Category: Cyber Security Objective Questions

250+ TOP MCQs on Information Gathering Phase & Techniques and Answers

Cyber Security Multiple Choice Questions on “Information Gathering Phase & Techniques”.

1. ________________ is a component of the reconnaissance stage that is used to gather possible information for a target computer system or network.
a) Fingerprinting
b) 3D printing
c) Footprinting
d) Data printing

Answer: c
Clarification: Footprinting is a component of the reconnaissance stage that is used to gather possible information for a target computer system or network. It can be either active or passive footprinting.

2. How many types of footprinting are there?
a) 5
b) 4
c) 3
d) 2

Answer: d
Clarification: Footprinting is a component of the reconnaissance stage that is used to gather possible information for a target computer system or network. It can be of 2 types: active or passive footprinting.

3. ________________ is one of the 3 pre-attacking phase.
a) Fingerprinting
b) 3D printing
c) Footprinting
d) Data printing

Answer: c
Clarification: Footprinting is a component of the reconnaissance stage that is used to gather possible information for a target computer system or network. It can be either active or passive footprinting.

4. A/An ______________ spends 85% of his/her time in profiling an organization and rest amount in launching the attack.
a) security analyst
b) attacker
c) auditor
d) network engineer

Answer: b
Clarification: An attacker spends 85% of his/her time in profiling an organization and rest amount in launching the attack. Footprinting results in a unique organization profile with respect to the networks.

5. _______________ is necessary to methodically & systematically ensure all pieces of information related to target.
a) Fingerprinting
b) 3D printing
c) Footprinting
d) Data printing

Answer: c
Clarification: Footprinting is a component of the reconnaissance stage which is necessary to methodically & systematically ensure all pieces of information related to the target. It can be either active or passive footprinting.

6. Which of the following is not a spot from where attackers seek information?
a) Domain name
b) IP address
c) System enumeration
d) Document files

Answer: d
Clarification: Internet is a common medium for gathering information such as from Domain name, IP address of the target user, enumeration of victim’s system, IDSes running, TCP & UDP services etc.

7. Which of them is not an information source over the internet for target attackers?
a) Whois
b) YouTube
c) Nslookup
d) Archive sites

Answer: b
Clarification: Information can be available free from some sites and databases residing on the internet. These services and sites are – Whois, Nslookup, Archive Sites, open-source software sites etc.

8. Footprinting is used to collect information such as namespace, employee info, phone number and emails, job details.
a) True
b) False

Answer: a
Clarification: Footprinting is used to collect information such as namespace, employee info, phone number and emails, job details, IP address domain name, geo-location, browsing history etc.

9. Spywares can be used to steal _______________ from the attacker’s browser.
a) browsing history
b) company details
c) plug-ins used
d) browser details

Answer: a
Clarification: Spywares can be used to steal browsing history, browsing habits and other related searches from the attacker’s browser. Google chrome itself has a search box in the address bar which the spyware might monitor to take search results as information for the attacker.

10. https://archive.org is a popular site where one can enter a domain name in its search box for finding out how the site was looking at a given date.
a) True
b) False

Answer: a
Clarification: https://archive.org is a popular archive site where one can enter a domain name in its search box for finding out how the site was looking at a given date. It stores all the details about the look and working of the site, even when the site got updated.

11. Information about people is available people search sites. Which of them is an example of people data searching site?
a) people.com
b) indivinfo.org
c) intelius.com
d) peopleinfo.org

Answer: c
Clarification: Information about people is available people search sites. https://www.intelius.com/ is an example of such site which holds records of people’s information.

12. You can attain a series of IP addresses allotted to a particular company using __________ site.
a) https://www.ipdata.org/
b) https://www.arin.net/
c) https://www.ipip.com/
d) https://www.goipaddr.net/

Answer: b
Clarification: Hackers can attain a series of IP addresses allotted to a particular company using https://www.arin.net/ site. Hackers can enter the company name in the search box for finding a list of all the assigned IP addresses.

13. ARIN is abbreviated as _____________
a) American Registry for Internet Numbers
b) American Registry for IP Numbers
c) All Registry for Internet Numbers
d) American Registry for IP Numbering

Answer: a
Clarification: ARIN is abbreviated as American Registry for Internet Numbers. Hackers can attain a series of IP addresses allotted to a particular company using https://www.arin.net/ site. Hackers can enter the company name in the search box for finding a list of all the assigned IP addresses.

14. Using spyware is an example of _________ type of information gathering.
a) active
b) passive
c) active & passive
d) non-passive

Answer: a
Clarification: Using spyware is an example of an active information gathering technique. Spywares can be used to steal browsing history, browsing habits and other related searches from the attacker’s browser. Google chrome itself has a search box in the address bar which the spyware might monitor to take search results as information for the attacker.

15. Collecting freely available information over the internet is an example of ____________ type of information gathering.
a) active
b) passive
c) active & passive
d) non-passive

Answer: b
Clarification: Collecting freely available information over the internet is an example of passive information gathering technique. It uses archive sites, Google, domain name, people search, Nslookup etc.

250+ TOP MCQs on Attack Vectors – DoS and DDoS and Answers

Cyber Security Multiple Choice Questions on “Attack Vectors – DoS and DDoS”.

1. A ______________ tries to formulate a web resource occupied or busy its users by flooding the URL of the victim with unlimited requests than the server can handle.
a) Phishing attack
b) DoS attack
c) Website attack
d) MiTM attack

Answer: b
Clarification: A DoS attack tries to formulate a web resource occupied or busy to its users by flooding the URL of the victim with unlimited requests than the server can handle.

2. During a DoS attack, the regular traffic on the target _____________ will be either dawdling down or entirely interrupted.
a) network
b) system
c) website
d) router

Answer: c
Clarification: Using of DoS attack put together web resource by flooding its users with unlimited requests. During a DoS attack, the regular traffic on the target website will be either dawdling down or entirely interrupted.

3. The intent of a ______________ is to overkill the targeted server’s bandwidth and other resources of the target website.
a) Phishing attack
b) DoS attack
c) Website attack
d) MiTM attack

Answer: b
Clarification: Web resource gets occupied or busy as it floods its users performing DoS attack. The intent of this attack is to overkill the targeted server’s bandwidth and other resources of the target website.

4. DoS is abbreviated as _____________________
a) Denial of Service
b) Distribution of Server
c) Distribution of Service
d) Denial of Server

Answer: a
Clarification: A Denial of Service attack targets its victim by flooding the URL of the victim with unlimited requests. The intent of this attack is to overkill the targeted server’s bandwidth and other resources of the target website.

5. A DoS attack coming from a large number of IP addresses, making it hard to manually filter or crash the traffic from such sources is known as a _____________
a) GoS attack
b) PDoS attack
c) DoS attack
d) DDoS attack

Answer: d
Clarification: A DoS attack coming from a large number of IP addresses, making it hard to manually filter or crash the traffic from such sources is known as a Distributed Denial of Service (DDoS) attack.

6. DDoS stands for _________________
a) Direct Distribution of Server
b) Distributed Denial of Service
c) Direct Distribution of Service
d) Distributed Denial of Server

Answer: b
Clarification: When a DoS attack comes from a large number of IP addresses, this makes it hard to manually filter or crash the traffic from such sources and the attack is known as a Distributed Denial of Service (DDoS) attack.

7. Instead of implementing single computer & its internet bandwidth, a ____________ utilizes various systems & their connections for flooding the targeted website.
a) GoS attack
b) PoS attack
c) DDoS attack
d) DoS attack

Answer: c
Clarification: DDoS is another leading attack type. Instead of implementing single computer & its internet bandwidth, a DDoS utilizes various systems & their connections for flooding the targeted website.

8. There are ______ types of DoS attack.
a) 2
b) 3
c) 4
d) 5

Answer: a
Clarification: With the help of DoS attack attackers try to busy its users by flooding the URL of the victim with limitless requests. There are two types of DoS attack. These are Application Layer Attacks and Network Layer DoS attacks.

9. Application layer DoS attack is also known as _______________
a) Layer4 DoS attack
b) Layer5 DoS attack
c) Layer6 DoS attack
d) Layer7 DoS attack

Answer: d
Clarification: A DoS attack is a very dangerous threat for users who have their services running via the internet. The Application Layer DoS is also known as Layer-7 DoS attack.

10. ___________ is a type of DoS threats to overload a server as it sends a large number of requests requiring resources for handling & processing.
a) Network Layer DoS
b) Physical Layer DoS
c) Transport Layer DoS
d) Application Layer DoS

Answer: d
Clarification: DoS attacks are of two types. These are Application Layer Attacks and Network Layer DoS attacks. Application Layer DoS is a type of DoS threats to overload a server as it sends a large number of requests requiring resources for handling & processing.

11. Which of the following is not a type of application layer DoS?
a) HTTP flooding
b) Slowloris
c) TCP flooding
d) DNS query flooding

Answer: c
Clarification: In application Layer DoS, its threats to overload a server as it sends a large quantity of requests requiring resources for handling & processing. This category includes HTTP flooding, slow-flooding attack and DNS query flooding.

12. Network layer attack is also known as ________________
a) Layer3-4 DoS attack
b) Layer5 DoS attack
c) Layer6-7 DoS attack
d) Layer2 DoS attack

Answer: a
Clarification: Denial of Service attack becomes dangerous because it floods the target service over the internet. There are two types of DoS attack. The Network Layer DoS is also known as the Layer 3-4 DoS attack.

13. Which of the following do not comes under network layer DoS flooding?
a) UDP flooding
b) HTTP Flooding
c) SYN flooding
d) NTP Amplification

Answer: b
Clarification: Network layer DoS attack is set up to congest the “pipelines” that are connecting user’s network. This includes attacks such as NTP amplification, SYN flooding, UDP flooding and DNS amplification.

14. Which of the following do not comes under network layer DoS flooding?
a) DNS amplification
b) UDP flooding
c) DNS query flooding
d) NTP Amplification

Answer: c
Clarification: Network layer DoS attack includes attacks such as NTP amplification, SYN flooding, UDP flooding and DNS amplification. DNS query flooding does not come under the Network layer DoS attack.

15. DDoS are high traffic events that are measured in Gigabits per second (Gbps) or packets per second (PPS).
a) True
b) False

Answer: a
Clarification: At the time of DoS attack, it becomes hard to manually filter or crash the traffic from such sources. DDoS are high traffic events that are measured in Gigabits per second (Gbps) or packets per second (PPS).

16. A DDoS with 20 to 40 Gbps is enough for totally shutting down the majority network infrastructures.
a) True
b) False

Answer: a
Clarification: A DoS attack is very dangerous for any targeted victim because it can seize business and bring loss to a company running on the website. A DDoS with 20 to 40 Gbps is enough for totally shutting down the majority network infrastructures.

250+ TOP MCQs on Cryptography – Different Ciphers and their Security Strength

Cyber Security Puzzles on “Cryptography – Different Ciphers and their Security Strength”.

1. ____________ is a mono-alphabetic encryption code wherein each & every letter of plain-text is replaced by another letter in creating the cipher-text.
a) Polyalphabetic Cipher
b) Caesar Cipher
c) Playfair Cipher
d) Monoalphabetic Cipher

Answer: b
Clarification: Caesar Cipher is the simplest type of substitution cipher with a mono-alphabetic encryption code wherein each letter of plain-text is replaced by another letter in creating the cipher-text.

2. _____________ is the concept that tells us about the replacement of every alphabet by another alphabet and the entire series gets ‘shifted’ by some fixed quantity.
a) Rolling Cipher
b) Shift Cipher
c) Playfair Cipher
d) Block Cipher

Answer: b
Clarification: Shift Cipher is the concept that tells us about the replacement of every alphabet by another alphabet and the entire series gets ‘shifted’ by some fixed quantity (which is the key) between 0 and 25.

3. ________________ is a cipher formed out of substitution where for a given key-value the cipher alphabet for every plain text remains fixed all through the encryption procedure.
a) Polyalphabetic Cipher
b) Caesar Cipher
c) Playfair Cipher
d) Monoalphabetic Cipher

Answer: d
Clarification: Monoalphabetic cipher is a cipher formed out of substitution where for a given key-value the cipher alphabet for every plain text remains fixed all through the encryption procedure.

4. In Playfair cipher, at first, a key table is produced. That key table is a 5 by 5 grid of alphabets which operates as the key to encrypt the plaintext.
a) Rolling Cipher
b) Shift Cipher
c) Playfair Cipher
d) Block Cipher

Answer: c
Clarification: In Playfair cipher, at first, a key table is produced. That key table is a 5 by 5 grid of alphabets which operates as the key to encrypt the plaintext. All the twenty-five alphabets have to be unique and letter J gets omitted.

5. ______________ employs a text string as a key that is implemented to do a series of shifts on the plain-text.
a) Vigenere Cipher
b) Shift Cipher
c) Playfair Cipher
d) Block Cipher

Answer: a
Clarification: Vigenere Cipher employs a text string as a key that is implemented to do a series of shifts on the plain-text. Here the sender & the receiver settle on a single key.

6. The ________________ has piece of the keyword that has the same length as that of the plaintext.
a) Block Cipher
b) One-time pad
c) Hash functions
d) Vigenere Cipher

Answer: b
Clarification: The one-time pad has a piece of the keyword that has the same length as that of the plaintext. The keyword gets a randomly produced string of alphabets. For only once, its keyword is used.

7. In _____________ a sequence of actions is carried out on this block after a block of plain-text bits is chosen for generating a block of cipher-text bits.
a) Block Cipher
b) One-time pad
c) Hash functions
d) Vigenere Cipher

Answer: a
Clarification: In block cipher, a sequence of actions is carried out on this block after a block of plain-text bits is chosen for generating a block of cipher-text bits. Blocks in these have fixed number of bits.

8. In _______________ the plain-text is processed 1-bit at a time & a series of actions is carried out on it for generating one bit of cipher-text.
a) Block Cipher
b) One-time pad
c) Stream cipher
d) Vigenere Cipher

Answer: c
Clarification: In stream ciphers, the plain-text is processed 1-bit at a time & a series of actions is carried out on it for generating one bit of cipher-text.

9. The procedure to add bits to the last block is termed as _________________
a) decryption
b) hashing
c) tuning
d) padding

Answer: d
Clarification: For a block cipher, a chain of actions is performed on this block after a block of plain-text. In block ciphers procedure to add bits to the last block is termed as padding.

10. Which of the following is not an example of a block cipher?
a) DES
b) IDEA
c) Caesar cipher
d) Twofish

Answer: c
Clarification: In a block cipher, a sequence of actions is carried out on this block after a block of plain-text bits is chosen for generating a block of cipher-text bits. Examples of block ciphers are DES, IDEA, Twofish etc.

11. Data Encryption Standard is implemented using the Feistel Cipher which employs 16 round of Feistel structure.
a) DES
b) IDEA
c) Caesar cipher
d) Twofish

Answer: a
Clarification: Data Encryption Standard is a block cipher which implements the Feistel Cipher which employs 16 round of Feistel structure. The block size it uses is 64-bit.

12. DES stands for ________________
a) Data Encryption Security
b) Data Encrypted Standard
c) Device Encryption Standard
d) Data Encryption Standard

Answer: d
Clarification: DES which is abbreviated as Data Encryption Standard falls under the category of a block cipher that implements the Feistel Cipher which employs 16 round of Feistel structure.

13. ____________ carries out all its calculations on bytes rather than using bits and is at least 6-times faster than 3-DES.
a) AES
b) DES
c) IDEA
d) Twofish

Answer: a
Clarification: Advanced Encryption Standard is a comparatively innovative block cipher that carries out all its calculations on bytes rather than using bits and is at least 6-times faster than 3-DES.

14. AES stands for ________________
a) Advanced Encryption Security
b) Advanced Encryption Standard
c) Advanced Encrypted Standard
d) Active Encryption Standard

Answer: b
Clarification: AES is abbreviated as Advanced Encryption Standard which is a moderately innovative block cipher which carries out all its calculations on bytes rather than using bits and is at least six times faster than 3-DES.

15. AES is at least 6-times faster than 3-DES.
a) True
b) False

Answer: a
Clarification: AES is a relatively innovative type of block cipher on bytes rather than using bits. It is one of the most popular forms of a block cipher and helps in securing various applications and systems.

250+ TOP MCQs on Generic Steps for Security and Answers

Cyber Security Interview Questions and Answers on “Generic Steps for Security”.

1. A _________ can gain access illegally to a system if the system is not properly tested in scanning and gaining access phase.
a) security officer
b) malicious hacker
c) security auditor
d) network analyst

Answer: b
Clarification: Malicious hackers can gain illegal access at OS level, application level or network level if the penetration testers or ethical hackers lack in testing and reporting the vulnerabilities in a system.

2. In which phase, the hackers install backdoors so that his/her ownership with the victim’s system can be retained later?
a) Scanning
b) Maintaining access
c) Maintaining Access
d) Gaining access

Answer: c
Clarification: After gaining access to a system, the hacker needs to keep a path open so that he/she in future can access the system. Therefore, backdoors are set which will later allow the attacker to gain access through it easily.

3. _______ is the tool used for this purpose.
a) Powersploit
b) Aircrack – ng
c) Snort
d) Nmap

Answer: a
Clarification: The Powersploit is an access maintaining tool used for Windows systems. This tool is used for gaining re-access to the victim’s system using PowerShell.

4. Which of the following hacking tools and techniques hackers’ do not use for maintaining access in a system?
a) Rootkits
b) Backdoors
c) Trojans
d) Wireshark

Answer: d
Clarification: Wireshark is not a tool for maintaining access because it is used for analysing network protocols at a microscopic level (very minutely). It is an interactive tool for data traffic analysing on any computer.

5. In _______ phase, the hackers try to hide their footprints.
a) Scanning
b) Tracks clearing
c) Reconnaissance
d) Gaining access

Answer: b
Clarification: Tracks clearing or covering tracks is the name of the phase where the hackers delete logs of their existence & other activity records they do during the hacking process. This step is actually an unethical one.

6. Which of them is not a track clearing technique?
a) Altering log files
b) Tunnelling
c) Port Scanning
d) Footprint removing

Answer: c
Clarification: Port scanning is a method used in the scanning phase. Altering or changing log files, tunnelling for hiding your identity and removing footprints from different sites are examples of clearing tracks.

7. __________ is the last phase of ethical hacking process.
a) Scanning
b) Tracks clearing
c) Reconnaissance
d) Reporting

Answer: d
Clarification: In the reporting phase, the penetration tester or ethical hacker has to assemble all the flaws along with the tools and processes used for detecting then and report it to the firm or organization.

8. Which of the following is not a footprint-scanning tool?
a) SuperScan
b) TcpView
c) Maltego
d) OWASP Zed

Answer: c
Clarification: SuperScan, TcpView and OWASP Zed are tools used for scanning footprints. Maltego is not a footprint-scanning tool. It is used for reconnaissance purpose only.

250+ TOP MCQs on Fingerprinting and Answers

Cyber Security Multiple Choice Questions on “Fingerprinting”.

1. ________________ is an ethical hacking technique used for determining what operating system (OS) is running on a remote computer.
a) Footprinting
b) Cyber-printing
c) OS fingerprinting
d) OS penetration testing

Answer: c
Clarification: OS fingerprinting is an ethical hacking technique used for determining what operating system (OS) is running on a remote computer.

2. How many types of fingerprinting are there in ethical hacking?
a) 5
b) 4
c) 3
d) 2

Answer: d
Clarification: There are two types of fingerprinting in ethical hacking. These are active fingerprinting and passive fingerprinting. Active fingerprinting is gained if you send especially skilled packets to a target machine whereas passive fingerprinting is dependent on sniffer traces from the remote computer.

3. _______________________ is gained if you send especially skilled packets to a target machine.
a) Active fingerprinting
b) Passive fingerprinting
c) OS fingerprinting
d) Network fingerprinting

Answer: a
Clarification: Active fingerprinting is gained if you send especially skilled packets to a target machine and then listing down its replies and analyzing the information gathered for determining the target OS.

4. _______________________ is based on sniffer traces from the remote system.
a) Active fingerprinting
b) Passive fingerprinting
c) OS fingerprinting
d) Network fingerprinting

Answer: b
Clarification: Passive fingerprinting is dependent on the sniffing traces from any remote system. Depending on the sniffing traces done by tools like Wireshark, attackers can establish and verify the OS of the remote host.

5. How many basic elements are there for OS fingerprinting?
a) 2
b) 3
c) 4
d) 5

Answer: c
Clarification: There are four basic elements that an ethical hacker should look at to determine the operating system. These are TTL, Don’t fragment bit, Window Size, and Type of Service (TOS).

6. Which of the following do not comes under the important element of OS fingerprinting?
a) TTL
b) TOS
c) DF bits
d) Firewall

Answer: d
Clarification: There are four basic elements that an ethical hacker should look at to determine the operating system. These are TTL (time to Live), Don’t fragment bit, Window Size, and Type of Service (TOS).

7. By analyzing the factors like TTL, DF bits, Window Size and TOS of a packet, an ethical hacker may verify the operating system remotely.
a) True
b) False

Answer: a
Clarification: There are four basic elements that an ethical hacker should look at to determine the operating system. By analyzing these elements TTL, DF bits, Window Size and TOS of a packet, an ethical hacker may verify the operating system remotely.

8. ______________ is a common tool used for doing OS fingerprinting.
a) Hping
b) Wireshark
c) Nmap
d) Nessus

Answer: c
Clarification: Nmap is a common tool that is used for performing OS fingerprinting. Before targeting any system for the attack, it is necessary to know what OS the website is hosting, which can be found out using some simple command of this tool.

9. To secure your system from such type of attack, you have to hide your system behind any VPN or proxy server.
a) True
b) False

Answer: a
Clarification: It is recommended to hide your system from such fingerprinting attack, performed by hackers, with a secure proxy server by using VPN tools. This technique will completely preserve your identity and hence your system.

10. A _____________ is a network scanning practice through which hackers can use to conclude to a point which IP address from a list of IP addresses is mapping to live hosts.
a) ping-based hacking
b) ping sweep
c) ping-range
d) pinging

Answer: b
Clarification: A ping sweep is a network scanning practice through which hackers can use to conclude to a point which IP address from a list of IP addresses is mapping to live hosts.

11. Ping sweep is also known as ________________
a) ICMP sweep
b) SNMP sweep
c) SGNP sweep
d) SICMP sweep

Answer: a
Clarification: A ping sweep which is also known as ICMP sweep is a network scanning practice through which hackers can use to conclude to a point which IP address from a list of IP addresses is mapping to live hosts.

12. The _____________ command is used on Linux for getting the DNS and host-related information.
a) dnslookup
b) lookup
c) nslookup
d) infolookup

Answer: c
Clarification: The ‘nslookup’ command is used on Linux for getting the DNS and host-related information. DNS enumeration is the method used to locate all the DNS-servers and their associated records.

13. ___________________ is the method used to locate all the DNS-servers and their associated records for an organization.
a) DNS enumeration
b) DNS hacking
c) DNS cracking
d) DNS server hacking

Answer: a
Clarification: DNS enumeration is the method used to locate all the DNS-servers and their associated records for an organization. ‘nslookup’ command can be used on Linux for getting the DNS and host-related information.

14. Which of the following operations DNSenum cannot perform?
a) Perform reverse lookups
b) Get the host’s addresses
c) Get extra names and sub-domains through Google scraping
d) Get the admin password

Answer: d
Clarification: DNSenum is a popular Perl script that can fetch information such as – fetching host address, perform a reverse lookup, get additional name and sub-domain through Google scraping etc.

15. The configuration of DNS needs to be done in a secure way.
a) True
b) False

Answer: a
Clarification: Configuration of DNS needs to be done in a secure way, otherwise it is possible that cyber-criminals and hackers may take away lots of sensitive information from the organization.

250+ TOP MCQs on Information Gathering Phase & Techniques

Cyber Security online quiz on “Information Gathering Phase & Techniques”.

1. ____________ is the term used for gathering information about your competitors from online resources, researches, and newsgroups.
a) Competitive Intelligence gathering
b) Cognitive Intelligence gathering
c) Cyber Intelligence gathering
d) Competitors Info gathering

Answer: a
Clarification: Competitive Intelligence gathering is the term used for gathering information about your competitors from online resources, researches, and newsgroups. The competitive intelligence gathering is non-interfering & subtle in nature.

2. The ______________ intelligence gathering is non-interfering & subtle in nature.
a) cognitive
b) competitive
c) cyber
d) concrete

Answer: b
Clarification: Competitive Intelligence gathering is the term used for gathering information about your competitors from online resources, researches, and newsgroups. The competitive intelligence gathering is non-interfering & subtle in nature.

3. In the world of data, where data is considered the oil and fuel of modern technology _____________ is both a product and a process.
a) Competitive Intelligence gathering
b) Cognitive Intelligence gathering
c) Cyber Intelligence gathering
d) Competitors Info gathering

Answer: a
Clarification: In the world of data, where data is considered the oil and fuel of modern technology, Competitive Intelligence gathering is both a product and a process.

4. Which of them is not a proper step in competitive intelligence data processing?
a) Data gathering
b) Data analysis
c) Information security
d) Network analysis

Answer: d
Clarification: In the world of data, where data is considered the oil and fuel of modern technology, Competitive Intelligence gathering is both a product and a process which comprises of some predefined steps to handle data. These are data gathering, analysis, verification, and security.

5. Which one of the following is a proper step in competitive intelligence data processing?
a) Competitors’ data compromising
b) Data hacking
c) Data analysis
d) Competitors’ data stealing

Answer: c
Clarification: In the world of data, where data is considered the oil and fuel of modern technology, Competitive Intelligence gathering is both a product and a process which comprises of some specific steps to handle data. These are data gathering, analysis, verification, and security.

6. There are __________ types of cognitive hacking and information gathering which is based on the source type, from where data is fetched.
a) 6
b) 5
c) 4
d) 3

Answer: d
Clarification: There are two types of cognitive hacking and information gathering which are based on the source type, from where data is fetched. These are single source & multiple sources.

7. ______________ is important to grab a quick understanding and analyzing about your competitors or target user’s need.
a) Competitive Intelligence gathering
b) Cognitive Intelligence gathering
c) Cyber Intelligence gathering
d) Competitors Info gathering

Answer: a
Clarification: In the world of data, where data is considered the oil and fuel of modern technology, Competitive Intelligence gathering is both a product and a process. Hackers are hired with skills for gathering competitive knowledge so that data analysts can analyze those for further understanding of products.

8. Which of them is not a reason for competitive information gathering?
a) Compare your product with competitors
b) Analyze the market position of yours with competitors
c) Fetching confidential plans about your competitors
d) Pull out a list of your competitive firms in the market

Answer: c
Clarification: Fetching confidential plans about your competitors’ is not the work of ethical hackers hired for competitive information gathering. Also fetching such type of confidential information is a crime.

9. Competitive information gathering if done in the form of active attack using malware or by other illicit means can put your hired hacker or your company at stake.
a) True
b) False

Answer: a
Clarification: By the name of competitive information gathering if done in the form of active attack using malware or by other illicit means can put your hired hacker or your company at stake. It’s a cyber-crime also.

10. Predict and analyze the tactics of competitors from data taken out from online data sources is a crime.
a) True
b) False

Answer: b
Clarification: Predict and analyze the tactics of competitors from data taken out from online data sources is a crime. In the world of data, where data is considered the oil and fuel of modern technology. It can be done using competitive intelligence gathering techniques.

11. https://www.bidigital.com/ci/ is a website which is used for _________________
a) Competitive Intelligence gathering
b) Cognitive Intelligence gathering
c) Cyber Intelligence gathering
d) Competitors Info gathering

Answer: a
Clarification: In the world of data, where data is considered the oil and fuel of modern technology, Competitive Intelligence gathering is both a product and a process. https://www.bidigital.com/ci/ is a website which is used for such purpose.

12. Which of the following is a site used for Competitive Intelligence gathering?
a) https://www.bidigital.gov/
b) https://www.cig.com/ci/
c) https://www.coginfo.com/ci/
d) https://www.bidigital.com/ci/

Answer: d
Clarification: In the world of data, where data is considered the oil and fuel of modern technology, Competitive Intelligence gathering is both a product and a process. https://www.bidigital.com/ci/ is a website which is used for such purpose.

13. Which of the following is not an example of a firm that provides info regarding competitive intelligence gathering?
a) Carratu International
b) CI Center
c) Microsoft CI
d) Marven Consulting Group

Answer: c
Clarification: Carratu International, CI Center, Marven Consulting Group, Lubrinco Pvt Ltd. are some of the names of firms and companies that provide info regarding competitive intelligence gathering.

14. Using _____________ for doing competitive information gathering is a crime.
a) Spyware
b) Antivirus
c) Anti-malware
d) Adware

Answer: a
Clarification: By the name of competitive information gathering if done in the form of active attack using malware or by other illicit means can put your hired hacker or your company at stake. It’s a cyber-crime.

15. Competitive Intelligence gathering is both a ___________ and a ____________
a) process, product
b) process, item
c) product & data to sell to 3rd party
d) data to sell to a 3rd party and a product

Answer: a
Clarification: In the world of data, where data is considered the oil and fuel of modern technology, Competitive Intelligence gathering is both a product and a process which comprises of some predefined steps to handle data.