Cyber Crime Multiple Choice Questions
1. Why would a hacker use a proxy server?
A. To create a stronger connection with the target
B. To create a ghost server on the network
C. To obtain a remote access connection
D. To hide malicious activity on the network
Answer: To hide malicious activity on the network
2. What type of symmetric key algorithm using a streaming cipher to encrypt information?
A. RC4
B. Blowfish
C. SHA
D. MD5
Answer: RC4
3. Which of the following is not a factor in securing the environment against an attack on security?
A. The education of the attacker
B. The system configuration
C. The network architecture
D. The business strategy of the company
Answer: The business strategy of the company
4. To hide information inside a picture, what technology is used?
A. Rootkits
B. Bitmapping
C. Steganography
D. None of the above
Answer: Steganography
5. Which phase of hacking performs actual attack on a network or system?
A. Reconnaissance
B. Maintaining Access
C. Scanning
D. Gaining Access
Answer: Maintaining Access
6. Which of the following is not a typical characteristic of an ethical hacker?
A. Excellent knowledge of Windows
B. Understands the process of exploiting network vulnerabilities
C. Patience, persistence and perseverance
D. Has the highest level of security for the organization
Answer: Has the highest level of security for the organization
7. What type of rootkit will patch, hook, or replace the version of system call in order to hide information?
A. Library level rootkits
B. Kernel level rootkits
C. System level rootkits
D. None Of The Above
Answer: Library level rootkits
8. What are some of the most common vulnerabilities that exist in a network or system?
A. Changing manufacturer, or recommended, settings of a newly installed application
B. Additional unused features on commercial software packages
C. Utilizing open source application code
D. Balancing security concerns with functionality and ease of use of a system
Answer: Additional unused features on commercial software packages
9 What is the sequence of a TCP connection?
A SYN-ACK-FIN
B SYN-SYN ACK-ACK
C SYN-ACK
D None of the Above
Answer: SYN-SYN ACK-ACK
10 Which ports should be blocked to prevent null session enumeration?
A Ports 120 and 445
B Ports 135 and 136
C Ports 110 and 137
D Ports 135 and 139
Answer: Ports 135 and 139
11 Why would a ping sweep be used?
A To identify live systems
B To locate live systems
C To identify open ports
D To locate firewalls
Answer: To identify live systems
12 What are the port states determined by Nmap?
A Active, inactive, standby
B Open, half-open, closed
C Open, filtered, unfiltered
D Active, closed, unused
Answer: Open, filtered, unfiltered
13 Which of the following will allow footprinting to be conducted without detection?
A PingSweep
B Traceroute
C War Dialers
D ARIN
Answer: ARIN
14 Performing hacking activities with the intent on gaining visibility for an unfair situation is called ________.
A Cracking
B Analysis
C Hacktivism
D Exploitation
Answer: Hacktivism
15 What is the most important activity in system hacking?
A Information gathering
B Cracking passwords
C Escalating privileges
D Covering tracks
Answer: Cracking passwords
16 Sniffing is used to perform ______________ fingerprinting.
A Passive stack
B Active stack
C Passive banner grabbing
D None of the above
Answer: Passive stack
17 Phishing is a form of ____________________.
A Spamming
B Identify Theft
C Impersonation
D Scanning
Answer: Impersonation
18 Why would HTTP Tunneling be used?
A To identify proxy servers
B Web activity is not scanned
C To bypass a firewall
D HTTP is a easy protocol to work with
Answer: To bypass a firewall
19 Which Nmap scan is does not completely open a TCP connection?
A SYN stealth scan
B TCP connect
C XMAS tree scan
D ACK scan
Answer: SYN stealth scan
20 Services running on a system are determined by _____________.
A The system’s IP address
B The Active Directory
C The system’s network name
D The port assigned
Answer: The port assigned
21 What are hybrid attacks?
A An attempt to crack passwords using words that can be found in dictionary
B An attempt to crack passwords by replacing characters of a dictionary word with numbers and symbols
C An attempt to crack passwords using a combination of characters, numbers, and symbols
D An attempt to crack passwords by replacing characters with numbers and symbols
Answer: An attempt to crack passwords by replacing characters of a dictionary word with numbers and symbols
22 Which database is queried by Whois?
A ICANN
B ARIN
C APNIC
D DNS
Answer: ICANN
23 Which of the following is not a type of cyber crime?
A Data theft
B Forgery
C Damage to data and systems
D Installing antivirus for protection
Answer: Installing antivirus for protection
24 Which of the following is not an example of a computer as weapon cyber-crime?
A Credit card fraudulent
B Spying someone using keylogger
C IPR Violation
D None of the above
Answer: Spying someone using keylogger
25 Which of the following is not done by cyber criminals?
A Unauthorized account access
B Mass attack using Trojans as botnets
C Email spoofing and spamming
D Report vulnerability in any system
Answer: Report vulnerability in any system
26 What is the name of the IT law that India is having in the Indian legislature?
A India’s Technology (IT) Act, 2000
B India’s Digital Information Technology (DIT) Act, 2000
C India’s Information Technology (IT) Act, 2000
D The Technology Act, 2008
Answer: India’s Information Technology (IT) Act, 2000
27 What is the full form of ITA-2000?
A Information Tech Act -2000
B Indian Technology Act -2000
C International Technology Act -2000
D Information Technology Act -2000
Answer: Information Technology Act -2000
28 What is the punishment in India for stealing computer documents, assets or any software’s source code from any organization, individual, or from any other means?
A 6 months of imprisonment and a fine of Rs. 50,000
B 1 year of imprisonment and a fine of Rs. 100,000
C 2 years of imprisonment and a fine of Rs. 250,000
D 3 years of imprisonment and a fine of Rs. 500,000
Answer: 3 years of imprisonment and a fine of Rs. 500,000
29 What is the updated version of the IT Act, 2000?
A IT Act, 2007
B Advanced IT Act, 2007
C IT Act, 2008
D None of the Above
Answer: IT Act, 2008
30 In which year the Indian IT Act, 2000 got updated?
A 2006
B 2008
C 2010
D 2012
Answer: 2008
31 Which of the following is not a factor in securing the environment against an attack on security?
A The education of the attacker
B The system configuration
C The network architecture
D The business strategy of the company
Answer: To identify live systems
32 To hide information inside a picture, what technology is used?
A Rootkits
B Bitmapping
C Steganography
D Image Rendering
Answer: Steganography
33 Which phase of hacking performs actual attack on a network or system?
A Reconnaissance
B Maintaining Access
C Scanning
D Gaining Access
Answer: Gaining Access
34 Attempting to gain access to a network using an employee’s credentials is called the _____________ mode of ethical hacking.
A Local networking
B Social engineering
C Physical entry
D Remote networking
Answer: Local networking
35 Which Federal Code applies the consequences of hacking activities that disrupt subway transit systems?
A Electronic Communications Interception of Oral Communications
B 18 U.S.C. § 1029
C Cyber Security Enhancement Act 2002
D 18 U.S.C. § 1030
Answer: Cyber Security Enhancement Act 2002
36 What type of attack uses a fraudulent server with a relay address?
A NTLM
B MITM
C NetBIOS
D None of the above
Answer: MITM
37 What type of symmetric key algorithm using a streaming cipher to encrypt information?
A RC4
B Blowfish
C SHA
D MD5
Answer: RC4
38 Why would a hacker use a proxy server?
A To create a stronger connection with the target
B To create a ghost server on the network
C To obtain a remote access connection
D To hide malicious activity on the network
Answer: To hide malicious activity on the network
39 What type of cyber-crime, its laws and punishments does section 66 of the Indian IT Act holds?
A Cracking or illegally hack into any system
B Putting antivirus into the victim
C Stealing data
D Stealing hardware components
Answer: Cracking or illegally hack into any system
40 In which year India’s IT Act came into existence?
A 2000
B 2001
C 2002
D 2003
Answer: 2000
41 Under which section of IT Act, stealing any digital asset or information is written a cyber-crime.
A 65
B 65-D
C 67
D 70
Answer: 65
42 What type of attack uses a fraudulent server with a relay address?
A NTLM
B MITM
C NetBIOS
D SMB
Answer: MITM
43 What port is used to connect to the Active Directory in Windows 2000?
A 80
B 445
C 139
D 389
Answer: 389
44 Attempting to gain access to a network using an employee’s credentials is called the _____________ mode of ethical hacking.
A Local networking
B Social engineering
C Physical entry
D Remote networking
Answer: Local networking
45 Which Federal Code applies the consequences of hacking activities that disrupt subway transit systems?
A Electronic Communications Interception of Oral Communications
B 18 U.S.C. § 1029
C Cyber Security Enhancement Act 2002
D 18 U.S.C. § 1030
Answer: Cyber Security Enhancement Act 2002
46 What is the proper command to perform an Nmap XMAS scan every 15seconds?
A nmap -sX -sneaky
B nmap -sX -paranoid
C nmap -sX -aggressive
D nmap -sX -polite
Answer: nmap -sX -sneaky
47 What is the purpose of a Denial of Service attack?
A Exploit a weakness in the TCP/IP stack
B To execute a Trojan on a system
C To overload a system so it is no longer operational
D To shutdown services by turning them off
Answer: To overload a system so it is no longer operational
48 What tool can be used to perform SNMP enumeration?
A DNSlookup
B Whois
C Nslookup
D IP Network Browser
Answer: IP Network Browser
49 The first phase of hacking an IT system is compromise of which foundation of security?
A Availability
B Confidentiality
C Integrity
D None of the Above
Answer: Confidentiality
50 How is IP address spoofing detected?
A Installing and configuring a IDS that can read the IP header
B Comparing the TTL values of the actual and spoofed addresses
C Implementing a firewall to the network
D Identify all TCP sessions that are initiated but does not complete successfully
Answer: Comparing the TTL values of the actual and spoofed addresses
51 A packet with no flags set is which type of scan?
A TCP
B XMAS
C IDLE
D NULL
Answer: NULL
52 What protocol is the Active Directory database based on?
A LDAP
B TCP
C SQL
D HTTP
Answer: LDAP
53 What are the types of scanning?
A Port, network, and services
B Network, vulnerability, and port
C Passive, active, and interactive
D Server, client, and network
Answer: Network, vulnerability, and port
54 What is the best statement for taking advantage of a weakness in the security of an IT system?
A Threat
B Attack
C Exploit
D Vulnerability
Answer: Exploit
55 Having individuals provide personal information to obtain a free offer provided through the Internet is considered what type of social engineering?
A Web-based
B Human-based
C User-based
D Computer-based
Answer: Computer-based
56 Which form of encryption does WPA use?
A Shared key
B LEAP
C TKIP
D None of the above
Answer: TKIP