1 $Which of the following best describes the primary objective of the footprinting phase in penetration testing?$

A.

To gain administrative access to the system

B.

To gather as much information as possible about the target system or network

C.

To launch a Denial of Service (DoS) attack

D.

To install a backdoor for future access

2 $What is the key difference between Passive and Active footprinting?$

A.

Passive footprinting involves direct interaction with the target, while active does not.

B.

Active footprinting generates log entries on the target system, while passive usually does not.

C.

Passive footprinting is illegal, while active is legal.

D.

Active footprinting uses open-source tools, while passive uses proprietary tools.

3 $Which of the following is considered an OSINT (Open Source Intelligence) source?$

A.

Intercepted internal company emails

B.

Configuration files obtained via an exploit

C.

Public social media profiles and WHOIS records

D.

Packet sniffing on a local LAN

4 $In the context of 'Google Hacking', what does the search operator filetype:pdf accomplish?$

A.

It searches for websites hosted on a PDF server.

B.

It restricts search results to files with the .pdf extension.

C.

It converts HTML pages to PDF.

D.

It searches for the text 'pdf' in the URL.

5 $Which DNS record type would a penetration tester query to identify the mail servers of a target organization?$

A.

A Record

B.

CNAME Record

C.

MX Record

D.

PTR Record

6 $What is the purpose of the archive.org'Wayback Machine' in the context of information gathering?$

A.

To crack password hashes

B.

To view historical versions of a website to find removed information

C.

To scan for open ports on a server

D.

To conduct SQL injection attacks

7 $Which tool is specifically designed to visualize relationships between people, groups, and companies using open-source intelligence?$

A.

Wireshark

B.

Maltego

C.

Metasploit

D.

John the Ripper

8 $A penetration tester uses the search engine Shodan . What is Shodan primarily used for?$

A.

Searching for academic papers

B.

Locating Internet-connected devices (IoT, SCADA, Servers)

C.

Finding people on social media

D.

Reverse image searching

9 $Which of the following activities is an example of Social Engineering ?$

A.

Performing a buffer overflow attack

B.

Manipulating an employee into revealing their password via a phone call

C.

Scanning a firewall for open ports

D.

Cracking a WiFi WPA2 handshake

10 $What is Dumpster Diving in the context of physical security vulnerabilities?$

A.

Deleting files from the trash bin

B.

Searching through trash to find discarded sensitive documents

C.

Hiding malware in the recycle bin

D.

Jumping over a physical security turnstile

11 $Which term describes a social engineering attack where the attacker follows an authorized person through a secure door without using a badge?$

A.

Phishing

B.

Tailgating

C.

Whaling

D.

Spoofing

12 $In website information gathering, what file is checked to see which parts of the website the administrator wants to hide from search engine crawlers?$

A.

index.html

B.

sitemap.xml

C.

robots.txt

D.

config.php

13 $Which psychological principle of persuasion (defined by Robert Cialdini) relies on the target's tendency to obey figures such as police officers or executives?$

A.

Scarcity

B.

Authority

C.

Liking

D.

Consistency

14 $What is Phishing ?$

A.

A physical attack on server hardware

B.

Sending fraudulent emails to induce individuals to reveal personal information

C.

Listening to network traffic

D.

Guessing passwords using a dictionary

15 $Which social engineering technique specifically targets high-profile executives like CEOs or CFOs?$

A.

Baiting

B.

Whaling

C.

Vishing

D.

Dumpster Diving

16 $What is Vishing ?$

A.

Video Phishing

B.

Voice Phishing (using the telephone)

C.

Virtual Phishing

D.

Visual Hacking

17 $An attacker drops a USB drive labeled 'Payroll 2024' in the company parking lot, hoping an employee plugs it in. What type of attack is this?$

A.

Pretexting

B.

Baiting

C.

Quid Pro Quo

D.

Tailgating

18 $Which tool is commonly used to harvest email addresses and subdomains from public sources like search engines and PGP servers?$

A.

theHarvester

B.

Nmap

C.

Wireshark

D.

Aircrack-ng

19 $What information does the command nslookup primarily provide?$

A.

MAC addresses of local machines

B.

DNS records and IP address mapping

C.

Operating System version

D.

List of open ports

20 $In the context of physical security, what is Shoulder Surfing ?$

A.

Browsing the internet on someone else's computer

B.

Looking over a user's shoulder to view passwords or sensitive data

C.

Using a ladder to climb over a wall

D.

Sharing a WiFi connection

21 $Which social engineering attack involves creating a fabricated scenario to persuade a victim to release information?$

A.

Pretexting

B.

Sniffing

C.

Port Scanning

D.

War Driving

22 $What is the primary purpose of Competitive Intelligence gathering in footprinting?$

A.

To shut down a competitor's website

B.

To understand the target organization's market position, partners, and technologies

C.

To steal physical assets from a competitor

D.

To install ransomware

23 $When performing website mirroring (e.g., using HTTrack), what is the attacker attempting to do?$

A.

Crash the web server

B.

Download a local copy of the website for offline analysis

C.

Inject SQL commands

D.

Deface the website

24 $Which Google Dork operator would you use to find pages specifically containing the phrase 'login' in the URL?$

A.

intext:login

B.

inurl:login

C.

filetype:login

D.

site:login

25 $What allows an attacker to obtain a complete copy of the DNS database for a domain?$

A.

DNS Zone Transfer

B.

DNS Cache Poisoning

C.

DNS Spoofing

D.

DNS Reflection

26 $Which of the following is an example of Passive Information Gathering ?$

A.

Running a port scan with Nmap

B.

Attempting default passwords on a login page

C.

Browsing the target's LinkedIn employee list

D.

Injecting XSS payloads

27 $What is Smishing ?$

A.

Phishing via SMS (Text Message)

B.

Phishing via Smart Mail

C.

Phishing via Social Media

D.

Phishing via SMTP

28 $In the context of the Human Psyche, 'Scarcity' creates a feeling of:$

A.

Trust in authority

B.

Urgency due to limited availability

C.

Obligation to return a favor

D.

Comfort in following the crowd

29 $What is the Quid Pro Quo social engineering technique?$

A.

Promising a benefit in exchange for information

B.

Threatening the victim

C.

Pretending to be a CEO

D.

Looking through trash

30 $Which tool can be used to extract Metadata (EXIF data) from images found on a target's website?$

A.

ExifTool

B.

Netcat

C.

Ping

D.

Traceroute

31 $What does the traceroute (or tracert) command help a penetration tester identify?$

A.

The web server software version

B.

The path packets take and intermediate routers (network topology)

C.

The content of the database

D.

The passwords of users

32 $What is Lock Picking classified as?$

A.

A network-based attack

B.

A physical security attack

C.

A social engineering attack

D.

A cryptographic attack

33 $Which online database allows users to look up the ownership and contact details of a domain name?$

A.

WHOIS

B.

DHCP

C.

ARP

D.

NAT

34 $What does the acronym OSINT stand for?$

A.

Open Source Internal Network Technology

B.

Open Source Intelligence

C.

Operating System Integration

D.

Official Security Intelligence

35 $A hacker calls a receptionist claiming to be from the IT department and asks for the WiFi password to 'fix the network'. This is an example of:$

A.

Impersonation

B.

Dumpster Diving

C.

Buffer Overflow

D.

SQL Injection

36 $Which Google search operator restricts results to a specific domain (e.g., only showing results from example.com)?$

A.

host:example.com

B.

link:example.com

C.

site:example.com

D.

domain:example.com

37 $Why is Social Media scrubbing (gathering data from Facebook, LinkedIn, Twitter) valuable to a penetration tester?$

A.

It directly provides root access to servers.

B.

It helps build a profile of employees for password guessing and social engineering.

C.

It crashes the target's network.

D.

It allows for physical access to the building.

38 $What is the best countermeasure against Dumpster Diving ?$

A.

Installing a firewall

B.

Shredding sensitive documents before disposal

C.

Using strong passwords

D.

Encrypting email

39 $In the context of Human Vulnerabilities, what does FOMO (Fear Of Missing Out) relate to?$

A.

Technical exploitations

B.

Social engineering leveraging Urgency/Scarcity

C.

Physical bypassing of locks

D.

Wireless encryption cracking

40 $What is Piggybacking in physical security?$

A.

An unauthorized person enters a secure area with the consent/knowledge of an authorized person.

B.

Copying a hard drive.

C.

Intercepting WiFi signals.

D.

Using a brute force attack.

41 $Which tool would you use to identify the technologies (CMS, Web Server, Frameworks) used by a website?$

A.

BuiltWith

B.

Ping

C.

Notepad

D.

Calculator

42 $What is the risk of Reverse Image Searching an employee's profile picture?$

A.

It can reveal other social media profiles using the same image.

B.

It infects the computer with a virus.

C.

It deletes the image from the server.

D.

It changes the employee's password.

43 $Which DNS record type maps an IP address back to a hostname (Reverse DNS)?$

A.

A

B.

PTR

C.

MX

D.

NS

44 $Which of the following describes Insider Threat ?$

A.

An attack originating from outside the firewall.

B.

A threat from a disgruntled or compromised employee within the organization.

C.

A virus downloaded from the internet.

D.

A denial of service attack from a botnet.

45 $What type of information is found in the EDGAR database?$

A.

Criminal records

B.

Financial reports of publicly traded US companies

C.

DNS records

D.

Email passwords

46 $The command ping is used primarily to test:$

A.

The speed of the CPU

B.

Reachability of a host on an IP network

C.

The strength of a password

D.

The type of web server software

47 $Which social engineering tactic relies on the principle of'Social Proof' (Consensus)?$

A.

'Do this because the CEO said so.'

B.

'Everyone else in the department has already updated their password.'

C.

'This offer expires in 5 minutes.'

D.

'I will give you a gift card if you help me.'

48 $What is RFID Cloning ?$

A.

Copying the data from an RFID badge to a blank card to gain physical access

B.

Cloning a website

C.

Duplicating an email

D.

Copying a biological fingerprint

49 $In the context of footprinting, what is the 'target address range'?$

A.

The physical distance between the hacker and the server

B.

The set of IP addresses owned or used by the target organization

C.

The range of WiFi signal

D.

The list of email addresses

50 $If a penetration tester finds a document with the extension .xls via Google Dorking, what kind of data are they likely looking at?$

A.

A database backup

B.

An Excel spreadsheet

C.

A PDF document

D.

An executable program

Unit 2 - Practice Quiz