Q91
Q91 During a man-in-the-middle simulation, encrypted HTTPS traffic cannot be intercepted. What should the hacker do?
Use SSL stripping
Modify certificates
Restart the browser
Decrypt manually
Q92
Q92 An attacker bypasses SSL by presenting a forged certificate. What is the next step for the ethical hacker?
Report to the client
Exploit the vulnerability
Install the certificate
Ignore the issue
Q93
Q93 What is the primary goal of a DoS attack?
To steal sensitive data
To disrupt service availability
To exploit software vulnerabilities
To encrypt traffic
Q94
Q94 How does a DDoS attack differ from a DoS attack?
DDoS uses multiple devices to attack
DDoS only targets small systems
DDoS is easier to detect
DDoS requires manual execution
Q95
Q95 Which type of DDoS attack exploits the TCP three-way handshake process?
SYN Flood
Ping of Death
UDP Flood
DNS Amplification
Q96
Q96 What is the purpose of DNS amplification in a DDoS attack?
To steal DNS records
To amplify the volume of attack traffic
To encrypt DNS queries
To disable DNS servers
Q97
Q97 Which command can be used to simulate a SYN flood attack using hping3?
hping3 -S target_ip
hping3 -A target_ip
hping3 -U target_ip
hping3 -P target_ip
Q98
Q98 What is the purpose of the following Python code snippet? socket.sendto(b'X'*1024, (target, port))
Send a payload for a DDoS attack
Send a ping request
Establish a TCP connection
Execute a reverse shell
Q99
Q99 Which Metasploit auxiliary module is used to simulate a DoS attack?
auxiliary/dos/http/synflood
auxiliary/scanner/syn_flood
auxiliary/dos/tcp/flood
auxiliary/scanner/udp/dos
Q100
Q100 A web application is unresponsive during testing. What could be the cause?
Excessive traffic from testing
Encryption errors
Invalid credentials
Firewall misconfiguration
Q101
Q101 How can ethical hackers mitigate a detected DDoS attack?
Block IPs of attack sources
Restart the server
Encrypt all traffic
Disable the network
Q102
Q102 A server becomes unreachable during a SYN flood simulation. What should the hacker do?
Terminate the test and report
Ignore the issue
Restart the server
Modify the attack parameters
Q103
Q103 Which type of attack exploits a web application's input fields?
SQL Injection
Cross-Site Scripting (XSS)
Man-in-the-Middle
DNS Spoofing
Q104
Q104 How does a directory traversal attack work?
By injecting malicious JavaScript
By sending malformed HTTP headers
By gaining unauthorized access to directories
By flooding the server
Q105
Q105 What is the purpose of the OWASP ZAP tool?
Exploit server vulnerabilities
Perform automated web application security testing
Intercept HTTPS traffic
Flood a server with requests
Q106
Q106 What type of vulnerability does the following URL exploit: http://example.com/admin?user=admin' OR '1'='1?
SQL Injection
Directory Traversal
CSRF
Command Injection
Q107
Q107 Which Burp Suite tool allows testing of input parameters for vulnerabilities?
Intruder
Scanner
Proxy
Repeater
Q108
Q108 What does the following Metasploit command do: use exploit/multi/http/phpmyadmin_lfi?
Launches a SQL Injection attack
Exploits a local file inclusion vulnerability
Tests for weak passwords
Performs brute force
Q109
Q109 Which Nmap script is used to detect vulnerabilities in web servers?
http-vuln-scan.nse
http-brute.nse
web-scan.nse
vuln-scan.nse
Q110
Q110 A web server returns a 500 Internal Server Error during testing. What could be the cause?
SQL Injection payload
XSS payload
Directory Traversal attempt
Buffer Overflow
Q111
Q111 After testing, the application logs show unauthorized access attempts. What should the hacker do?
Analyze the logs and report
Ignore the logs
Clear the logs
Modify the access parameters
Q112
Q112 What is the purpose of the WPA handshake in Wi-Fi networks?
To connect devices
To encrypt traffic
To authenticate devices
To establish a secure channel
Q113
Q113 How does a deauthentication attack work in wireless hacking?
By disrupting the Wi-Fi signal
By forcing devices to disconnect from the network
By altering MAC addresses
By capturing WPA keys
Q114
Q114 Which tool is commonly used to perform wireless packet capture?
Nmap
Wireshark
Aircrack-ng
Metasploit
Q115
Q115 What is the significance of the PMKID in Wi-Fi hacking?
It is used to generate encryption keys
It reveals the SSID
It stores client IP addresses
It contains user credentials
Q116
Q116 Which command in Aircrack-ng is used to crack a captured handshake file?
aircrack-ng -a file.cap
aircrack-ng -w wordlist.txt file.cap
aircrack-ng -c file.cap
aircrack-ng --crack file.cap
Q117
Q117 What does the following command do: aireplay-ng --deauth 10 -a AP_MAC -c Client_MAC wlan0?
Captures WPA handshake
Performs a deauthentication attack
Scans for available networks
Sniffs all packets
Q118
Q118 How can an ethical hacker perform a Wi-Fi network scan using Kismet?
Start the Kismet server and monitor interface
Run Kismet with --scan flag
Use the Kismet GUI to log packets
Configure a channel hopping script
Q119
Q119 A WPA2-protected network fails to connect during testing. What is the likely issue?
Weak signal
Invalid WPA handshake
Duplicate SSID
Incorrect password
Q120
Q120 A captured handshake cannot be cracked with a dictionary attack. What is the next step?
Try a brute force attack
Ignore the handshake
Restart the cracking process
Use a larger wordlist
