pn.
Which of the following can be used to reconnaissance countermeasures?
A) Do not release critical info in public.
B) Encrypt password and sensitive information.
C) Restrict zone transfer.
D) Examine logs periodically.
E) Use firewalls.
A) Do not release critical info in public.
B) Encrypt password and sensitive information.
C) Restrict zone transfer.
D) Examine logs periodically.
E) Use firewalls.
All of the given options can be used to reconnaissance countermeasures.
Which of the following NMAP options can be used to run some of the nmap scripts?
a. PE
b. PU
c. A
d. O
e. SC
a. PE
b. PU
c. A
d. O
e. SC
The correct NMAP options that can be used to run some of the nmap scripts are A and SC.
Which of the following NMAP scripts is used to perform DoS attack?
a. ssh-brute
b. smb-os-discovery
c. smb-brute
d. http-dos-attack
a. ssh-brute
b. smb-os-discovery
c. smb-brute
d. http-dos-attack
The correct NMAP script used to perform a DoS attack is none of these.
Which of the following tools/software can be used for scanning vulnerabilities?
a. Nessus
b. Hydra
c. crunch
d. hascat
e. NMAP
a. Nessus
b. Hydra
c. crunch
d. hascat
e. NMAP
The tools/software that can be used for scanning vulnerabilities are Nessus and NMAP.
Which of the following tools can be used to create a dictionary for dictionary-based password attack?
a. Hydra
b. Crunch
c. SQLMAP
d. None of these.
a. Hydra
b. Crunch
c. SQLMAP
d. None of these.
The tool that can be used to create a dictionary for a dictionary-based password attack is Crunch.
Consider the following statements:
(i) User enumeration refers to collecting details of users and their privileges.
(ii) Hydra and Crunch tool can be used for user enumeration.
(i) User enumeration refers to collecting details of users and their privileges.
(ii) Hydra and Crunch tool can be used for user enumeration.
Among the given statements, only (i) is true.
Assume that we want to connect to a target system (10.0.0.1) through ssh service, the username and password are “user” and “pwd” respectively. Which of the following commands can be used to create an ssh connection?
a. ssh 10.0.0.1 -l user -p pwd
b. ssh 10.0.0.1 -I user
c. ssh 10.0.0.1@ user
a. ssh 10.0.0.1 -l user -p pwd
b. ssh 10.0.0.1 -I user
c. ssh 10.0.0.1@ user
The correct command to create an SSH connection are ssh 10.0.0.1 -I user and ssh 10.0.0.1@ user.
How many words will be generated by crunch tool if we use the crunch command as “crunch 1 2 0123456789”?
The number of words generated by the crunch tool using the command “crunch 1 2 0123456789” is 110.
Which of the following can be used for gaining the same level of privilege as the existing one?
a. Vertical privilege escalation.
b. Horizontal privilege escalation.
c. Diagonal privilege escalation.
d. Triangular privilege escalation.
a. Vertical privilege escalation.
b. Horizontal privilege escalation.
c. Diagonal privilege escalation.
d. Triangular privilege escalation.
The method used for gaining the same level of privilege as the existing one is Horizontal privilege escalation.
Which of the following tools can be used for user enumeration?
a. Hydra
b. Crunch
c. Enum4linux
d. None of these.
a. Hydra
b. Crunch
c. Enum4linux
d. None of these.
The tool that can be used for user enumeration is Enum4linux.
To download any file from the target system that is connected through FTP connection, which of the following commands can be used?
a. put
b. get
c. upload
d. download
a. put
b. get
c. upload
d. download
To download any file from the target system connected through FTP, you can use the get command.
Which of the following statement(s) is/are false?
a. Malware are malicious software that damages or disables computer systems and gives limited or full control to the malware creator for the purpose of theft or fraud.
b. Malware can get inside systems through file sharing or fake programs.
c. Malwares can alter, corrupt, modify or delete some data/files.
a. Malware are malicious software that damages or disables computer systems and gives limited or full control to the malware creator for the purpose of theft or fraud.
b. Malware can get inside systems through file sharing or fake programs.
c. Malwares can alter, corrupt, modify or delete some data/files.
None of the statements provided are false.
Which of the following commands is used to delete an ARP entry?
a. arp -l
b. arp-s
c. arp-i
d. arp-e
e. None of these
a. arp -l
b. arp-s
c. arp-i
d. arp-e
e. None of these
The command used to delete an ARP entry is none of these.
Also Available:
Leave a comment