![MCQs [2024]](https://engineeringinterviewquestions.com/wp-content/uploads/2021/02/Interview-Questions-2.png)
Cyber Security Multiple Choice Questions on “Ethics of Ethical Hacking”.
1. What is the ethics behind training how to hack a system?
a) To think like hackers and know how to defend such attacks
b) To hack a system without the permission
c) To hack a network that is vulnerable
d) To corrupt software or service using malware
Answer: a
Clarification: It is important for ethical hackers and security professional to know how the cyber-criminals think and proceed to target any system or network. This is why ethical hackers and penetration testers are trained with proper ethics to simulate such a scenario as how the real cyber-attack takes place.
2. Performing a shoulder surfing in order to check other’s password is ____________ ethical practice.
a) a good
b) not so good
c) very good social engineering practice
d) a bad
Answer: d
Clarification: Overlooking or peeping into someone’s system when he/she is entering his/her password is a bad practice and is against the ethics of conduct for every individual. Shoulder surfing is a social engineering attack approach used by some cyber-criminals to know your password and gain access to your system later.
3. ___________ has now evolved to be one of the most popular automated tools for unethical hacking.
a) Automated apps
b) Database software
c) Malware
d) Worms
Answer: c
Clarification: Malware is one of the biggest culprits that harm companies because they are programmed to do the malicious task automatically and help hackers do illicit activities with sophistication.
4. Leaking your company data to the outside network without prior permission of senior authority is a crime.
a) True
b) False
Answer: a
Clarification: Without prior permission of the senior authority or any senior member, if you’re leaking or taking our your company’s data outside (and which is confidential), then it’s against the code of corporate ethics.
5. _____________ is the technique used in business organizations and firms to protect IT assets.
a) Ethical hacking
b) Unethical hacking
c) Fixing bugs
d) Internal data-breach
Answer: a
Clarification: Ethical hacking is that used by business organizations and firms for exploiting vulnerabilities to secure the firm. Ethical hackers help in increasing the capabilities of any organization or firm in protecting their IT and information assets.
6. The legal risks of ethical hacking include lawsuits due to __________ of personal data.
a) stealing
b) disclosure
c) deleting
d) hacking
Answer: b
Clarification: The legal risks of ethical hacking contains lawsuits due to disclosure of personal data during the penetration testing phase. Such disclosure of confidential data may lead to a legal fight between the ethical hacker and the organization.
7. Before performing any penetration test, through legal procedure, which key points listed below is not mandatory?
a) Know the nature of the organization
b) Characteristics of work done in the firm
c) System and network
d) Type of broadband company used by the firm
Answer: d
Clarification: Before performing any penetration test, through the legal procedure the key points that the penetration tester must keep in mind are –
i) Know the nature of the organization
ii) what type of work the organization do and
iii) the system and networks used in various departments and their confidential data that are sent and received over the network.
8. An ethical hacker must ensure that proprietary information of the firm does not get leaked.
a) True
b) False
Answer: a
Clarification: Yes, it is very important for an ethical hacker to make sure that while doing penetration tests, the confidential data and proprietary information are preserved properly and not get leaked to the external network.
9. After performing ____________ the ethical hacker should never disclose client information to other parties.
a) hacking
b) cracking
c) penetration testing
d) exploiting
Answer: c
Clarification: It is against the laws and ethics of ethical hackers that after doing penetration tests, the ethical hacker should never disclose client information to other parties. The protection of client data is in the hands of the ethical hacker who performed the tests.
10. __________ is the branch of cyber security that deals with morality and provides different theories and a principle regarding the view-points about what is right and wrong.
a) Social ethics
b) Ethics in cyber-security
c) Corporate ethics
d) Ethics in black hat hacking
Answer: d
Clarification: Ethics in cyber-security is the branch of cyber security that deals with morality and provides different theories and principles’ regarding the view-points about what is right and what need not to be done.
11. ________ helps to classify arguments and situations, better understand a cyber-crime and helps to determine appropriate actions.
a) Cyber-ethics
b) Social ethics
c) Cyber-bullying
d) Corporate behaviour
Answer: a
Clarification: Cyber-ethics and knowledge of proper ethical aspects while doing penetration tests helps to classify arguments and situations, better understand a cyber crime and helps to determine appropriate actions.
12. A penetration tester must identify and keep in mind the ___________ & ___________ requirements of a firm while evaluating the security postures.
a) privacy and security
b) rules and regulations
c) hacking techniques
d) ethics to talk to seniors
Answer: a
Clarification: A penetration tester must keep in mind the privacy & security requirements as well as policies of a firm while evaluating the security postures of the target, which is called as “industry and business ethics policies”.