1. What is the primary goal of ethical hacking?
a) To perform cybercrimes legally
b) To identify and fix security vulnerabilities
c) To exploit systems for financial gain
d) To create malware and viruses
Answer: b) To identify and fix security vulnerabilities
Explanation: Ethical hacking aims to discover and resolve security weaknesses before malicious hackers can exploit them. Ethical hackers work within legal and professional guidelines.
2. What is the difference between a black hat hacker and a white hat hacker?
a) White hat hackers operate legally, black hat hackers do not
b) White hat hackers use different tools than black hat hackers
c) Black hat hackers only attack government systems
d) Black hat hackers use artificial intelligence while white hats do not
Answer: a) White hat hackers operate legally, black hat hackers do not
Explanation: White hat hackers are cybersecurity professionals who follow laws and ethical guidelines, while black hat hackers engage in malicious cyber activities for personal gain.
3. Which of the following is NOT a phase of ethical hacking?
a) Reconnaissance
b) Scanning
c) Data Deletion
d) Gaining Access
Answer: c) Data Deletion
Explanation: Ethical hacking consists of reconnaissance, scanning, gaining access, maintaining access, and covering tracks. Data deletion is a malicious action, not a part of ethical hacking.
4. Which ethical hacking technique involves gathering publicly available information about a target?
a) Footprinting
b) Privilege Escalation
c) Exploitation
d) Malware Injection
Answer: a) Footprinting
Explanation: Footprinting involves collecting information like domain details, IP addresses, and social engineering data using publicly available sources.
5. What is the first step a hacker takes in the hacking process?
a) Scanning the target system
b) Covering their tracks
c) Performing reconnaissance
d) Exploiting vulnerabilities
Answer: c) Performing reconnaissance
Explanation: Reconnaissance is the initial phase where hackers gather information about the target before launching an attack.
6. What is the primary legal requirement for ethical hackers before performing security testing?
a) Using only automated tools
b) Signing a non-disclosure agreement (NDA)
c) Getting explicit permission from the organization
d) Ensuring they use a VPN
Answer: c) Getting explicit permission from the organization
Explanation: Ethical hackers must have written permission from the organization before testing its systems to ensure compliance with legal and ethical standards.
7. Which term refers to unauthorized individuals gaining access to a system?
a) Privilege escalation
b) Social engineering
c) Intrusion
d) Hardening
Answer: c) Intrusion
Explanation: Intrusion occurs when an attacker bypasses security mechanisms and gains unauthorized access to a system.
8. What is the purpose of penetration testing?
a) To permanently disable security measures
b) To verify and strengthen security controls
c) To steal sensitive information
d) To increase system performance
Answer: b) To verify and strengthen security controls
Explanation: Penetration testing simulates attacks on a system to identify weaknesses and improve security.
9. What is social engineering in cybersecurity?
a) An advanced hacking tool
b) A method of physically attacking data centers
c) Manipulating people into revealing sensitive information
d) A new type of firewall technology
Answer: c) Manipulating people into revealing sensitive information
Explanation: Social engineering exploits human psychology to gain unauthorized access to confidential information.
10. Which hacker type typically finds and reports vulnerabilities for a reward?
a) Script Kiddies
b) Hacktivists
c) Bug Bounty Hunters
d) State-Sponsored Hackers
Answer: c) Bug Bounty Hunters
Explanation: Bug bounty hunters legally test software and websites for security vulnerabilities and receive rewards from companies.
11. What is the primary motivation of hacktivists?
a) Financial gain
b) Political or social activism
c) Destroying businesses
d) Selling stolen credentials
Answer: b) Political or social activism
Explanation: Hacktivists use hacking to promote political or social causes, often targeting governments and corporations.
12. What is a zero-day vulnerability?
a) A known vulnerability with a fix available
b) A vulnerability exploited before a patch is released
c) A software update issue
d) A bug that cannot be exploited
Answer: b) A vulnerability exploited before a patch is released
Explanation: Zero-day vulnerabilities are unknown to vendors and can be exploited before a fix is available.
13. What is the main ethical concern of penetration testing?
a) The use of AI in hacking
b) Unauthorized data exposure
c) Hardware degradation
d) Increased network traffic
Answer: b) Unauthorized data exposure
Explanation: Ethical hackers must ensure that sensitive data is not misused or exposed during penetration testing.
14. What is the goal of maintaining access in ethical hacking?
a) Ensuring continued exploitation
b) Creating persistence for further analysis
c) Deleting logs to cover tracks
d) Making systems vulnerable to future attacks
Answer: b) Creating persistence for further analysis
Explanation: Ethical hackers maintain access to test long-term security risks but must do so ethically and legally.
15. Which tool is commonly used for ethical hacking?
a) Microsoft Word
b) Wireshark
c) Photoshop
d) Netflix
Answer: b) Wireshark
Explanation: Wireshark is a network analysis tool used to inspect packets and detect security threats.
16. What is a honeypot in cybersecurity?
a) A type of firewall
b) A security tool to attract hackers
c) An exploit kit
d) A malware detection tool
Answer: b) A security tool to attract hackers
Explanation: Honeypots simulate vulnerable systems to lure attackers and study their behavior.
17. What is the primary objective of ethical hacking reports?
a) To expose vulnerabilities publicly
b) To provide recommendations for security improvements
c) To sell information to competitors
d) To increase hacking skills
Answer: b) To provide recommendations for security improvements
Explanation: Ethical hacking reports document vulnerabilities and suggest solutions to improve security.
18. What is an ethical hacker’s responsibility after a penetration test?
a) Erase all evidence of testing
b) Inform stakeholders about discovered vulnerabilities
c) Leave backdoors for future testing
d) Attack the system to test resilience
Answer: b) Inform stakeholders about discovered vulnerabilities
Explanation: Ethical hackers must report findings and assist in remediation to improve security.
19. What is an example of a passive attack?
a) Man-in-the-middle attack
b) Eavesdropping
c) Ransomware deployment
d) SQL injection
Answer: b) Eavesdropping
Explanation: Passive attacks do not alter data but monitor communications to gather sensitive information.
20. What certification is widely recognized for ethical hackers?
a) CCNA
b) CEH (Certified Ethical Hacker)
c) PMP
d) AWS Solutions Architect
Answer: b) CEH (Certified Ethical Hacker)
Explanation: The CEH certification is one of the most recognized credentials for ethical hackers.
21. Which of the following best describes the concept of “security through obscurity”?
a) Using encryption to protect sensitive data
b) Keeping security mechanisms secret rather than properly securing them
c) Using complex passwords to prevent attacks
d) Implementing firewalls to block unauthorized access
Answer: b) Keeping security mechanisms secret rather than properly securing them
Explanation: Security through obscurity is a flawed security approach that relies on keeping security measures hidden rather than implementing strong, layered security practices.
22. What is the primary objective of vulnerability assessment in ethical hacking?
a) To gain unauthorized access to a system
b) To identify and prioritize security weaknesses
c) To develop zero-day exploits
d) To disable firewalls and antivirus software
Answer: b) To identify and prioritize security weaknesses
Explanation: Vulnerability assessment focuses on detecting security flaws in a system and assessing their risk levels to help organizations mitigate threats.
23. Which of the following is an example of active reconnaissance?
a) Using Google to search for a company’s email addresses
b) Analyzing DNS records of a target domain
c) Sending crafted network packets to probe vulnerabilities
d) Observing public social media profiles of employees
Answer: c) Sending crafted network packets to probe vulnerabilities
Explanation: Active reconnaissance involves direct interaction with a target system, such as scanning for open ports and vulnerabilities.
24. What is the purpose of the OWASP Top 10 list?
a) To rank the best security professionals
b) To track the top 10 most common web application vulnerabilities
c) To provide a certification for ethical hackers
d) To test the effectiveness of antivirus programs
Answer: b) To track the top 10 most common web application vulnerabilities
Explanation: The OWASP Top 10 is an industry-recognized list of the most critical web security risks, including SQL injection, XSS, and broken authentication.
25. What is a botnet in cybersecurity?
a) A security tool used by ethical hackers
b) A network of infected computers controlled by an attacker
c) A secure VPN network
d) A firewall enhancement
Answer: b) A network of infected computers controlled by an attacker
Explanation: A botnet is a group of compromised computers used for malicious activities, such as DDoS attacks, spam distribution, and credential theft.
26. What type of malware locks a user’s files and demands a ransom?
a) Trojan horse
b) Ransomware
c) Spyware
d) Rootkit
Answer: b) Ransomware
Explanation: Ransomware encrypts a user’s files and demands a payment (ransom) in exchange for decryption keys.
27. What is a primary characteristic of an Advanced Persistent Threat (APT)?
a) Short-term, random cyberattacks
b) Large-scale phishing campaigns
c) Highly targeted, long-term cyber espionage
d) Attacks limited to personal devices
Answer: c) Highly targeted, long-term cyber espionage
Explanation: APTs are long-term, stealthy cyberattacks targeting specific organizations or nations, often backed by state-sponsored groups.
28. Which of the following is an example of an insider threat?
a) A cybercriminal launching a phishing campaign
b) A software developer accidentally leaking credentials
c) A government hacking another nation’s infrastructure
d) A hacker breaching a public Wi-Fi network
Answer: b) A software developer accidentally leaking credentials
Explanation: Insider threats come from within an organization, whether intentional (malicious insiders) or unintentional (accidental leaks or mistakes).
29. What is the main function of a firewall?
a) Encrypt all internet traffic
b) Block all external communication
c) Monitor and control network traffic based on security rules
d) Provide endpoint protection
Answer: c) Monitor and control network traffic based on security rules
Explanation: Firewalls enforce security policies by filtering incoming and outgoing traffic based on predefined rules.
30. Which tool is commonly used for password cracking in ethical hacking?
a) Nmap
b) Metasploit
c) John the Ripper
d) Wireshark
Answer: c) John the Ripper
Explanation: John the Ripper is a password-cracking tool used for brute-force and dictionary attacks.
31. What is an air-gapped system?
a) A system that requires biometric authentication
b) A system that is physically and digitally isolated from other networks
c) A system that only operates in cloud environments
d) A network with weak security controls
Answer: b) A system that is physically and digitally isolated from other networks
Explanation: Air-gapped systems are completely disconnected from the internet and external networks for high-security purposes.
32. What is the main goal of a Denial of Service (DoS) attack?
a) To steal sensitive information
b) To gain remote control of a system
c) To overwhelm a system and disrupt its functionality
d) To bypass authentication
Answer: c) To overwhelm a system and disrupt its functionality
Explanation: DoS attacks flood a target system with excessive requests, causing service downtime.
33. Which of the following is an example of multi-factor authentication (MFA)?
a) Entering a username and password
b) Using a single security question
c) Entering a password and verifying via SMS OTP
d) Using only biometric authentication
Answer: c) Entering a password and verifying via SMS OTP
Explanation: MFA uses multiple authentication factors like passwords, biometrics, or OTPs to enhance security.
34. What is a common attack vector for gaining initial access to an organization’s network?
a) Exploiting weak passwords
b) Installing antivirus software
c) Patching software vulnerabilities
d) Enabling two-factor authentication
Answer: a) Exploiting weak passwords
Explanation: Weak passwords are often targeted by brute-force or credential stuffing attacks.
35. What does “zero trust” security model advocate?
a) Allowing unrestricted network access
b) Trusting internal users but verifying outsiders
c) “Never trust, always verify” approach
d) Disabling firewalls to improve performance
Answer: c) “Never trust, always verify” approach
Explanation: The zero trust model assumes that no one inside or outside the network is trusted by default.
36. What does a red team do in cybersecurity?
a) Develops cybersecurity policies
b) Defends against cyber threats
c) Simulates real-world attacks on an organization
d) Installs security updates
Answer: c) Simulates real-world attacks on an organization
Explanation: Red teams act as adversaries, attempting to breach security defenses to test an organization’s resilience.
37. What is a major risk of using public Wi-Fi networks?
a) High internet speed
b) Secure encryption protocols
c) Man-in-the-middle (MITM) attacks
d) Improved security features
Answer: c) Man-in-the-middle (MITM) attacks
Explanation: Public Wi-Fi networks are vulnerable to MITM attacks, where an attacker intercepts and alters communications.
38. What is a watering hole attack?
a) Infecting a website commonly visited by a target
b) Blocking access to specific websites
c) Encrypting all website traffic
d) Exploiting cloud-based services
Answer: a) Infecting a website commonly visited by a target
Explanation: In a watering hole attack, hackers compromise popular websites to infect target users.
39. What is the main characteristic of a polymorphic virus?
a) It self-replicates to spread across networks
b) It encrypts files and demands a ransom
c) It constantly changes its code to evade detection
d) It only affects mobile devices
Answer: c) It constantly changes its code to evade detection
Explanation: Polymorphic viruses alter their code each time they execute, making them harder to detect by signature-based antivirus programs.
40. What is the primary purpose of a keylogger?
a) To encrypt files for security
b) To record keystrokes and steal sensitive information
c) To speed up system performance
d) To detect malware on a system
Answer: b) To record keystrokes and steal sensitive information
Explanation: Keyloggers secretly record keystrokes entered by a user to capture sensitive data like passwords and credit card details.
41. What is the main function of a sandbox in cybersecurity?
a) To store backup files
b) To safely test suspicious programs in isolation
c) To secure web browsing activity
d) To analyze encrypted communications
Answer: b) To safely test suspicious programs in isolation
Explanation: A sandbox is an isolated environment where malware can be executed and analyzed without affecting the main system.
42. What is the goal of an ethical hacker performing privilege escalation?
a) To reduce security risks
b) To gain higher system privileges for security testing
c) To lock out other users
d) To install unauthorized software
Answer: b) To gain higher system privileges for security testing
Explanation: Privilege escalation helps ethical hackers identify security misconfigurations that allow attackers to gain higher-level access.
43. What type of attack involves injecting malicious SQL queries into a database?
a) Cross-Site Scripting (XSS)
b) Denial of Service (DoS)
c) SQL Injection (SQLi)
d) Phishing
Answer: c) SQL Injection (SQLi)
Explanation: SQL injection exploits vulnerabilities in web applications to execute unauthorized database queries, potentially exposing sensitive data.
44. What is the purpose of an Intrusion Detection System (IDS)?
a) To actively block attacks
b) To detect and alert administrators about suspicious activities
c) To encrypt all network traffic
d) To create firewalls
Answer: b) To detect and alert administrators about suspicious activities
Explanation: IDS monitors network traffic and detects potential threats but does not actively block them.
45. What is the difference between black-box and white-box penetration testing?
a) Black-box testing assumes no prior knowledge, white-box testing has full knowledge of the system
b) Black-box testing is illegal, white-box testing is legal
c) Black-box testing uses automated tools only, white-box uses manual testing
d) Black-box testing is performed only on cloud systems
Answer: a) Black-box testing assumes no prior knowledge, white-box testing has full knowledge of the system
Explanation: Black-box testing simulates an external attack without internal knowledge, whereas white-box testing provides full details about the system.
46. What is a rainbow table used for?
a) Encrypting sensitive data
b) Storing password hashes for authentication
c) Precomputed hash values used to crack passwords faster
d) Monitoring network activity
Answer: c) Precomputed hash values used to crack passwords faster
Explanation: Rainbow tables store precomputed hashes for passwords, making it easier to crack hashed passwords.
47. Which type of hacker breaks into systems to expose vulnerabilities for ethical or legal reasons?
a) White Hat Hacker
b) Black Hat Hacker
c) Gray Hat Hacker
d) Script Kiddie
Answer: c) Gray Hat Hacker
Explanation: Gray Hat Hackers find vulnerabilities without permission but report them without malicious intent.
48. What is a major risk of using outdated software?
a) Increased processing speed
b) Improved security features
c) Unpatched vulnerabilities can be exploited by attackers
d) Enhanced user interface
Answer: c) Unpatched vulnerabilities can be exploited by attackers
Explanation: Outdated software lacks the latest security patches, making it vulnerable to exploits.
49. What does an attacker achieve with a buffer overflow exploit?
a) Blocks all network traffic
b) Gains unauthorized access by overwriting memory locations
c) Encrypts all system files
d) Sends phishing emails
Answer: b) Gains unauthorized access by overwriting memory locations
Explanation: Buffer overflow attacks exploit poor memory management to execute arbitrary code or crash a system.
50. What is a primary goal of ethical hacking?
a) To expose sensitive user data
b) To identify and fix security weaknesses
c) To sell vulnerabilities to black market buyers
d) To develop ransomware
Answer: b) To identify and fix security weaknesses
Explanation: Ethical hacking aims to find and mitigate security risks before attackers can exploit them.
51. What is an exploit kit?
a) A collection of security patches
b) A set of tools used to automate cyberattacks
c) A forensic investigation toolkit
d) A firewall enhancement
Answer: b) A set of tools used to automate cyberattacks
Explanation: Exploit kits contain pre-made exploits that attackers use to automate system compromises.
52. What is the function of the Metasploit framework?
a) To test network bandwidth
b) To simulate cyberattacks for security testing
c) To encrypt files for secure transmission
d) To create security patches
Answer: b) To simulate cyberattacks for security testing
Explanation: Metasploit is a penetration testing tool used for exploiting vulnerabilities in a controlled environment.
53. What is the primary method for securing wireless networks?
a) Using WEP encryption
b) Enabling WPA3 encryption
c) Hiding the SSID
d) Using default router settings
Answer: b) Enabling WPA3 encryption
Explanation: WPA3 encryption offers strong security and protects against brute-force attacks.
54. What is the difference between sniffing and spoofing?
a) Sniffing captures network traffic, while spoofing involves identity deception
b) Sniffing is always legal, while spoofing is always illegal
c) Sniffing affects physical devices, while spoofing affects software
d) Sniffing prevents cyberattacks, while spoofing enables them
Answer: a) Sniffing captures network traffic, while spoofing involves identity deception
Explanation: Sniffing intercepts data packets, while spoofing involves impersonating another entity.
55. What is spear phishing?
a) A broad email scam targeting thousands of users
b) A highly targeted phishing attack directed at specific individuals
c) A type of ransomware attack
d) A Wi-Fi hacking technique
Answer: b) A highly targeted phishing attack directed at specific individuals
Explanation: Spear phishing is personalized to trick a specific individual into revealing sensitive data.
56. What is the role of an ethical hacker in an organization?
a) To perform malicious attacks
b) To find security vulnerabilities and report them
c) To spread malware for testing purposes
d) To disable firewalls and increase network traffic
Answer: b) To find security vulnerabilities and report them
Explanation: Ethical hackers identify security risks and help improve cybersecurity.
57. What does the acronym CIA stand for in cybersecurity?
a) Central Intelligence Agency
b) Cybersecurity Intelligence Analysis
c) Confidentiality, Integrity, and Availability
d) Computerized Information Access
Answer: c) Confidentiality, Integrity, and Availability
Explanation: The CIA Triad is a fundamental cybersecurity principle ensuring data confidentiality, integrity, and availability.
58. What is a logic bomb in cybersecurity?
a) A physical explosive used in cyberwarfare
b) A program that executes a malicious function when triggered
c) A secure encryption technique
d) A method of password cracking
Answer: b) A program that executes a malicious function when triggered
Explanation: A logic bomb is a hidden malicious code that activates when specific conditions are met.
59. Which attack tricks a user into executing malicious scripts by embedding them in web pages?
a) SQL Injection
b) Cross-Site Scripting (XSS)
c) Buffer Overflow
d) Man-in-the-Middle
Answer: b) Cross-Site Scripting (XSS)
Explanation: XSS attacks inject malicious scripts into web pages, executing them in a victim’s browser.
60. What is tailgating in cybersecurity?
a) A phishing technique using social engineering
b) Gaining unauthorized physical access by following someone
c) A password cracking method
d) A DDoS attack variant
Answer: b) Gaining unauthorized physical access by following someone
Explanation: Tailgating occurs when an unauthorized person enters a secured area by closely following an authorized user.
61. What does the term “zero trust” imply in cybersecurity?
a) Trusting internal users while blocking outsiders
b) Eliminating firewalls for better performance
c) Always verifying user identity, regardless of location
d) Allowing unrestricted network access
Answer: c) Always verifying user identity, regardless of location
Explanation: The Zero Trust Model assumes no implicit trust and requires continuous verification.
62. What does a black-box penetration tester lack?
a) Knowledge of the target system’s internal structure
b) Ethical hacking certifications
c) Access to hacking tools
d) Permission to perform tests
Answer: a) Knowledge of the target system’s internal structure
Explanation: Black-box testers perform tests without prior knowledge of the system, mimicking real-world attackers.
63. What is a covert channel?
a) An encrypted messaging application
b) A hidden communication method used for data exfiltration
c) A VPN-based secure connection
d) A legal way to share confidential information
Answer: b) A hidden communication method used for data exfiltration
Explanation: Covert channels allow stealthy data transfer outside standard communication paths.
64. What is a watering hole attack?
a) Infecting commonly visited websites to compromise targets
b) Sending phishing emails to employees
c) Exploiting database vulnerabilities
d) Hacking only government websites
Answer: a) Infecting commonly visited websites to compromise targets
Explanation: In a watering hole attack, hackers compromise frequently visited sites to target users.
65. What is a security patch?
a) A method of blocking cyberattacks
b) A software update fixing vulnerabilities
c) A firewall enhancement
d) A hacking technique
Answer: b) A software update fixing vulnerabilities
Explanation: Security patches fix software vulnerabilities to prevent exploitation by attackers.
66. What is an evil twin attack?
a) Cloning a user’s device for monitoring
b) Creating a fake Wi-Fi hotspot to steal data
c) Exploiting web application vulnerabilities
d) Using two-factor authentication incorrectly
Answer: b) Creating a fake Wi-Fi hotspot to steal data
Explanation: Evil twin attacks trick users into connecting to malicious Wi-Fi networks.
67. What is the primary goal of ethical hacking?
a) To expose system vulnerabilities for personal gain
b) To find and fix security flaws before malicious hackers exploit them
c) To disable security mechanisms permanently
d) To launch ransomware attacks
Answer: b) To find and fix security flaws before malicious hackers exploit them
Explanation: Ethical hackers identify and mitigate vulnerabilities before attackers can exploit them.
68. What is a SYN flood attack?
a) A phishing technique
b) A denial-of-service attack exploiting TCP handshake mechanisms
c) A buffer overflow exploit
d) A method to encrypt sensitive data
Answer: b) A denial-of-service attack exploiting TCP handshake mechanisms
Explanation: SYN flood attacks overload a system by sending excessive TCP handshake requests.
69. What is the purpose of data exfiltration?
a) Encrypting all files on a system
b) Stealing and transferring sensitive data from a target system
c) Protecting user credentials
d) Preventing malware infections
Answer: b) Stealing and transferring sensitive data from a target system
Explanation: Data exfiltration involves stealthily extracting sensitive information from a system.
70. What is the function of a honeynet?
a) A type of encryption tool
b) A decoy network designed to attract and analyze attackers
c) A network monitoring software
d) A cybersecurity certification
Answer: b) A decoy network designed to attract and analyze attackers
Explanation: Honeynets are networks of honeypots that trap and monitor cybercriminals.
71. What is the goal of a brute-force attack?
a) To encrypt user files
b) To repeatedly guess passwords until the correct one is found
c) To disable firewalls
d) To install ransomware
Answer: b) To repeatedly guess passwords until the correct one is found
Explanation: Brute-force attacks attempt to crack passwords using continuous trial-and-error attempts.
72. Which attack targets human psychology to manipulate users into giving up sensitive information?
a) SQL Injection
b) Cross-Site Scripting (XSS)
c) Social Engineering
d) DNS Poisoning
Answer: c) Social Engineering
Explanation: Social engineering exploits human psychology to trick users into revealing sensitive data.
73. What does an attacker do in a Man-in-the-Middle (MITM) attack?
a) Exploits database vulnerabilities
b) Intercepts and alters communication between two parties
c) Performs unauthorized physical access
d) Uses ransomware to encrypt files
Answer: b) Intercepts and alters communication between two parties
Explanation: MITM attacks allow attackers to eavesdrop or modify communications between two entities.
74. What is the purpose of penetration testing?
a) To analyze malware behavior
b) To verify and improve security defenses
c) To permanently disable security mechanisms
d) To infect systems with spyware
Answer: b) To verify and improve security defenses
Explanation: Penetration testing simulates cyberattacks to identify and fix security vulnerabilities.
75. What is the primary purpose of ethical hacking in an organization?
a) To bypass security measures and gain unauthorized access
b) To simulate real-world attacks and improve cybersecurity defenses
c) To develop and sell hacking tools
d) To exploit vulnerabilities for financial gain
Answer: b) To simulate real-world attacks and improve cybersecurity defenses
Explanation: Ethical hacking involves simulating attacks to identify vulnerabilities and strengthen security.
76. What type of cyber attack relies on guessing or cracking passwords by systematically trying every possible combination?
a) Man-in-the-Middle attack
b) Brute-force attack
c) Phishing attack
d) SQL Injection
Answer: b) Brute-force attack
Explanation: Brute-force attacks use automated tools to try different password combinations until the correct one is found.
77. What is the purpose of a session hijacking attack?
a) To inject malicious SQL queries into a database
b) To steal a valid user session and gain unauthorized access
c) To encrypt files and demand ransom
d) To flood a system with excessive traffic
Answer: b) To steal a valid user session and gain unauthorized access
Explanation: Session hijacking exploits stolen session tokens to gain unauthorized access to an account.
78. Which of the following is an example of a phishing attack?
a) Sending mass emails with fake login pages to steal credentials
b) Gaining access to a system using brute force
c) Exploiting a vulnerability in a web application
d) Infecting a system with a trojan horse
Answer: a) Sending mass emails with fake login pages to steal credentials
Explanation: Phishing tricks users into revealing sensitive data by impersonating legitimate websites or services.
79. What is the main function of a Security Information and Event Management (SIEM) system?
a) Encrypting data for secure storage
b) Collecting and analyzing security logs for threat detection
c) Testing network vulnerabilities
d) Automating ethical hacking processes
Answer: b) Collecting and analyzing security logs for threat detection
Explanation: SIEM systems aggregate security event data to detect potential threats in real time.
80. What is a rootkit?
a) A hardware-based attack
b) A tool that provides attackers with stealthy access to a system
c) A social engineering technique
d) A cryptographic algorithm
Answer: b) A tool that provides attackers with stealthy access to a system
Explanation: Rootkits hide malicious processes to maintain persistent access to an infected system.
81. What is the main security risk associated with USB devices?
a) They can overheat and cause hardware failure
b) They can contain malware that infects a system upon connection
c) They slow down the operating system
d) They are only useful for transferring files
Answer: b) They can contain malware that infects a system upon connection
Explanation: Malware-infected USBs can execute malicious code automatically when plugged in.
82. What is an attack where hackers manipulate Domain Name System (DNS) records to redirect users to malicious websites?
a) DNS Spoofing
b) URL Hijacking
c) SQL Injection
d) Cross-Site Scripting
Answer: a) DNS Spoofing
Explanation: DNS Spoofing (or poisoning) alters DNS records to redirect users to fraudulent websites.
83. What is the function of a vulnerability scanner in ethical hacking?
a) To actively exploit vulnerabilities
b) To identify and report security weaknesses in a system
c) To remove malware from infected computers
d) To manage user authentication
Answer: b) To identify and report security weaknesses in a system
Explanation: Vulnerability scanners like Nessus and OpenVAS help detect security flaws.
84. What does a penetration tester do after successfully exploiting a vulnerability?
a) Deletes system logs to erase traces
b) Informs the organization and provides mitigation recommendations
c) Installs additional exploits for future attacks
d) Demands ransom for restoring access
Answer: b) Informs the organization and provides mitigation recommendations
Explanation: Ethical hackers report vulnerabilities and suggest fixes to improve security.
85. What is the purpose of an access control list (ACL) in cybersecurity?
a) To allow all network traffic through a firewall
b) To define permissions and restrict access to resources
c) To scan files for malware
d) To increase internet speed
Answer: b) To define permissions and restrict access to resources
Explanation: ACLs enforce security policies by controlling access to files, networks, or systems.
86. What is the primary advantage of two-factor authentication (2FA)?
a) It speeds up the login process
b) It eliminates the need for passwords
c) It adds an extra layer of security beyond just a password
d) It prevents malware infections
Answer: c) It adds an extra layer of security beyond just a password
Explanation: 2FA requires two separate authentication factors, enhancing security.
87. What is an attacker’s objective in a credential stuffing attack?
a) To test random password combinations
b) To use leaked username-password pairs to gain unauthorized access
c) To deploy ransomware
d) To inject malicious SQL queries
Answer: b) To use leaked username-password pairs to gain unauthorized access
Explanation: Credential stuffing reuses compromised credentials to access multiple accounts.
88. What does a white-hat hacker do?
a) Hacks systems illegally
b) Finds and fixes vulnerabilities legally
c) Sells stolen data on the dark web
d) Disables security defenses
Answer: b) Finds and fixes vulnerabilities legally
Explanation: White-hat hackers follow ethical guidelines to improve security.
89. What is an attack called where malware is disguised as legitimate software?
a) Trojan Horse
b) Spyware
c) Adware
d) Ransomware
Answer: a) Trojan Horse
Explanation: Trojans appear legitimate but contain malicious functionality.
90. What type of cybersecurity attack involves intercepting and altering network traffic in real-time?
a) Keylogging
b) Denial of Service
c) Man-in-the-Middle (MITM) attack
d) Cross-Site Scripting
Answer: c) Man-in-the-Middle (MITM) attack
Explanation: MITM attacks allow attackers to eavesdrop and manipulate communications.
91. What is an example of an advanced persistent threat (APT)?
a) A short-lived phishing attack
b) A nation-state conducting cyber espionage for years
c) A hacker exploiting a single vulnerability for quick gain
d) A brute-force attack on a password
Answer: b) A nation-state conducting cyber espionage for years
Explanation: APTs are stealthy, long-term cyberattacks often state-sponsored.
92. What is a major risk associated with using weak encryption algorithms?
a) Slower system performance
b) Easier decryption by attackers
c) Increased storage requirements
d) Better network speed
Answer: b) Easier decryption by attackers
Explanation: Weak encryption can be cracked quickly, exposing sensitive data.
93. What is the primary purpose of a bug bounty program?
a) To encourage ethical hackers to report security vulnerabilities
b) To publicly expose company weaknesses
c) To train employees on cybersecurity
d) To simulate phishing attacks on employees
Answer: a) To encourage ethical hackers to report security vulnerabilities
Explanation: Bug bounty programs allow ethical hackers to find and report vulnerabilities in exchange for rewards.
94. What is the term for software that gathers user information without consent?
a) Adware
b) Spyware
c) Ransomware
d) Rootkit
Answer: b) Spyware
Explanation: Spyware collects sensitive information without the user’s knowledge.
95. What cybersecurity principle states that users should only have the minimum level of access necessary to perform their job?
a) Least Privilege
b) Role-Based Access Control (RBAC)
c) Multi-Factor Authentication (MFA)
d) Defense-in-Depth
Answer: a) Least Privilege
Explanation: The Principle of Least Privilege (PoLP) ensures users only get the access they need, reducing security risks.
96. What attack involves an attacker sending multiple fake authentication requests to exhaust system resources?
a) Credential stuffing
b) Password spraying
c) Denial-of-Service (DoS) attack
d) Phishing
Answer: c) Denial-of-Service (DoS) attack
Explanation: DoS attacks overwhelm a system with excessive requests, causing service disruption.
97. What is the purpose of multi-factor authentication (MFA)?
a) To eliminate the need for passwords
b) To increase security by requiring multiple verification methods
c) To allow users to log in faster
d) To enable anonymous browsing
Answer: b) To increase security by requiring multiple verification methods
Explanation: MFA enhances security by requiring multiple authentication factors like passwords, biometrics, or OTPs.
98. What is a major weakness of biometric authentication?
a) It cannot be bypassed
b) It is always 100% secure
c) It cannot be changed if compromised
d) It does not require hardware
Answer: c) It cannot be changed if compromised
Explanation: Unlike passwords, biometric data (fingerprints, iris scans) cannot be changed if stolen.
99. What is the main function of a packet sniffer?
a) To block cyberattacks
b) To capture and analyze network traffic
c) To encrypt network connections
d) To remove malware from infected systems
Answer: b) To capture and analyze network traffic
Explanation: Packet sniffers (e.g., Wireshark) monitor network traffic for analysis and security auditing.
100. What is a backdoor in cybersecurity?
a) A hardware vulnerability
b) A secret method of bypassing normal authentication
c) A physical entrance to a data center
d) A type of encryption
Answer: b) A secret method of bypassing normal authentication
Explanation: Backdoors allow unauthorized access to a system, often created for maintenance or as malware.
101. What is a common attack against password hashes stored in a database?
a) Denial-of-Service attack
b) Rainbow table attack
c) SQL Injection attack
d) Man-in-the-Middle attack
Answer: b) Rainbow table attack
Explanation: Rainbow table attacks use precomputed hash values to crack stored passwords.
102. Which attack manipulates users into revealing confidential information by pretending to be a trusted entity?
a) Social Engineering
b) Denial-of-Service (DoS)
c) Keylogging
d) DNS Spoofing
Answer: a) Social Engineering
Explanation: Social engineering attacks trick people into revealing sensitive information.
103. What does a cybersecurity honeypot do?
a) It attracts attackers to study their behavior
b) It encrypts all system files
c) It prevents ransomware infections
d) It detects insider threats only
Answer: a) It attracts attackers to study their behavior
Explanation: Honeypots are decoy systems designed to lure cybercriminals and analyze their tactics.
104. What is the primary goal of a reconnaissance phase in hacking?
a) To actively exploit vulnerabilities
b) To gather as much information as possible about a target
c) To install malware on a system
d) To flood a network with excessive traffic
Answer: b) To gather as much information as possible about a target
Explanation: Reconnaissance is the first step in hacking, involving information gathering.
105. What is the main difference between hashing and encryption?
a) Hashing is reversible, encryption is not
b) Encryption is reversible, hashing is not
c) Hashing uses a key, encryption does not
d) Hashing is only used for passwords
Answer: b) Encryption is reversible, hashing is not
Explanation: Encryption transforms data using keys and can be decrypted, while hashing is one-way.
106. What is a rogue access point?
a) A legitimate Wi-Fi network
b) An unauthorized wireless access point used for attacks
c) A secure VPN server
d) A government-owned cybersecurity tool
Answer: b) An unauthorized wireless access point used for attacks
Explanation: Rogue APs are set up to intercept and manipulate network traffic.
107. What type of malware is designed to spread across a network without human intervention?
a) Virus
b) Worm
c) Trojan Horse
d) Spyware
Answer: b) Worm
Explanation: Worms self-replicate and spread across networks without user action.
108. Which security model requires verification for every access request, regardless of location?
a) Zero Trust Model
b) Firewall-Based Security
c) Signature-Based Security
d) Air-Gap Security
Answer: a) Zero Trust Model
Explanation: The Zero Trust Model requires continuous verification of all users and devices.
109. What is the main purpose of log analysis in cybersecurity?
a) To speed up system performance
b) To detect and investigate security incidents
c) To prevent software updates
d) To hide evidence of attacks
Answer: b) To detect and investigate security incidents
Explanation: Log analysis helps security teams identify and respond to cyber threats.
110. What is a Distributed Denial-of-Service (DDoS) attack?
a) An attack where multiple systems flood a target with excessive traffic
b) A type of phishing attack
c) A method of encrypting sensitive data
d) A social engineering technique
Answer: a) An attack where multiple systems flood a target with excessive traffic
Explanation: DDoS attacks use multiple systems to overwhelm a target, disrupting service availability.
111. What is an air-gapped network?
a) A network that is completely isolated from the internet
b) A network that only allows encrypted traffic
c) A wireless network with enhanced security
d) A system using two-factor authentication
Answer: a) A network that is completely isolated from the internet
Explanation: Air-gapped networks are completely disconnected from external networks to prevent cyber threats.
112. What is an example of a supply chain attack?
a) Exploiting vulnerabilities in a vendor’s software to attack customers
b) Phishing emails targeting employees
c) Using brute force to crack passwords
d) Disrupting network traffic with a DDoS attack
Answer: a) Exploiting vulnerabilities in a vendor’s software to attack customers
Explanation: Supply chain attacks target third-party vendors to gain unauthorized access to customer systems.
113. What is a “zero-click” attack?
a) An attack that requires no user interaction to execute malware
b) A phishing attack disguised as an email
c) An attack that forces users to click on malicious links
d) A slow brute-force attack
Answer: a) An attack that requires no user interaction to execute malware
Explanation: Zero-click attacks exploit vulnerabilities without user interaction, making them highly dangerous.
114. What is an example of an insider threat?
a) A company employee leaking sensitive data to hackers
b) A ransomware attack encrypting company files
c) A phishing email targeting employees
d) A brute-force attack against a company server
Answer: a) A company employee leaking sensitive data to hackers
Explanation: Insider threats come from individuals within an organization, whether intentionally or unintentionally.
115. What is a watering hole attack?
a) Infecting websites commonly visited by a target group
b) Sending phishing emails to employees
c) Exploiting unpatched software vulnerabilities
d) Conducting denial-of-service attacks
Answer: a) Infecting websites commonly visited by a target group
Explanation: Watering hole attacks infect trusted websites to compromise specific targets.
116. What is a common technique used to bypass CAPTCHA security measures?
a) Using automated bots with machine learning capabilities
b) Conducting phishing attacks
c) Modifying firewall rules
d) Encrypting login credentials
Answer: a) Using automated bots with machine learning capabilities
Explanation: Attackers use AI-driven bots to bypass CAPTCHA protections.
117. What is a cold boot attack?
a) Extracting data from RAM after a system reboot
b) Disabling security patches in an operating system
c) Overheating a CPU to cause system failure
d) Infecting a device with a boot-time rootkit
Answer: a) Extracting data from RAM after a system reboot
Explanation: Cold boot attacks retrieve encryption keys and sensitive data from RAM before it is erased.
118. Which of the following best describes a side-channel attack?
a) An attack exploiting indirect information leakage, such as power usage or timing
b) A direct attack on encrypted data
c) An attack targeting unpatched operating system vulnerabilities
d) A brute-force password cracking technique
Answer: a) An attack exploiting indirect information leakage, such as power usage or timing
Explanation: Side-channel attacks extract information from timing, power consumption, and electromagnetic emissions.
119. What is the primary purpose of a penetration testing report?
a) To document vulnerabilities and provide security recommendations
b) To publicly disclose security flaws
c) To test employees’ knowledge of security practices
d) To generate random passwords
Answer: a) To document vulnerabilities and provide security recommendations
Explanation: Penetration testing reports provide detailed findings and recommendations to improve security.
120. What type of malware encrypts files and demands payment to restore access?
a) Ransomware
b) Spyware
c) Adware
d) Rootkit
Answer: a) Ransomware
Explanation: Ransomware locks files and demands a ransom for decryption keys.
121. What does the term “sandboxing” refer to in cybersecurity?
a) Isolating untrusted programs to analyze behavior safely
b) Encrypting all system logs
c) Storing sensitive information in secure cloud storage
d) Running malware on a victim’s machine
Answer: a) Isolating untrusted programs to analyze behavior safely
Explanation: Sandboxing prevents malware from affecting the main system by executing it in a controlled environment.
122. What is a major drawback of biometric authentication?
a) It cannot be bypassed
b) It is 100% secure
c) It is difficult to change if compromised
d) It slows down authentication speed
Answer: c) It is difficult to change if compromised
Explanation: Unlike passwords, biometric data cannot be changed once compromised.
123. What is the main objective of ethical hacking?
a) To find security vulnerabilities and help organizations fix them
b) To exploit weaknesses for financial gain
c) To steal confidential information
d) To create malware
Answer: a) To find security vulnerabilities and help organizations fix them
Explanation: Ethical hacking aims to identify and mitigate security risks.
124. What is session fixation?
a) Forcing a user to use a predetermined session ID
b) Terminating user sessions after inactivity
c) Encrypting session cookies for security
d) Running malicious scripts inside a web browser
Answer: a) Forcing a user to use a predetermined session ID
Explanation: Session fixation allows an attacker to set a user’s session ID before authentication.
125. What does a firewall do?
a) Filters and controls incoming and outgoing network traffic
b) Encrypts all internet traffic
c) Prevents phishing attacks
d) Blocks all user activity
Answer: a) Filters and controls incoming and outgoing network traffic
Explanation: Firewalls enforce security policies by monitoring and filtering network traffic.
126. What is the primary objective of a phishing attack?
a) To steal sensitive information by deceiving users
b) To delete system files
c) To exploit software vulnerabilities
d) To encrypt files and demand ransom
Answer: a) To steal sensitive information by deceiving users
Explanation: Phishing involves tricking users into revealing confidential information.
127. What is steganography in cybersecurity?
a) Hiding malicious code inside legitimate files
b) Encrypting all sensitive data
c) Preventing malware infections
d) Performing deep packet inspection
Answer: a) Hiding malicious code inside legitimate files
Explanation: Steganography conceals data or malware within images, videos, or audio files.
128. What is a key characteristic of a nation-state cyberattack?
a) It is financially motivated
b) It is typically conducted for espionage, sabotage, or geopolitical purposes
c) It only targets small businesses
d) It always involves ransomware
Answer: b) It is typically conducted for espionage, sabotage, or geopolitical purposes
Explanation: Nation-state attacks are often stealthy and politically motivated.
129. What does a botnet do?
a) Controls infected devices to perform malicious activities
b) Encrypts system files
c) Steals passwords from local databases
d) Generates random IP addresses
Answer: a) Controls infected devices to perform malicious activities
Explanation: Botnets are networks of infected computers used for DDoS attacks, spam, and fraud.
130. What does a cybersecurity kill chain describe?
a) The stages of a cyberattack
b) The process of killing malware
c) The sequence of system crashes
d) The lifecycle of a firewall
Answer: a) The stages of a cyberattack
Explanation: The cyber kill chain outlines the phases of an attack, from reconnaissance to data exfiltration.
131. What is a major risk of using default credentials on network devices?
a) Improved system performance
b) Easier remote management
c) Increased vulnerability to brute-force attacks
d) Faster software updates
Answer: c) Increased vulnerability to brute-force attacks
Explanation: Default credentials are well-known and often exploited in brute-force or automated attacks.
132. What does an attacker achieve with a clickjacking attack?
a) Gains unauthorized access to a system
b) Tricks a user into clicking on an unintended link or button
c) Encrypts files for ransom
d) Deletes logs to hide activities
Answer: b) Tricks a user into clicking on an unintended link or button
Explanation: Clickjacking overlays invisible elements over legitimate content to trick users into performing unintended actions.
133. What is a credential stuffing attack?
a) Sending fake login requests to lock users out
b) Using leaked username-password pairs to gain unauthorized access
c) Encrypting user credentials for security
d) Brute-forcing password hashes
Answer: b) Using leaked username-password pairs to gain unauthorized access
Explanation: Credential stuffing exploits stolen credentials from data breaches to gain access to multiple accounts.
134. What is a MAC address spoofing attack?
a) Manipulating an IP address to disguise identity
b) Changing a device’s MAC address to impersonate another device
c) Exploiting weak passwords
d) Encrypting network traffic
Answer: b) Changing a device’s MAC address to impersonate another device
Explanation: MAC spoofing allows attackers to bypass access controls or impersonate trusted devices.
135. What is the primary function of a penetration testing framework like Kali Linux?
a) To protect against malware
b) To perform ethical hacking and vulnerability assessment
c) To generate strong passwords
d) To provide antivirus protection
Answer: b) To perform ethical hacking and vulnerability assessment
Explanation: Kali Linux is a penetration testing operating system packed with hacking tools.
136. What is an example of an out-of-band attack?
a) Sending a phishing email
b) Exploiting a vulnerability that requires communication outside of the main data path
c) Overloading a server with excessive requests
d) Using a rootkit to bypass security
Answer: b) Exploiting a vulnerability that requires communication outside of the main data path
Explanation: Out-of-band attacks use alternate communication channels to extract or manipulate data.
137. Which of the following is NOT a goal of ethical hacking?
a) Identifying security vulnerabilities
b) Enhancing system security
c) Stealing user credentials
d) Preventing cyberattacks
Answer: c) Stealing user credentials
Explanation: Ethical hacking is performed legally and ethically to improve security.
138. What is the main characteristic of an Advanced Persistent Threat (APT)?
a) Short-term hacking attempts
b) Automated brute-force attacks
c) Long-term, targeted cyber espionage campaigns
d) Opportunistic ransomware deployment
Answer: c) Long-term, targeted cyber espionage campaigns
Explanation: APTs involve stealthy, continuous cyberattacks, often targeting government or corporate networks.
139. What is the purpose of an SSL/TLS certificate?
a) To encrypt communication between a web server and a browser
b) To increase website loading speed
c) To prevent SQL injection attacks
d) To scan for vulnerabilities
Answer: a) To encrypt communication between a web server and a browser
Explanation: SSL/TLS certificates secure data transmission by encrypting web traffic.
140. What is the primary function of a keylogger?
a) Encrypting files for security
b) Recording keystrokes to steal sensitive information
c) Blocking malware
d) Preventing brute-force attacks
Answer: b) Recording keystrokes to steal sensitive information
Explanation: Keyloggers capture user keystrokes, allowing attackers to steal passwords and credentials.
141. What is the purpose of a digital signature in cybersecurity?
a) To verify the integrity and authenticity of digital messages or files
b) To encrypt entire databases
c) To detect vulnerabilities in software
d) To store user credentials securely
Answer: a) To verify the integrity and authenticity of digital messages or files
Explanation: Digital signatures use cryptography to ensure data is authentic and untampered.
142. What is a SIM swapping attack?
a) Cloning a SIM card to intercept calls and messages
b) Switching between mobile networks for better security
c) Encrypting SIM card data to prevent hacking
d) Using a different SIM card to bypass 2FA
Answer: a) Cloning a SIM card to intercept calls and messages
Explanation: SIM swapping lets attackers take over a victim’s phone number to bypass SMS-based 2FA.
143. What is a fileless malware attack?
a) A malware attack that operates in memory without writing files to disk
b) A virus that hides in a ZIP file
c) A ransomware attack targeting stored files
d) A trojan that spreads via USB devices
Answer: a) A malware attack that operates in memory without writing files to disk
Explanation: Fileless malware operates entirely in RAM, making it harder to detect.
144. What is the main risk of weak API security?
a) Slow system performance
b) Unauthorized data access and breaches
c) Increased encryption strength
d) Decreased website loading speed
Answer: b) Unauthorized data access and breaches
Explanation: Weak API security can expose sensitive data, leading to breaches and exploits.
145. What is a polymorphic virus?
a) A virus that encrypts files
b) A virus that changes its code to evade detection
c) A virus that targets only mobile devices
d) A virus that spreads via emails
Answer: b) A virus that changes its code to evade detection
Explanation: Polymorphic viruses modify their signature to bypass antivirus detection.
146. What is an eavesdropping attack?
a) Listening to network communications to intercept sensitive data
b) Infecting a device with malware
c) Injecting malicious SQL queries into a database
d) Exploiting unpatched software
Answer: a) Listening to network communications to intercept sensitive data
Explanation: Eavesdropping attacks involve intercepting communications to steal sensitive information.
147. What does a ransomware attack typically demand?
a) User credentials
b) Payment in exchange for file decryption
c) Social media access
d) Hardware modifications
Answer: b) Payment in exchange for file decryption
Explanation: Ransomware encrypts files and demands payment (often in cryptocurrency) for decryption keys.
148. What is a deepfake attack?
a) Using AI-generated fake media to impersonate someone
b) Stealing login credentials
c) Encrypting user files with malware
d) Conducting a social engineering attack
Answer: a) Using AI-generated fake media to impersonate someone
Explanation: Deepfake attacks use AI-generated media to deceive and manipulate victims.
149. What is a Bluebugging attack?
a) Gaining unauthorized access to a Bluetooth-enabled device
b) Exploiting cloud storage vulnerabilities
c) Cracking Wi-Fi passwords
d) Sending phishing emails
Answer: a) Gaining unauthorized access to a Bluetooth-enabled device
Explanation: Bluebugging allows attackers to control Bluetooth-enabled devices remotely.
150. What does a vulnerability scanner do?
a) Identifies security weaknesses in systems and applications
b) Prevents DDoS attacks
c) Encrypts sensitive files
d) Blocks unauthorized access
Answer: a) Identifies security weaknesses in systems and applications
Explanation: Vulnerability scanners detect potential security flaws for remediation.
151. What is a primary goal of a Red Team in cybersecurity?
a) To defend against cyber threats
b) To simulate real-world attacks and test security defenses
c) To monitor network traffic for vulnerabilities
d) To implement firewall rules
Answer: b) To simulate real-world attacks and test security defenses
Explanation: Red Teams act as attackers to identify weaknesses in security defenses.
152. What is the main risk of allowing unrestricted USB device usage on corporate computers?
a) Increased network congestion
b) Malware infection and data theft
c) Slow system performance
d) Decreased internet speed
Answer: b) Malware infection and data theft
Explanation: USB devices can introduce malware or facilitate data exfiltration if not controlled.
153. What type of security flaw allows attackers to execute arbitrary commands on a target system?
a) SQL Injection
b) Cross-Site Scripting (XSS)
c) Command Injection
d) Phishing
Answer: c) Command Injection
Explanation: Command Injection exploits improper validation of user input, allowing attackers to execute commands.
154. What is the primary security risk associated with outdated software?
a) Slower system performance
b) Increased vulnerability to known exploits
c) More frequent software updates
d) Compatibility issues with modern hardware
Answer: b) Increased vulnerability to known exploits
Explanation: Outdated software lacks security patches, making it susceptible to exploits.
155. What is a major advantage of endpoint detection and response (EDR) solutions?
a) They only work on cloud-based networks
b) They provide real-time threat monitoring and incident response
c) They eliminate the need for firewalls
d) They prevent software updates
Answer: b) They provide real-time threat monitoring and incident response
Explanation: EDR solutions detect, investigate, and respond to security threats in real time.
156. What is an example of a cyber-physical attack?
a) Sending phishing emails to employees
b) Exploiting vulnerabilities in industrial control systems (ICS)
c) Conducting SQL injection attacks on web applications
d) Using brute force to guess passwords
Answer: b) Exploiting vulnerabilities in industrial control systems (ICS)
Explanation: Cyber-physical attacks target systems like power grids, water treatment plants, and IoT devices.
157. What is the purpose of a penetration testing methodology?
a) To ensure ethical hackers follow a structured approach
b) To automate all security testing
c) To create new malware samples
d) To block unauthorized access
Answer: a) To ensure ethical hackers follow a structured approach
Explanation: Penetration testing methodologies provide a step-by-step framework for ethical hacking.
158. What type of attack occurs when an attacker registers a domain similar to a legitimate site to deceive users?
a) DNS Spoofing
b) Typosquatting
c) SQL Injection
d) Ransomware
Answer: b) Typosquatting
Explanation: Typosquatting tricks users into visiting fake websites by registering domains with misspellings.
159. What does a forensic analyst do in a cybersecurity investigation?
a) Conducts penetration tests
b) Analyzes digital evidence to identify security incidents
c) Develops malware
d) Encrypts network traffic
Answer: b) Analyzes digital evidence to identify security incidents
Explanation: Forensic analysts investigate cyber incidents and gather evidence for legal and security purposes.
160. What is the purpose of network segmentation in cybersecurity?
a) To slow down network performance
b) To isolate critical systems and limit attack spread
c) To block external emails
d) To increase internet bandwidth
Answer: b) To isolate critical systems and limit attack spread
Explanation: Network segmentation enhances security by isolating sensitive resources.
161. What is an example of an IoT-based cyber attack?
a) Using smart devices to create a botnet for DDoS attacks
b) Conducting SQL injection on a database
c) Performing phishing attacks
d) Exploiting software vulnerabilities in desktop computers
Answer: a) Using smart devices to create a botnet for DDoS attacks
Explanation: IoT devices are often targeted to form botnets for launching large-scale attacks.
162. What is a time-based one-time password (TOTP)?
a) A password that changes every few seconds based on time
b) A default password used in web applications
c) A password stored in a database indefinitely
d) A static password generated once per account
Answer: a) A password that changes every few seconds based on time
Explanation: TOTP is used in multi-factor authentication (MFA) for one-time use.
163. What is an example of a cloud security risk?
a) Misconfigured cloud storage permissions leading to data leaks
b) Running antivirus on cloud servers
c) Using two-factor authentication
d) Implementing strong password policies
Answer: a) Misconfigured cloud storage permissions leading to data leaks
Explanation: Misconfigured cloud settings can expose sensitive data to unauthorized users.
164. What is the main purpose of an insider threat detection system?
a) To block all external threats
b) To monitor and detect suspicious employee activities
c) To slow down attackers
d) To encrypt stored passwords
Answer: b) To monitor and detect suspicious employee activities
Explanation: Insider threat detection systems identify potential risks from employees or trusted individuals.
165. What is an RFID skimming attack?
a) Intercepting and stealing data from contactless payment cards
b) Hacking a mobile phone remotely
c) Cracking Wi-Fi passwords
d) Sending phishing emails
Answer: a) Intercepting and stealing data from contactless payment cards
Explanation: RFID skimming exploits contactless payment technology to steal credit card information.
166. What is a honeypot used for in cybersecurity?
a) To attract and monitor attackers by simulating a vulnerable system
b) To prevent SQL injection attacks
c) To store encrypted user data
d) To filter network traffic
Answer: a) To attract and monitor attackers by simulating a vulnerable system
Explanation: Honeypots act as decoys to study and analyze cyber threats.
167. What does threat intelligence provide in cybersecurity?
a) Insights into emerging threats and attack patterns
b) A detailed list of open-source security tools
c) A log of all internet activity
d) A method for encrypting communications
Answer: a) Insights into emerging threats and attack patterns
Explanation: Threat intelligence helps organizations anticipate and defend against future attacks.
168. What is a buffer overflow attack?
a) Overloading a system with too many login attempts
b) Sending more data than a program can handle to overwrite memory
c) Encrypting a database to demand ransom
d) Exploiting network vulnerabilities
Answer: b) Sending more data than a program can handle to overwrite memory
Explanation: Buffer overflow attacks exploit memory allocation issues to execute malicious code.
169. What is the purpose of a digital certificate?
a) To verify the identity of a website or user
b) To encrypt stored passwords
c) To manage firewall rules
d) To block phishing attacks
Answer: a) To verify the identity of a website or user
Explanation: Digital certificates authenticate users, websites, and encrypted communications.
170. What is a quantum cryptography attack?
a) Using quantum computing to break encryption algorithms
b) Encrypting emails for security
c) Exploiting software vulnerabilities
d) Conducting phishing attacks
Answer: a) Using quantum computing to break encryption algorithms
Explanation: Quantum cryptography attacks leverage quantum computing to break traditional encryption methods.
171. What is the primary goal of ethical hacking?
a) To steal sensitive data
b) To identify and fix security vulnerabilities before attackers exploit them
c) To launch cyberattacks on competitors
d) To bypass security measures for personal gain
Answer: b) To identify and fix security vulnerabilities before attackers exploit them
Explanation: Ethical hacking is performed to improve cybersecurity by identifying and mitigating risks.
172. What is the purpose of a security operations center (SOC)?
a) To develop new hacking tools
b) To monitor, detect, and respond to security incidents in real time
c) To manage corporate financial data
d) To create security patches for third-party software
Answer: b) To monitor, detect, and respond to security incidents in real time
Explanation: A SOC is responsible for continuous cybersecurity monitoring and incident response.
173. What is the primary function of an HIDS (Host-based Intrusion Detection System)?
a) To block all network traffic
b) To monitor and analyze activities on a specific host machine
c) To scan for open ports on a network
d) To remove malware automatically
Answer: b) To monitor and analyze activities on a specific host machine
Explanation: HIDS tracks host activity for suspicious behaviors such as unauthorized file changes.
174. What is an example of a side-channel attack?
a) Exploiting unpatched software vulnerabilities
b) Capturing electromagnetic emissions to extract encryption keys
c) Injecting malicious JavaScript into a web page
d) Spoofing DNS records to redirect traffic
Answer: b) Capturing electromagnetic emissions to extract encryption keys
Explanation: Side-channel attacks analyze power consumption, timing, or electromagnetic emissions to extract secrets.
175. What is the function of a VPN (Virtual Private Network)?
a) To create a secure, encrypted connection between a user and a remote network
b) To prevent phishing attacks
c) To monitor employee activity
d) To block social media access
Answer: a) To create a secure, encrypted connection between a user and a remote network
Explanation: VPNs protect online privacy by encrypting internet traffic.
176. What is a Man-in-the-Browser (MitB) attack?
a) Exploiting browser vulnerabilities to inject malicious scripts
b) Using brute force to guess browser passwords
c) Disabling a user’s firewall settings
d) Infecting mobile devices with keyloggers
Answer: a) Exploiting browser vulnerabilities to inject malicious scripts
Explanation: MitB attacks hijack browser sessions to intercept or modify transactions.
177. What is a race condition in cybersecurity?
a) A vulnerability that occurs when multiple processes access shared resources in an unintended sequence
b) A password-cracking technique
c) A denial-of-service (DoS) attack method
d) An outdated encryption protocol
Answer: a) A vulnerability that occurs when multiple processes access shared resources in an unintended sequence
Explanation: Race conditions occur when an attacker exploits improperly synchronized system processes.
178. What is the purpose of salting in password hashing?
a) To increase the length of passwords
b) To add random data to passwords before hashing to prevent rainbow table attacks
c) To convert passwords into an encrypted format
d) To store passwords in plaintext
Answer: b) To add random data to passwords before hashing to prevent rainbow table attacks
Explanation: Salting ensures passwords have unique hashes, even if users have identical passwords.
179. What is the primary purpose of an exploit kit?
a) To automate the exploitation of known vulnerabilities
b) To provide cybersecurity awareness training
c) To strengthen firewall security
d) To patch security vulnerabilities
Answer: a) To automate the exploitation of known vulnerabilities
Explanation: Exploit kits are used by attackers to automate the process of finding and exploiting vulnerabilities.
180. What is an ephemeral key in cryptography?
a) A temporary encryption key used for a single session
b) A permanent key stored in hardware
c) A key that never expires
d) A key used only for encrypting passwords
Answer: a) A temporary encryption key used for a single session
Explanation: Ephemeral keys are short-lived encryption keys that enhance forward secrecy.
181. What type of cyberattack manipulates a user’s perception by providing false or misleading information?
a) Deepfake attack
b) Denial-of-Service attack
c) Buffer overflow attack
d) Ransomware attack
Answer: a) Deepfake attack
Explanation: Deepfake attacks use AI-generated media to create false information or impersonate individuals.
182. What is the purpose of a digital forensics investigation?
a) To analyze and recover data related to cyber incidents
b) To create a new encryption algorithm
c) To test firewall security
d) To prevent phishing attacks
Answer: a) To analyze and recover data related to cyber incidents
Explanation: Digital forensics helps in investigating cybercrimes by analyzing digital evidence.
183. What is the main advantage of asymmetric encryption over symmetric encryption?
a) It is faster than symmetric encryption
b) It uses a key pair (public and private keys) for secure communication
c) It does not require authentication
d) It stores all data in plaintext
Answer: b) It uses a key pair (public and private keys) for secure communication
Explanation: Asymmetric encryption provides secure key exchange using public-private key pairs.
184. What is the function of a SIEM (Security Information and Event Management) system?
a) To log and analyze security events for threat detection
b) To encrypt all network traffic
c) To prevent malware infections
d) To create security policies
Answer: a) To log and analyze security events for threat detection
Explanation: SIEM solutions aggregate security logs and events for real-time monitoring and analysis.
185. What is an SQL Injection attack primarily used for?
a) Exploiting vulnerabilities in web applications to execute unauthorized database queries
b) Encrypting files for ransomware demands
c) Overloading a web server with excessive traffic
d) Manipulating URL redirections
Answer: a) Exploiting vulnerabilities in web applications to execute unauthorized database queries
Explanation: SQL Injection attacks allow attackers to execute malicious SQL queries to access or modify databases.
186. What is the purpose of a bug bounty program?
a) To encourage ethical hackers to discover and report security vulnerabilities
b) To spread awareness about security threats
c) To reward users for reporting phishing emails
d) To track software development progress
Answer: a) To encourage ethical hackers to discover and report security vulnerabilities
Explanation: Bug bounty programs incentivize security researchers to find and report vulnerabilities.
187. What is a primary function of a firewall?
a) To filter and control network traffic based on security policies
b) To encrypt all passwords in a system
c) To detect malware infections
d) To store cryptographic keys
Answer: a) To filter and control network traffic based on security policies
Explanation: Firewalls monitor and restrict network traffic based on predefined security rules.
188. What does CVE stand for in cybersecurity?
a) Common Vulnerabilities and Exposures
b) Computer Virus Encryption
c) Cybersecurity Vulnerability Enumeration
d) Cloud Virtualization Engine
Answer: a) Common Vulnerabilities and Exposures
Explanation: CVE is a database that tracks publicly disclosed cybersecurity vulnerabilities.
189. What is the purpose of a honeynet?
a) To study attacker behavior by using a network of honeypots
b) To provide network encryption
c) To accelerate web traffic
d) To store security logs
Answer: a) To study attacker behavior by using a network of honeypots
Explanation: Honeynets consist of multiple honeypots designed to attract and analyze cyber threats.
190. What is a rootkit?
a) A malicious tool used to gain persistent access to a system
b) A password cracking method
c) A type of encryption algorithm
d) A web application security tool
Answer: a) A malicious tool used to gain persistent access to a system
Explanation: Rootkits allow attackers to maintain hidden access to an infected system.
191. What is the primary purpose of threat modeling in cybersecurity?
a) To predict and mitigate potential security threats before they occur
b) To launch penetration testing against a target system
c) To develop new security vulnerabilities for testing
d) To create and distribute security patches
Answer: a) To predict and mitigate potential security threats before they occur
Explanation: Threat modeling is a proactive approach to identifying and mitigating security risks.
192. What does the term “Pivoting” mean in ethical hacking?
a) Using a compromised system to launch attacks on other systems in the network
b) Changing encryption keys frequently
c) Encrypting a system’s master boot record
d) Preventing social engineering attacks
Answer: a) Using a compromised system to launch attacks on other systems in the network
Explanation: Pivoting allows attackers to move laterally across a compromised network.
193. What is the primary function of an Intrusion Prevention System (IPS)?
a) To actively detect and block security threats in real-time
b) To generate encryption keys for secure communication
c) To replace outdated antivirus software
d) To monitor user activity on social media
Answer: a) To actively detect and block security threats in real-time
Explanation: IPS solutions analyze network traffic and block malicious activity before it causes damage.
194. What is a common use of blockchain technology in cybersecurity?
a) Securely storing and verifying digital transactions
b) Enhancing firewall performance
c) Encrypting emails for security
d) Preventing denial-of-service attacks
Answer: a) Securely storing and verifying digital transactions
Explanation: Blockchain technology is used for secure, tamper-proof digital transactions and identity verification.
195. What is a major security risk of Bring Your Own Device (BYOD) policies?
a) Increased hardware costs
b) Difficulty in monitoring and controlling personal devices accessing corporate networks
c) Reduced employee productivity
d) Increased network bandwidth usage
Answer: b) Difficulty in monitoring and controlling personal devices accessing corporate networks
Explanation: BYOD policies introduce security challenges, such as unsecured personal devices accessing corporate data.
196. What is an example of a physical security risk in cybersecurity?
a) Unauthorized access to server rooms
b) Phishing emails targeting employees
c) SQL injection attacks
d) DNS spoofing
Answer: a) Unauthorized access to server rooms
Explanation: Physical security risks involve threats like theft, tampering, or unauthorized access to critical infrastructure.
197. What is a common goal of an attacker in a Business Email Compromise (BEC) scam?
a) To trick employees into sending money or sensitive information
b) To install ransomware on corporate servers
c) To infect a network with a worm
d) To conduct penetration testing
Answer: a) To trick employees into sending money or sensitive information
Explanation: BEC scams impersonate executives or suppliers to deceive employees into making fraudulent transactions.
198. What is a quantum-resistant cryptographic algorithm?
a) An encryption method that can withstand attacks from quantum computers
b) A type of hashing algorithm
c) A protocol for secure network communication
d) A way to generate public and private keys
Answer: a) An encryption method that can withstand attacks from quantum computers
Explanation: Quantum-resistant cryptography is designed to resist attacks from future quantum computers.
199. What is an example of an attack targeting artificial intelligence (AI) systems?
a) Adversarial attacks that manipulate AI models with malicious inputs
b) Phishing emails targeting AI developers
c) Ransomware infections in AI-powered applications
d) DDoS attacks on AI-powered security systems
Answer: a) Adversarial attacks that manipulate AI models with malicious inputs
Explanation: Adversarial attacks introduce manipulated data to deceive machine learning models.
200. What is a primary risk of using biometric authentication?
a) Biometric data, once stolen, cannot be changed like passwords
b) It is too slow for real-time authentication
c) It cannot be used for online authentication
d) It is vulnerable to SQL injection attacks
Answer: a) Biometric data, once stolen, cannot be changed like passwords
Explanation: Unlike passwords, biometric identifiers like fingerprints and facial scans cannot be reset if compromised.