Cyber Security Interview Questions and Answers on “Generic Steps for Security”.
1. A _________ can gain access illegally to a system if the system is not properly tested in scanning and gaining access phase.
a) security officer
b) malicious hacker
c) security auditor
d) network analyst
Answer: b
Clarification: Malicious hackers can gain illegal access at OS level, application level or network level if the penetration testers or ethical hackers lack in testing and reporting the vulnerabilities in a system.
2. In which phase, the hackers install backdoors so that his/her ownership with the victim’s system can be retained later?
a) Scanning
b) Maintaining access
c) Maintaining Access
d) Gaining access
Answer: c
Clarification: After gaining access to a system, the hacker needs to keep a path open so that he/she in future can access the system. Therefore, backdoors are set which will later allow the attacker to gain access through it easily.
3. _______ is the tool used for this purpose.
a) Powersploit
b) Aircrack – ng
c) Snort
d) Nmap
Answer: a
Clarification: The Powersploit is an access maintaining tool used for Windows systems. This tool is used for gaining re-access to the victim’s system using PowerShell.
4. Which of the following hacking tools and techniques hackers’ do not use for maintaining access in a system?
a) Rootkits
b) Backdoors
c) Trojans
d) Wireshark
Answer: d
Clarification: Wireshark is not a tool for maintaining access because it is used for analysing network protocols at a microscopic level (very minutely). It is an interactive tool for data traffic analysing on any computer.
5. In _______ phase, the hackers try to hide their footprints.
a) Scanning
b) Tracks clearing
c) Reconnaissance
d) Gaining access
Answer: b
Clarification: Tracks clearing or covering tracks is the name of the phase where the hackers delete logs of their existence & other activity records they do during the hacking process. This step is actually an unethical one.
6. Which of them is not a track clearing technique?
a) Altering log files
b) Tunnelling
c) Port Scanning
d) Footprint removing
Answer: c
Clarification: Port scanning is a method used in the scanning phase. Altering or changing log files, tunnelling for hiding your identity and removing footprints from different sites are examples of clearing tracks.
7. __________ is the last phase of ethical hacking process.
a) Scanning
b) Tracks clearing
c) Reconnaissance
d) Reporting
Answer: d
Clarification: In the reporting phase, the penetration tester or ethical hacker has to assemble all the flaws along with the tools and processes used for detecting then and report it to the firm or organization.
8. Which of the following is not a footprint-scanning tool?
a) SuperScan
b) TcpView
c) Maltego
d) OWASP Zed
Answer: c
Clarification: SuperScan, TcpView and OWASP Zed are tools used for scanning footprints. Maltego is not a footprint-scanning tool. It is used for reconnaissance purpose only.