Q1. Consider the following statements:
(i) The purpose of vulnerability scanning is to identify weakness of system/network in order to determine how a system can be exploited.
(ii) NMAP script can be useful for automated scanning. However, scripts can have specific equirement.
a. Only (i) is true.
b. Only (ii) is true.
c. Both (i) and (ii) are true.
d. Both (i) and (ii) are false.

Q2. Which of the following NMAP option runs some of the nmap scripts?
a. -A
b. -sC
c -pn
d. -PE
e. -sL

Q3. Which of the following NMAP scripts is used to preform DoS attack?
a. ssh-brute
b. smb-os-discovery
c. smb-brute
d. http-slowloris-check
e. None of these.

Q4. Which of the following tools/software cannot be used for scanning vulnerabilities?
a. Hypervisor
b. Nessus
c. Hydra
d. crunch
e. hascat
f. Nmap

Q5. Which of the following tool/approach can be used for proxy preparation?
a. Web based proxy/Proxychains tools
b. By running NMAP vulnerability scanning scripts.
c. Macchanger tool
d. Hypervisor
e. Firewall

Q6. Which of the following is not a password cracking approach?
a. Shoulder Surfing
b. Social Engineering
c. Dictionary Attack
d. Brute-Force attack
e. Rule Based Attack
f. None of these.

Q7. Which of the following tools can be used to create a dictionary for dictionary based password attack?
a. Hydra
b. Crunch
c. Nessus
d. None of these.

Q8. Which of the following statement(s) is/are true for user enumeration?
a. Enumeration refers to collecting details of users and their privileges.
b. User enumeration refers to collecting username and passwords.
c. NMAP does not have any script for user enumeration.
d. Hydra and crunch tool can be used for user enumeration.

Q9. Which of the following can be used for gaining same level privileges than existing one?
a. Vertical privilege escalation.
b. Horizontal privilege escalation.
c. Diagonal privilege escalation.
d. Triangular privilege escalation.
e. None of these.

Q10. Which of the following approaches can be helpful to avoid privilege escalation attack?
a. Run user level application on least privileges.
b. Keep the software updated.
c. Regularly perform vulnerability scan.
d. Institute a strong password policy.
e. Avoid downloading files from untrusted/malicious websites.
f. Ignore unknown mails.

Q11. Which of the following statement(s) is/are false?
a. Malware are malicious software that damages or disables computer systems and gives limited or full control to the malware creator for the purpose of theft or fraud.
b. Malware can get inside systems through file sharing or fake programs.
c. Malware cannot replicate itself.
d. Malwares can alter, corrupt, modify or delete some data/files.
e. None of these.

Q12. Which of the following can be used as a countermeasure against malwares?
a. Use of firewall
b. Avoid downloading files from untrusted/malicious websites
¢ Use of antivirus tools
d. Keep computer and software updated.
e. Ignoring unknown mails
f. All of these

Q13. Which of the following statement(s) is/are false for sniffing?
a. Sniffing is a process of monitoring and capturing all data packets passing through a given network.
b. The HTTPS packets are vulnerable to sniffing attack.
c. In passive sniffing ARP packets are used to flood the switch’s CAM table.
d. None of these.

Q14. Which of the following commands is used to delete an ARP entry in a system?
a. arp-l
b. arp-s
c. arp-i
d. arp—e
e. None of these

Q15. Which of the following statement(s) is/are true?
a. ARP spoofing involve construction of large number of forged ARP request/reply packets.
b. Using fake ARP messages, an attacker can divert all communications between two machines so that all traffic is exchanged via his/her PC.
c. In MAC attack, CAM table are flooded with fake MAC address and IP pairs.
d. MAC attack cannot change the behavior of the switch.
e. MAC attack can fill the CAM table of adjacent switches.
f. None of these.