Ethical Hacking Practice Exam
Questions and Correct Answers
Which type of attack is characterized by someone who accesses a system of computers
without authorization ✅network intrusion
Which of the following is not considered one of three types of controls you can use in
risk mitigation ✅distribution
Which of the following refers to a piece of software, a tool, or a technique that targets or
takes advantage of a vulnerability ✅exploit
In the ethical hacking security process, all assets are considered to have equal value for
an organization ✅false
Footprinting, scanning, enumeration, system hacking, escalation of privilege, covering
tracks, and planting backdoors are considered ✅hacking steps
An ethical hacker strives to maintain the integrity of disclosure, alteration, and disruption
✅false
Hacking in this class have, through actions or stated intent, indicated that their hacking
is meant to break the law, disrupt businesses, or generate an illegal financial return
✅black-hat hackers
Which of the following tests includes anything that targets equipments or facilities and
can also include actions against people, such as social engineering-related threats
✅physical attack
Planting a backdoor on a system allows an attacker to regain access later ✅true
Intrusion detection systems (ids) and intrusion protection systems (ips) are considered
physical controls ✅false
A system can be considered completely secure once it passes an IT audit ✅false
Planning, discovery, attack, and reporting are considered ✅ethical hacking steps
The first step in penetration testing is to actually perform the attack ✅false
White-hat hackers are sometimes referred to as ethical hackers ✅true
, The ethical hacker is tasked with evaluating the overall state of security. The core
principles of security involve preserving all of the following except ✅disclosure
Lighting is one of the lower-cost security controls that can be implemented by an
organization ✅true
Which type of physical control device is commonly used at sporting events, subways,
and amusement parks to slow the flow of traffic into areas and allow screening and
authentication of individuals prior to entering an area ✅turnstiles
Which of the following is a disadvantage of using dogs for perimeter security ✅dogs do
not have human discernment
A device that prevents entry into designated areas by motor vehicle traffic is called a
✅bollard
Which gate classification meets or exceeds a height of eight feet and is of heavier
construction, such as iron bars, concrete, or similar materials ✅restricted access, class
4
A chokepoint, or a point where all traffic must enter or exit the facility, is called ✅gate
Criminals tend to pick locks because it is a stealthy way to bypass a lock and can make
it harder for the victim to determine what has happened ✅true
Which of the following lock types is smart and programmable ✅cipher
Infrared intrusion detection systems are inexpensive and are usually smaller than other
comparable devices ✅false
A measurement of the percentage of individuals who should have been granted, but
were not access, is called ✅false rejection rate
Which of the following is a type of smash-and-grab burglary in which a heavy vehicle is
driven through the windows or doors of a closed shop, usually one selling electronics or
jewelry, to quickly rob it ✅ram-raiding
A retina pattern system is an eye recognition system that matches the person's blood
vessels on the back of the eye ✅false
Which of the following is a disadvantage of alarms ✅false alarms tied to the police may
results in fines
Questions and Correct Answers
Which type of attack is characterized by someone who accesses a system of computers
without authorization ✅network intrusion
Which of the following is not considered one of three types of controls you can use in
risk mitigation ✅distribution
Which of the following refers to a piece of software, a tool, or a technique that targets or
takes advantage of a vulnerability ✅exploit
In the ethical hacking security process, all assets are considered to have equal value for
an organization ✅false
Footprinting, scanning, enumeration, system hacking, escalation of privilege, covering
tracks, and planting backdoors are considered ✅hacking steps
An ethical hacker strives to maintain the integrity of disclosure, alteration, and disruption
✅false
Hacking in this class have, through actions or stated intent, indicated that their hacking
is meant to break the law, disrupt businesses, or generate an illegal financial return
✅black-hat hackers
Which of the following tests includes anything that targets equipments or facilities and
can also include actions against people, such as social engineering-related threats
✅physical attack
Planting a backdoor on a system allows an attacker to regain access later ✅true
Intrusion detection systems (ids) and intrusion protection systems (ips) are considered
physical controls ✅false
A system can be considered completely secure once it passes an IT audit ✅false
Planning, discovery, attack, and reporting are considered ✅ethical hacking steps
The first step in penetration testing is to actually perform the attack ✅false
White-hat hackers are sometimes referred to as ethical hackers ✅true
, The ethical hacker is tasked with evaluating the overall state of security. The core
principles of security involve preserving all of the following except ✅disclosure
Lighting is one of the lower-cost security controls that can be implemented by an
organization ✅true
Which type of physical control device is commonly used at sporting events, subways,
and amusement parks to slow the flow of traffic into areas and allow screening and
authentication of individuals prior to entering an area ✅turnstiles
Which of the following is a disadvantage of using dogs for perimeter security ✅dogs do
not have human discernment
A device that prevents entry into designated areas by motor vehicle traffic is called a
✅bollard
Which gate classification meets or exceeds a height of eight feet and is of heavier
construction, such as iron bars, concrete, or similar materials ✅restricted access, class
4
A chokepoint, or a point where all traffic must enter or exit the facility, is called ✅gate
Criminals tend to pick locks because it is a stealthy way to bypass a lock and can make
it harder for the victim to determine what has happened ✅true
Which of the following lock types is smart and programmable ✅cipher
Infrared intrusion detection systems are inexpensive and are usually smaller than other
comparable devices ✅false
A measurement of the percentage of individuals who should have been granted, but
were not access, is called ✅false rejection rate
Which of the following is a type of smash-and-grab burglary in which a heavy vehicle is
driven through the windows or doors of a closed shop, usually one selling electronics or
jewelry, to quickly rob it ✅ram-raiding
A retina pattern system is an eye recognition system that matches the person's blood
vessels on the back of the eye ✅false
Which of the following is a disadvantage of alarms ✅false alarms tied to the police may
results in fines
