Ethical Hacking Essentials Exam Prep |\ |\ |\ |\
QUESTIONS WITH ANSWERS
|\ |\ |\
The assurance that the systems responsible for delivering, storing, and processing
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
information are accessible when required by authorized users is referred to by
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
which of the following elements of information security?
|\ |\ |\ |\ |\ |\ |\ |\
A. non-repudiation
|\
B. integrity
|\
C. confidentiality
|\
D. availability - CORRECT ANSWERS ✔✔D. availability
|\ |\ |\ |\ |\ |\
Identify the element of information security that refers to the quality of being
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
genuine or uncorrupted as a characteristic of any communication, documents, or
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
any data.
|\ |\
A. integrity
|\
B. authenticity
|\
C. availability
|\
D. confidentiality - CORRECT ANSWERS ✔✔B. authenticity
|\ |\ |\ |\ |\ |\
Mark, a professional hacker, targets his opponent's website. He finds susceptible
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
user inputs, injects malicious SQL code into the database, and tampers with
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
critical information.
|\ |\
,Which of the following types of attack did Mark perform in the above scenario?
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
A. close-in attack
|\ |\
B. passive attack
|\ |\
C. insider attack
|\ |\
D. active attack - CORRECT ANSWERS ✔✔D. active attack
|\ |\ |\ |\ |\ |\ |\ |\
Ruby, a hacker, visited her target company disguised as an aspiring candidate
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
seeking a job. She noticed that certain sensitive documents were thrown in the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
trash near an employee's desk. She collected these documents, which included
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
critical information that helped her to perform further attacks.
|\ |\ |\ |\ |\ |\ |\ |\ |\
Identify the type of attack performed by Ruby in the above scenario.
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
A. close-in attack
|\ |\
B. passive attack
|\ |\
C. insider attack
|\ |\
D. active attack - CORRECT ANSWERS ✔✔A. close-in attack
|\ |\ |\ |\ |\ |\ |\ |\
James, a malware programmer, intruded into a manufacturing plant that produces
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
computer peripheral devices. James tampered with the software inside devices
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
ready to be delivered to clients. The tampered program creates a backdoor that
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
allows unauthorized access to the systems.
|\ |\ |\ |\ |\ |\
,Identify the type of attack performed by James in the above scenario to gain
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
unauthorized access to the delivered systems.
|\ |\ |\ |\ |\ |\
A. directory traversal attack
|\ |\ |\
B. distribution attack
|\ |\
C. phishing attack
|\ |\
D. replay attack - CORRECT ANSWERS ✔✔B. distribution attack
|\ |\ |\ |\ |\ |\ |\ |\
Williams, an employee, was using his personal laptop within the organization's
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
premises. He connected his laptop to the organization's internal network and
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
began eavesdropping on the communication between other devices connected
|\ |\ |\ |\ |\ |\ |\ |\ |\
to the internal network. He sniffed critical information such as login credentials
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
and other confidential data passing through the network.
|\ |\ |\ |\ |\ |\ |\ |\
Identify the type of attack performed by Williams in the above scenario.
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
A. phishing attack
|\ |\
B. SQL injection attack
|\ |\ |\
C. insider attack
|\ |\
D. replay attack - CORRECT ANSWERS ✔✔C. insider attack
|\ |\ |\ |\ |\ |\ |\ |\
Jack is working as a malware analyst in an organization. He was assigned to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
inspect an attack performed against the organization. Jack determined that the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
attacker had restricted access to the main computer's files and folders and was
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
demanding an online payment to remove these restrictions.
|\ |\ |\ |\ |\ |\ |\ |\
, Which of the following type of attack has Jack identified in the above scenario?
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
A. phishing
|\
B. sniffing
|\
C. ransomware
|\
D. botnet - CORRECT ANSWERS ✔✔C. ransomware
|\ |\ |\ |\ |\ |\
Identify the type of attack vector that focuses on stealing information from the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
victim machine without its user being aware and tries to deliver a payload
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
affecting computer performance.
|\ |\ |\
A. ATP attack
|\ |\
B. botnet
|\
C. insider attack
|\ |\
D. phishing - CORRECT ANSWERS ✔✔A. ATP attack
|\ |\ |\ |\ |\ |\ |\
Andrew, a professional hacker, drafts an email that appears to be legitimate and
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
attaches malicious links to lure victims; he then distributes it through
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
communication channels or mails to obtain private information like account
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
numbers.
|\
Identify the type of attack vector employed by Andrew in the above scenario.
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
QUESTIONS WITH ANSWERS
|\ |\ |\
The assurance that the systems responsible for delivering, storing, and processing
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
information are accessible when required by authorized users is referred to by
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
which of the following elements of information security?
|\ |\ |\ |\ |\ |\ |\ |\
A. non-repudiation
|\
B. integrity
|\
C. confidentiality
|\
D. availability - CORRECT ANSWERS ✔✔D. availability
|\ |\ |\ |\ |\ |\
Identify the element of information security that refers to the quality of being
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
genuine or uncorrupted as a characteristic of any communication, documents, or
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
any data.
|\ |\
A. integrity
|\
B. authenticity
|\
C. availability
|\
D. confidentiality - CORRECT ANSWERS ✔✔B. authenticity
|\ |\ |\ |\ |\ |\
Mark, a professional hacker, targets his opponent's website. He finds susceptible
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
user inputs, injects malicious SQL code into the database, and tampers with
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
critical information.
|\ |\
,Which of the following types of attack did Mark perform in the above scenario?
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
A. close-in attack
|\ |\
B. passive attack
|\ |\
C. insider attack
|\ |\
D. active attack - CORRECT ANSWERS ✔✔D. active attack
|\ |\ |\ |\ |\ |\ |\ |\
Ruby, a hacker, visited her target company disguised as an aspiring candidate
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
seeking a job. She noticed that certain sensitive documents were thrown in the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
trash near an employee's desk. She collected these documents, which included
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
critical information that helped her to perform further attacks.
|\ |\ |\ |\ |\ |\ |\ |\ |\
Identify the type of attack performed by Ruby in the above scenario.
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
A. close-in attack
|\ |\
B. passive attack
|\ |\
C. insider attack
|\ |\
D. active attack - CORRECT ANSWERS ✔✔A. close-in attack
|\ |\ |\ |\ |\ |\ |\ |\
James, a malware programmer, intruded into a manufacturing plant that produces
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
computer peripheral devices. James tampered with the software inside devices
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
ready to be delivered to clients. The tampered program creates a backdoor that
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
allows unauthorized access to the systems.
|\ |\ |\ |\ |\ |\
,Identify the type of attack performed by James in the above scenario to gain
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
unauthorized access to the delivered systems.
|\ |\ |\ |\ |\ |\
A. directory traversal attack
|\ |\ |\
B. distribution attack
|\ |\
C. phishing attack
|\ |\
D. replay attack - CORRECT ANSWERS ✔✔B. distribution attack
|\ |\ |\ |\ |\ |\ |\ |\
Williams, an employee, was using his personal laptop within the organization's
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
premises. He connected his laptop to the organization's internal network and
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
began eavesdropping on the communication between other devices connected
|\ |\ |\ |\ |\ |\ |\ |\ |\
to the internal network. He sniffed critical information such as login credentials
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
and other confidential data passing through the network.
|\ |\ |\ |\ |\ |\ |\ |\
Identify the type of attack performed by Williams in the above scenario.
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
A. phishing attack
|\ |\
B. SQL injection attack
|\ |\ |\
C. insider attack
|\ |\
D. replay attack - CORRECT ANSWERS ✔✔C. insider attack
|\ |\ |\ |\ |\ |\ |\ |\
Jack is working as a malware analyst in an organization. He was assigned to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
inspect an attack performed against the organization. Jack determined that the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
attacker had restricted access to the main computer's files and folders and was
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
demanding an online payment to remove these restrictions.
|\ |\ |\ |\ |\ |\ |\ |\
, Which of the following type of attack has Jack identified in the above scenario?
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
A. phishing
|\
B. sniffing
|\
C. ransomware
|\
D. botnet - CORRECT ANSWERS ✔✔C. ransomware
|\ |\ |\ |\ |\ |\
Identify the type of attack vector that focuses on stealing information from the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
victim machine without its user being aware and tries to deliver a payload
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
affecting computer performance.
|\ |\ |\
A. ATP attack
|\ |\
B. botnet
|\
C. insider attack
|\ |\
D. phishing - CORRECT ANSWERS ✔✔A. ATP attack
|\ |\ |\ |\ |\ |\ |\
Andrew, a professional hacker, drafts an email that appears to be legitimate and
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
attaches malicious links to lure victims; he then distributes it through
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
communication channels or mails to obtain private information like account
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
numbers.
|\
Identify the type of attack vector employed by Andrew in the above scenario.
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
