Cyber Security MCQs on “Popular Tools used in Security”.
1. _________ framework made cracking of vulnerabilities easy like point and click.
a) .Net
b) Metasploit
c) Zeus
d) Ettercap
Answer: b
Clarification: In the year 2003, the Metasploit framework was released which made finding and cracking of vulnerabilities easy and is used by both white as well as black hat hackers.
2. Nmap is abbreviated as Network Mapper.
a) True
b) False
Answer: a
Clarification: Network Mapper (Nmap) is a popular open-source tool used for discovering network as well as security auditing. It can be used for either a single host network or large networks.
3. __________ is a popular tool used for discovering networks as well as in security auditing.
a) Ettercap
b) Metasploit
c) Nmap
d) Burp Suit
Answer: c
Clarification: Network Mapper (Nmap) is a popular open-source tool used for discovering network as well as security auditing. It can be used for either a single host network or large networks.
4. Which of this Nmap do not check?
a) services different hosts are offering
b) on what OS they are running
c) what kind of firewall is in use
d) what type of antivirus is in use
Answer: d
Clarification: Network Mapper (Nmap) is a popular open-source tool used for discovering network as well as security auditing. It usually checks for different services used by the host, what operating system it is running and the type of firewall it is using.
5. Which of the following deals with network intrusion detection and real-time traffic analysis?
a) John the Ripper
b) L0phtCrack
c) Snort
d) Nessus
Answer: c
Clarification: Snort is a network intrusion detecting application that deals with real-time traffic analysis. As the rules are set and kept updated, they help in matching patterns against known patterns and protect your network.
6. Wireshark is a ____________ tool.
a) network protocol analysis
b) network connection security
c) connection analysis
d) defending malicious packet-filtering
Answer: a
Clarification: Wireshark is popular standardized network protocol analysis tools that allow in-depth check and analysis of packets from different protocols used by the system.
7. Which of the below-mentioned tool is used for Wi-Fi hacking?
a) Wireshark
b) Nessus
c) Aircrack-ng
d) Snort
Answer: c
Clarification: Weak wireless encryption protocols get easily cracked using Aircrack WPA and Aircrack WEP attacks that comes with Aircrack-ng tool. Its packet sniffing feature keeps track of all its traffic without making any attack.
8. Aircrack-ng is used for ____________
a) Firewall bypassing
b) Wi-Fi attacks
c) Packet filtering
d) System password cracking
Answer: b
Clarification: Weak wireless encryption protocols get easily cracked using Aircrack WPA and Aircrack WEP. Its packet sniffing feature keeps track of all its traffic without making any attack.
9. _____________ is a popular IP address and port scanner.
a) Cain and Abel
b) Snort
c) Angry IP Scanner
d) Ettercap
Answer: c
Clarification: Angry IP scanner is a light-weight, cross-platform IP and port scanning tool that scans a range of IP. It uses the concept of multithreading for making fast efficient scanning.
10. _______________ is a popular tool used for network analysis in multiprotocol diverse network.
a) Snort
b) SuperScan
c) Burp Suit
d) EtterPeak
Answer: d
Clarification: EtterPeak is a network analysis tool that can be used for multiprotocol heterogeneous networking architecture. It can help in sniffing packets of network traffic.
11. ____________ scans TCP ports and resolves different hostnames.
a) SuperScan
b) Snort
c) Ettercap
d) QualysGuard
Answer: a
Clarification: SuperScan has a very nice user-friendly interface and it is used for scanning TCP ports as well as resolve hostnames. It is popularly used for scanning ports from a given range of IP.
12. ___________ is a web application assessment security tool.
a) LC4
b) WebInspect
c) Ettercap
d) QualysGuard
Answer: b
Clarification: WebInspect is a popular web application security tool used for identifying known vulnerabilities residing in web-application layer. It also helps in penetration testing of web servers.
13. Which of the following attack-based checks WebInspect cannot do?
a) cross-site scripting
b) directory traversal
c) parameter injection
d) injecting shell code
Answer: d
Clarification: WebInspect can check whether a web server is properly configured or not by attempting for common attacks such as Cross-site scripting, directory traversal, and parameter injection. But it cannot inject malicious shell code in the server.
14. ________ is a password recovery and auditing tool.
a) LC3
b) LC4
c) Network Stumbler
d) Maltego
Answer: b
Clarification: LC4 which was previously known as L0phtCrack is a password auditing and recovery tool; used for testing strength of a password and also helps in recovering lost Microsoft Windows passwords.
15. L0phtCrack is formerly known as LC3.
a) True
b) False
Answer: b
Clarification: L0phtCrack is now commonly known as LC4 is a password auditing and recovery tool; used for testing strength of a password and also helps in recovering lost Microsoft Windows passwords.