Cyber Security Multiple Choice Questions on “Information Gathering Phase & Techniques”.
1. ________________ is a component of the reconnaissance stage that is used to gather possible information for a target computer system or network.
a) Fingerprinting
b) 3D printing
c) Footprinting
d) Data printing
Answer: c
Clarification: Footprinting is a component of the reconnaissance stage that is used to gather possible information for a target computer system or network. It can be either active or passive footprinting.
2. How many types of footprinting are there?
a) 5
b) 4
c) 3
d) 2
Answer: d
Clarification: Footprinting is a component of the reconnaissance stage that is used to gather possible information for a target computer system or network. It can be of 2 types: active or passive footprinting.
3. ________________ is one of the 3 pre-attacking phase.
a) Fingerprinting
b) 3D printing
c) Footprinting
d) Data printing
Answer: c
Clarification: Footprinting is a component of the reconnaissance stage that is used to gather possible information for a target computer system or network. It can be either active or passive footprinting.
4. A/An ______________ spends 85% of his/her time in profiling an organization and rest amount in launching the attack.
a) security analyst
b) attacker
c) auditor
d) network engineer
Answer: b
Clarification: An attacker spends 85% of his/her time in profiling an organization and rest amount in launching the attack. Footprinting results in a unique organization profile with respect to the networks.
5. _______________ is necessary to methodically & systematically ensure all pieces of information related to target.
a) Fingerprinting
b) 3D printing
c) Footprinting
d) Data printing
Answer: c
Clarification: Footprinting is a component of the reconnaissance stage which is necessary to methodically & systematically ensure all pieces of information related to the target. It can be either active or passive footprinting.
6. Which of the following is not a spot from where attackers seek information?
a) Domain name
b) IP address
c) System enumeration
d) Document files
Answer: d
Clarification: Internet is a common medium for gathering information such as from Domain name, IP address of the target user, enumeration of victim’s system, IDSes running, TCP & UDP services etc.
7. Which of them is not an information source over the internet for target attackers?
a) Whois
b) YouTube
c) Nslookup
d) Archive sites
Answer: b
Clarification: Information can be available free from some sites and databases residing on the internet. These services and sites are – Whois, Nslookup, Archive Sites, open-source software sites etc.
8. Footprinting is used to collect information such as namespace, employee info, phone number and emails, job details.
a) True
b) False
Answer: a
Clarification: Footprinting is used to collect information such as namespace, employee info, phone number and emails, job details, IP address domain name, geo-location, browsing history etc.
9. Spywares can be used to steal _______________ from the attacker’s browser.
a) browsing history
b) company details
c) plug-ins used
d) browser details
Answer: a
Clarification: Spywares can be used to steal browsing history, browsing habits and other related searches from the attacker’s browser. Google chrome itself has a search box in the address bar which the spyware might monitor to take search results as information for the attacker.
10. https://archive.org is a popular site where one can enter a domain name in its search box for finding out how the site was looking at a given date.
a) True
b) False
Answer: a
Clarification: https://archive.org is a popular archive site where one can enter a domain name in its search box for finding out how the site was looking at a given date. It stores all the details about the look and working of the site, even when the site got updated.
11. Information about people is available people search sites. Which of them is an example of people data searching site?
a) people.com
b) indivinfo.org
c) intelius.com
d) peopleinfo.org
Answer: c
Clarification: Information about people is available people search sites. https://www.intelius.com/ is an example of such site which holds records of people’s information.
12. You can attain a series of IP addresses allotted to a particular company using __________ site.
a) https://www.ipdata.org/
b) https://www.arin.net/
c) https://www.ipip.com/
d) https://www.goipaddr.net/
Answer: b
Clarification: Hackers can attain a series of IP addresses allotted to a particular company using https://www.arin.net/ site. Hackers can enter the company name in the search box for finding a list of all the assigned IP addresses.
13. ARIN is abbreviated as _____________
a) American Registry for Internet Numbers
b) American Registry for IP Numbers
c) All Registry for Internet Numbers
d) American Registry for IP Numbering
Answer: a
Clarification: ARIN is abbreviated as American Registry for Internet Numbers. Hackers can attain a series of IP addresses allotted to a particular company using https://www.arin.net/ site. Hackers can enter the company name in the search box for finding a list of all the assigned IP addresses.
14. Using spyware is an example of _________ type of information gathering.
a) active
b) passive
c) active & passive
d) non-passive
Answer: a
Clarification: Using spyware is an example of an active information gathering technique. Spywares can be used to steal browsing history, browsing habits and other related searches from the attacker’s browser. Google chrome itself has a search box in the address bar which the spyware might monitor to take search results as information for the attacker.
15. Collecting freely available information over the internet is an example of ____________ type of information gathering.
a) active
b) passive
c) active & passive
d) non-passive
Answer: b
Clarification: Collecting freely available information over the internet is an example of passive information gathering technique. It uses archive sites, Google, domain name, people search, Nslookup etc.