Hacking Phases and Techniques

Your Name:

1. What is the primary goal of the reconnaissance phase in

an attack?

A. To gather information about the target

B. To maintain access to the system

C. To exploit the system

D. To scan the network for open ports

2. What type of attack involves modifying the source

address of packets to bypass firewall rules?

A. Buffer overflow attack

B. Spoof attack

C. HiJack attack

D. Phishing attack

3. What is the term for the ability to influence the

behavior of a group of people?

A. Social engineering

B. Spoofing

C. HiJacking

D. Phishing
4. What type of attack involves sending more data to an
application than is expected?

A. Buffer overflow attack

B. Phishing attack

C. HiJack attack

D. Spoof attack

5. Which type of attack involves creating a fake web page

to persuade users to enter sensitive information?

A. Phishing attack

B. HiJack attack

C. Buffer overflow attack

D. Spoof attack

6. What type of attack involves taking over a session

between two individuals?

A. HiJack attack

B. Buffer overflow attack

C. Phishing attack

D. Spoof attack

7. Who is typically involved in an insider attack?

A. A hacker from the outside

B. A disgruntled employee

C. A network engineer

D. A system administrator
8. What is the goal of the maintaining access phase in an
attack?

A. To retain ownership of the system

B. To exploit the system

C. To scan the network for open ports

D. To cover tracks

9. What is the goal of a password attack?

A. To spread a virus or worm

B. To launch a denial of service attack

C. To install a backdoor or Trojan Horse

D. To gain administrative access to the system

10. What is a Trojan Horse?

A. A program with hidden side-effects, allowing indirect access

B. A type of backdoor or secret entry point

C. A type of denial of service attack

D. A type of virus that replicates itself

11. What is the primary goal of a ransomware attack?

A. To launch a distributed denial of service attack

B. To crash the system and consume resources

C. To gain administrative access and install a backdoor

D. To lock or encrypt data, demanding a ransom in return

12. What is a zombie in the context of cyber security?

A. A type of denial of service attack

B. A type of virus or worm

C. A program that secretly takes over another networked computer

D. A type of Trojan Horse or backdoor

13. What is the primary difference between a virus and a

worm?

A. A worm is a type of Trojan Horse

B. A worm is a type of virus

C. A virus replicates itself, while a worm does not

D. A virus requires user interaction, while a worm does not

14. What is the goal of a denial of service (DoS) attack?

A. To crash the system and consume resources

B. To spread a virus or worm

C. To launch a ransomware attack

D. To gain administrative access to the system

15. What is a common use of zombie computers?

A. To launch a distributed denial of service attack

B. To spread a virus or worm

C. To gain administrative access to the system

D. To launch a ransomware attack

16. What is a major issue with permanently connected
systems?

A. Lack of security against viruses and worms

B. Lack of security against denial of service attacks

C. Lack of security against ransomware attacks

D. Lack of security against permanently connected systems

Computer Security Threats

Your Name:

1. What is the term used to describe an individual or

organization responsible for sending spam?

A. Spyware

B. Spammer

C. Phisher

D. Hacker

2. What is the primary function of a Firewall?

A. To control the traffic between networks and prevent unauthorized

access

B. To intercept internal user requests and process them on behalf of

the user
C. To block all incoming and outgoing internet traffic

D. To tunnel traffic between two sides of a network

3. What type of threat can overload ISPs, email servers,

and individual end-user systems?

A. Spam

B. Spyware

C. Viruses

D. Trojan Horses
4. What is the term used to describe a program that
gathers personal information from a computer without
permission?

A. Trojan Horse

B. Spyware

C. Worm

D. Virus

5. What is the primary function of a Proxy Server?

A. To filter out specific types of attacks

B. To watch network traffic and detect intrusions

C. To tunnel traffic between two sides of a network

D. To intercept internal user requests and process them on behalf of

the user

6. What is the term used to describe a system that

watches network traffic and detects intrusions?

A. NIDS

B. Firewall

C. Proxy Server

D. VPN

7. What is the term used to describe a secure network

connection between two endpoints?

A. VPN

B. NIDS

C. Proxy Server

D. Firewall
8. What is the type of firewall that prevents or allows
access based on IP or MAC addresses?

A. Dynamic Packet Filtering

B. SPI

C. Stateful Packet Filtering

D. Static Packet Filtering

9. What is the primary function of a NIPS?

A. To stop traffic in case of an intrusion

B. To create a baseline of normal traffic

C. To monitor network traffic

D. To encrypt data transmissions

10. What type of firewall is described as a 'deep-packet

inspection firewall'?

A. Next-generation Firewall (NGFW)

B. Stateful firewall

C. Packet-filtering firewall

D. Traditional firewall

11. What is the main purpose of digital signatures?

A. To authenticate the sender's identity

B. To provide confidentiality

C. To encrypt data transmissions

D. To ensure non-repudiation and integrity

12. What is the role of a certification authority in digital
certificates?

A. To issue digital certificates to websites

B. To manage digital signatures

C. To verify the authenticity of digital certificates

D. To generate public and private keys

13. What is the process of converting plaintext into

ciphertext?

A. Digital signing

B. Hashing

C. Decryption

D. Encryption

14. What is the primary purpose of a digital certificate?

A. To verify the integrity of a document

B. To enable digital signatures

C. To authenticate the identity of a website

D. To provide encryption

15. What type of encryption algorithm uses the same key

for both encryption and decryption?

A. Asymmetric encryption

B. Symmetric encryption

C. Hash-based encryption

D. Public-key encryption
16. What is the main advantage of using a NGFW over a
traditional firewall?

A. Increased speed

B. Lower cost

C. Reduced complexity

D. Improved security
Information Security Fundamentals

Your Name:

1. What is the primary goal of confidentiality in

information security?

A. Ensuring that information is not revealed to unauthorized persons

B. Denying access to information and resources

C. Detecting any modification of data

D. Ensuring that data is accessible to all users

2. What is the formula to calculate risk in information

security?

A. Risk = Threat x Vulnerabilities

B. Risk = Threat ÷ Vulnerabilities

C. Risk = Threat + Vulnerabilities

D. Risk = Threat - Vulnerabilities

3. What is the primary purpose of a firewall in information

security?

A. To encrypt data transmission

B. To control incoming and outgoing network traffic

C. To provide virtual private network access

D. To detect and prevent malware attacks

4. What is the key difference between symmetric and
asymmetric key cryptography?

A. Symmetric key is used for encryption, while asymmetric key is used

for decryption

B. Asymmetric key is used for encryption, while symmetric key is used

for decryption
C. Asymmetric key uses two keys, while symmetric key uses one key

D. Symmetric key uses two keys, while asymmetric key uses one key

5. What is the primary focus of security in information

security?

A. Implementing firewalls

B. Risk

C. Encrypting data

D. Preventing cyber attacks

6. What is the reason why it's impossible to totally

eliminate risk in information security?

A. Because users are not aware of security risks

B. Because it's difficult to identify all vulnerabilities

C. Because there are too many types of attacks

D. Because there is no simple solution to securing information

7. What is an example of a passive attack?

A. An attacker scanning the network for open ports

B. An attacker hijacking a session between two individuals

C. An attacker launching a phishing attack

D. An attacker capturing packets from the network and attempting to

decrypt them
8. What is the primary goal of a reconnaissance attack?

A. To hijack a session between two individuals

B. To gather as much information as possible about a target

C. To launch a phishing attack

D. To gain unauthorized access to a system

9. What is the term for the ability of someone or

something to influence the behavior of a group of people?

A. Reconnaissance

B. Phishing

C. Hijacking

D. Social engineering

10. What type of attack involves someone from the inside,

such as a disgruntled employee, attacking the network?

A. Hijacking attack

B. Phishing attack

C. Insider attack

D. Reconnaissance attack

11. What is the term for a fake web page that looks
exactly like a popular website, used to persuade users to
enter sensitive information?

A. Hijacking attack

B. Reconnaissance attack

C. Phishing attack

D. Insider attack
12. What is the term for a hacker taking over a session
between two individuals and disconnecting the other
individual from the communication?

A. Insider attack

B. Phishing attack

C. Hijacking attack

D. Reconnaissance attack

13. What is the primary goal of a scanning attack?

A. To exploit vulnerabilities in the system

B. To gather as much information as possible about a target

C. To hijack a session between two individuals

D. To scan the network with specific information gathered during

reconnaissance

14. What is the term for activities undertaken by a hacker

to extend their misuse of the system without being
detected?

A. Covering tracks

B. Maintaining access

C. Reconnaissance

D. Gaining access