Q1
Q1 What is the primary purpose of ethical hacking?
To gain unauthorized access
To find and fix security vulnerabilities
To improve software speed
To enhance graphical interfaces
Q2
Q2 What is another term for ethical hacking?
White-hat hacking
Gray-hat hacking
Black-hat hacking
Red teaming
Q3
Q3 What distinguishes ethical hackers from malicious hackers?
Tools used
Intent
Skill level
Programming language expertise
Q4
Q4 What is the first step in an ethical hacking process?
Scanning
Reconnaissance
Vulnerability analysis
Exploitation
Q5
Q5 Which of the following is NOT a phase of ethical hacking?
Reconnaissance
Scanning
Eradication
Vulnerability analysis
Q6
Q6 Which of the following best describes penetration testing?
Finding system performance issues
Simulating real-world cyberattacks
Installing firewalls
Monitoring user activity
Q7
Q7 Which skill is most crucial for an ethical hacker?
Advanced cryptography
Systematic problem-solving
Effective UI design
Graphic processing expertise
Q8
Q8 Why is reporting an important step in ethical hacking?
To inform stakeholders of vulnerabilities
To showcase technical expertise
To comply with laws
To document testing scripts
Q9
Q9 Which tool helps in intercepting and modifying HTTP traffic during testing?
Wireshark
Burp Suite
Nessus
Nmap
Q10
Q10 A penetration tester encounters unexpected system behavior during testing. What should they do?
Log the issue and continue testing
Ignore and proceed
Contact the system owner
Restart the testing process
Q11
Q11 What is the primary requirement for ethical hacking to be legal?
Written permission from the owner
Use of open-source tools
Non-disclosure agreement
Supervision by a lawyer
Q12
Q12 Which law governs unauthorized access to computer systems in India?
GDPR
IT Act, 2000
Cybersecurity Act
CISPA
Q13
Q13 What is the purpose of the GDPR in the context of ethical hacking?
To enforce software licensing
To ensure data privacy and protection
To regulate hacking tools
To monitor internet usage
Q14
Q14 Which of the following frameworks is commonly used for penetration testing?
OWASP
PCI DSS
ISO 27001
ITIL
Q15
Q15 Why are Non-Disclosure Agreements (NDAs) important in ethical hacking?
To limit hacker's activities
To ensure confidentiality of findings
To comply with international laws
To identify potential vulnerabilities
Q16
Q16 Which international law governs cross-border data breaches?
GDPR
CLOUD Act
IT Act
DMCA
Q17
Q17 Which of the following best describes the PCI DSS framework?
A law for digital signatures
A standard for secure credit card transactions
A framework for ethical hacking
An encryption algorithm
Q18
Q18 What is the importance of ISO 27001 in ethical hacking?
It provides encryption algorithms
It outlines security management standards
It offers hacking methodologies
It enforces data protection laws
Q19
Q19 Which tool is commonly used to check compliance with security frameworks like OWASP?
Metasploit
Burp Suite
Nmap
Nikto
Q20
Q20 An ethical hacker finds sensitive customer data exposed in logs during testing. What should they do?
Ignore the data
Inform the client
Delete the logs
Use the data for further testing
Q21
Q21 What is the primary goal of reconnaissance in ethical hacking?
To launch attacks
To gather information
To exploit vulnerabilities
To install malware
Q22
Q22 Which of the following is a passive reconnaissance technique?
Social engineering
Port scanning
Packet sniffing
DNS lookup
Q23
Q23 What is WHOIS primarily used for in reconnaissance?
Finding website vulnerabilities
Tracking malware
Gathering domain information
Hacking email accounts
Q24
Q24 What information can be obtained through banner grabbing?
Target's IP address
Service versions
Physical location
Encryption algorithms
Q25
Q25 Which tool is commonly used for DNS enumeration?
Nikto
Dig
Burp Suite
Nessus
Q26
Q26 How can Google Dorking assist in reconnaissance?
By exploiting network vulnerabilities
By extracting sensitive information indexed by search engines
By bypassing firewalls
By scanning ports
Q27
Q27 Which type of reconnaissance involves direct interaction with the target?
Passive
Active
Hybrid
Indirect
Q28
Q28 Which Nmap command is used to perform an operating system detection?
nmap -sP
nmap -sS
nmap -O
nmap -A
Q29
Q29 Which tool can be used to extract email addresses from a website's source code?
Netcat
Maltego
TheHarvester
Metasploit
Q30
Q30 An ethical hacker identifies outdated software versions during reconnaissance. What is the next step?
Launch an exploit
Report to the client
Ignore the finding
Perform active reconnaissance
