Ethical Hacking

Question 1

What operating systems are typically used in everyday computers?

Answer 1

Windows, macOS, Linux.

Question 2

Why do security professionals prefer Kali Linux?

Answer 2

It comes pre-installed with over 600 penetration testing tools and is customizable.

Question 3

What is the GUI in an operating system?

Answer 3

Graphical User Interface — user-friendly environment using Windows, Icons, Menus, and Pointers (W.I.M.P).

Question 4

What is the Command Line Interface (CLI)?

Answer 4

A text-based interface for executing commands, preferred by security professionals for more control and faster navigation.

Question 5

How do you add a user in Linux through CLI?

Answer 5

Use the adduser [username] command and set a password using passwd [username].

Question 6

What command shows the current user in Linux?

Answer 6

whoami

Question 7

What command changes the current directory in Linux?

Answer 7

cd [directory_name]

Question 8

What is the Linux file system structure called?

Answer 8

Hierarchical tree with root / at the top.

Question 9

How do you change file permissions in Linux?

Answer 9

Use the chmod command with symbolic or numeric values.

Question 10

Why recruit ethical hackers?

Answer 10

To prevent breaches, uncover vulnerabilities, strengthen security, protect data, and raise awareness.

Question 11

What 3 questions does an ethical hacker seek to answer during evaluation?

Answer 11

1) What can an attacker see? 2) What can they do with it? 3) Are their attempts being noticed?

Question 12

What is footprinting?

Answer 12

Gathering public data to identify risks, map networks, and find entry points.

Question 13

What are the two types of footprinting?

Answer 13

Passive and Active.

Question 14

What types of organizational info can be found through footprinting?

Answer 14

Employee details, addresses, partners, web links, background, news, patents.

Question 15

What types of network info are gathered in footprinting?

Answer 15

Domains, subdomains, network blocks, IPs, trusted routers, DNS records.

Question 16

Name 3 Google search operators useful for footprinting.

Answer 16

site:, allinurl:, inurl:, allintitle:, intitle:, inanchor:, cache:, link:, filetype:.

Question 17

What is the Google Hacking Database?

Answer 17

A categorized list of known Google search queries that locate sensitive data.

Question 18

What tools can be used to gather information from IoT and job sites?

Answer 18

Google Earth, Archive.org, theHarvester.

Question 19

What are cyber-dependent crimes?

Answer 19

Crimes that can only happen via ICT devices, like hacking or DDoS attacks.

Question 20

What are cyber-enabled crimes?

Answer 20

Traditional crimes made easier through technology, like fraud and cyberstalking.

Question 21

Give two examples of cyber-dependent crimes.

Answer 21

Hacking networks, launching malware attacks.

Question 22

Give two examples of cyber-enabled crimes.

Answer 22

Online fraud, cyberbullying.

Question 23

What is malware?

Answer 23

Malicious software designed to disrupt or gain unauthorized access to systems.

Question 24

What is the difference between a virus and a worm?

Answer 24

Viruses need a host file and user action; worms spread autonomously.

Question 25

What is spyware?

Answer 25

Software that secretly gathers user information and sends it to third parties.

Question 26

What is ransomware?

Answer 26

Malware that encrypts data and demands payment for its release.

Question 27

What is the purpose of a botnet?

Answer 27

Control infected computers remotely to perform coordinated attacks.

Question 28

What is the Computer Misuse Act 1990?

Answer 28

UK law against unauthorized access and damage to computer systems.

Question 29

What is Section 1 of the CMA about?

Answer 29

Unauthorized access to computer material.

Question 30

What does Section 3ZA of CMA cover?

Answer 30

Acts causing serious damage to welfare, the environment, or national security.

Question 31

Why is scanning used?

Answer 31

To find vulnerable communication channels and identify entry points.

Question 32

Name 3 types of scanning.

Answer 32

Port scanning, Network scanning, Vulnerability scanning.

Question 33

What is the TCP 3-way handshake?

Answer 33

SYN -> SYN-ACK -> ACK sequence to establish a TCP connection.

Question 34

What is Nmap used for?

Answer 34

Network exploration and security auditing.

Question 35

What is Hping3?

Answer 35

A command-line tool for packet crafting and network scanning.

Question 36

What is Metasploit?

Answer 36

An open-source framework for penetration testing and security assessment.

Question 37

What is host discovery?

Answer 37

Identifying live systems on a network before scanning them further.

Question 38

What is enumeration?

Answer 38

Extracting detailed info about systems like usernames, shares, and services.

Question 39

Name 2 enumeration techniques.

Answer 39

Extract usernames via email IDs, brute force Active Directory.

Question 40

What is a vulnerability?

Answer 40

A flaw that can be exploited to bypass security measures.

Question 41

What causes vulnerabilities?

Answer 41

Misconfigured hardware/software, poor design, user carelessness.

Question 42

What is vulnerability research?

Answer 42

Studying protocols and configurations to find security flaws.

Question 43

Why do ethical hackers research vulnerabilities?

Answer 43

To identify design flaws, monitor exploits, and stay updated.

Question 44

Name two vulnerability research resources.

Answer 44

Exploit Database, Packet Storm.

Question 45

What is a vulnerability assessment?

Answer 45

Evaluating systems to detect security weaknesses.

Question 46

Name two types of vulnerability scanning.

Answer 46

Active scanning and Passive scanning.

Question 47

What is Nessus Essentials?

Answer 47

A free vulnerability scanner with powerful scanning and reporting tools.

Question 48

What is a password hash?

Answer 48

A scrambled version of a password stored by systems for security.

Question 49

Name two hashing algorithms.

Answer 49

MD5, SHA (SHA-1, SHA-2, SHA-3).

Question 50

Where are Windows passwords stored?

Answer 50

In the SAM file located at C:\Windows\System32\Config\SAM.

Question 51

What is NTLM authentication?

Answer 51

A Windows authentication method using challenge-response and hashes.

Question 52

What is a brute-force attack?

Answer 52

Trying every possible password until the correct one is found.

Question 53

What is a rainbow table attack?

Answer 53

Using precomputed tables of hashes to crack passwords faster.

Question 54

What is privilege escalation?

Answer 54

Gaining higher permissions than initially authorized.

Question 55

What are two types of privilege escalation?

Answer 55

Horizontal and Vertical.

Question 56

Name two exploit databases.

Answer 56

Exploit-DB, VulDB.