Ethical Hacking Test Questions
with Correct Answers
Which of the following protocols is exploited to achieve the On-Path position? - Answer-
Port Security
What is Eternal Blue? - Answer-Known Windows exploit
Which of the following user types has the highest privilege in a Windows domain
environment? - Answer-Enterprise Admin
Which of the following is not an automated web application vulnerability scanning tool? -
Answer-Bettercap
Which of the following IS an automated web application vulnerability scanning tool? -
Answer-Burps Suite
Acunetix
Netsparker
What are social engineering attacks based on? - Answer-Human error
Which SQL injection is the easiest to perform? - Answer-Error based SQLi
Which of the following can be used to prevent SQL injection on a website? - Answer-
Prepared statements
Cookies are - Answer-Session hijacking
John built a forum-based website. He wants to save a payload in the database to affect
its viewers. What is he most likely to use? - Answer-Stored XSS
A cyber consultant used Nmap to map an organization and find open ports. One scan
received RST as a response. What is the port status? - Answer-The port is closed
Which concept of On-Path attack includes the process of redirecting a domain name
request to a custom phishing domain? - Answer-DNS poisoning
Which of the following tools can be used to make the cracking process easier, in trying
to crack a password on a website? - Answer-John the ripper
John the Ripper is a technical assessment tool used to for the following? - Answer-
Offline password cracking
with Correct Answers
Which of the following protocols is exploited to achieve the On-Path position? - Answer-
Port Security
What is Eternal Blue? - Answer-Known Windows exploit
Which of the following user types has the highest privilege in a Windows domain
environment? - Answer-Enterprise Admin
Which of the following is not an automated web application vulnerability scanning tool? -
Answer-Bettercap
Which of the following IS an automated web application vulnerability scanning tool? -
Answer-Burps Suite
Acunetix
Netsparker
What are social engineering attacks based on? - Answer-Human error
Which SQL injection is the easiest to perform? - Answer-Error based SQLi
Which of the following can be used to prevent SQL injection on a website? - Answer-
Prepared statements
Cookies are - Answer-Session hijacking
John built a forum-based website. He wants to save a payload in the database to affect
its viewers. What is he most likely to use? - Answer-Stored XSS
A cyber consultant used Nmap to map an organization and find open ports. One scan
received RST as a response. What is the port status? - Answer-The port is closed
Which concept of On-Path attack includes the process of redirecting a domain name
request to a custom phishing domain? - Answer-DNS poisoning
Which of the following tools can be used to make the cracking process easier, in trying
to crack a password on a website? - Answer-John the ripper
John the Ripper is a technical assessment tool used to for the following? - Answer-
Offline password cracking
