Unit 2 - Practice Quiz

INT245 50 Questions
0 Correct 0 Wrong 50 Left
0/50

1 Which of the following best describes the primary objective of the footprinting phase in penetration testing?

A. To gather as much information as possible about the target system or network
B. To launch a Denial of Service (DoS) attack
C. To install a backdoor for future access
D. To gain administrative access to the system

2 What is the key difference between Passive and Active footprinting?

A. Active footprinting generates log entries on the target system, while passive usually does not.
B. Passive footprinting involves direct interaction with the target, while active does not.
C. Passive footprinting is illegal, while active is legal.
D. Active footprinting uses open-source tools, while passive uses proprietary tools.

3 Which of the following is considered an OSINT (Open Source Intelligence) source?

A. Intercepted internal company emails
B. Packet sniffing on a local LAN
C. Configuration files obtained via an exploit
D. Public social media profiles and WHOIS records

4 In the context of 'Google Hacking', what does the search operator filetype:pdf accomplish?

A. It restricts search results to files with the .pdf extension.
B. It searches for websites hosted on a PDF server.
C. It searches for the text 'pdf' in the URL.
D. It converts HTML pages to PDF.

5 Which DNS record type would a penetration tester query to identify the mail servers of a target organization?

A. A Record
B. CNAME Record
C. MX Record
D. PTR Record

6 What is the purpose of the archive.org 'Wayback Machine' in the context of information gathering?

A. To conduct SQL injection attacks
B. To view historical versions of a website to find removed information
C. To scan for open ports on a server
D. To crack password hashes

7 Which tool is specifically designed to visualize relationships between people, groups, and companies using open-source intelligence?

A. Maltego
B. John the Ripper
C. Wireshark
D. Metasploit

8 A penetration tester uses the search engine Shodan. What is Shodan primarily used for?

A. Locating Internet-connected devices (IoT, SCADA, Servers)
B. Finding people on social media
C. Reverse image searching
D. Searching for academic papers

9 Which of the following activities is an example of Social Engineering?

A. Scanning a firewall for open ports
B. Cracking a WiFi WPA2 handshake
C. Manipulating an employee into revealing their password via a phone call
D. Performing a buffer overflow attack

10 What is Dumpster Diving in the context of physical security vulnerabilities?

A. Deleting files from the trash bin
B. Jumping over a physical security turnstile
C. Searching through trash to find discarded sensitive documents
D. Hiding malware in the recycle bin

11 Which term describes a social engineering attack where the attacker follows an authorized person through a secure door without using a badge?

A. Whaling
B. Phishing
C. Tailgating
D. Spoofing

12 In website information gathering, what file is checked to see which parts of the website the administrator wants to hide from search engine crawlers?

A. sitemap.xml
B. config.php
C. index.html
D. robots.txt

13 Which psychological principle of persuasion (defined by Robert Cialdini) relies on the target's tendency to obey figures such as police officers or executives?

A. Scarcity
B. Liking
C. Authority
D. Consistency

14 What is Phishing?

A. Guessing passwords using a dictionary
B. A physical attack on server hardware
C. Listening to network traffic
D. Sending fraudulent emails to induce individuals to reveal personal information

15 Which social engineering technique specifically targets high-profile executives like CEOs or CFOs?

A. Vishing
B. Baiting
C. Whaling
D. Dumpster Diving

16 What is Vishing?

A. Visual Hacking
B. Virtual Phishing
C. Voice Phishing (using the telephone)
D. Video Phishing

17 An attacker drops a USB drive labeled 'Payroll 2024' in the company parking lot, hoping an employee plugs it in. What type of attack is this?

A. Quid Pro Quo
B. Tailgating
C. Pretexting
D. Baiting

18 Which tool is commonly used to harvest email addresses and subdomains from public sources like search engines and PGP servers?

A. theHarvester
B. Aircrack-ng
C. Nmap
D. Wireshark

19 What information does the command nslookup primarily provide?

A. DNS records and IP address mapping
B. Operating System version
C. List of open ports
D. MAC addresses of local machines

20 In the context of physical security, what is Shoulder Surfing?

A. Looking over a user's shoulder to view passwords or sensitive data
B. Sharing a WiFi connection
C. Browsing the internet on someone else's computer
D. Using a ladder to climb over a wall

21 Which social engineering attack involves creating a fabricated scenario to persuade a victim to release information?

A. Pretexting
B. Port Scanning
C. War Driving
D. Sniffing

22 What is the primary purpose of Competitive Intelligence gathering in footprinting?

A. To shut down a competitor's website
B. To understand the target organization's market position, partners, and technologies
C. To install ransomware
D. To steal physical assets from a competitor

23 When performing website mirroring (e.g., using HTTrack), what is the attacker attempting to do?

A. Deface the website
B. Inject SQL commands
C. Download a local copy of the website for offline analysis
D. Crash the web server

24 Which Google Dork operator would you use to find pages specifically containing the phrase 'login' in the URL?

A. filetype:login
B. inurl:login
C. site:login
D. intext:login

25 What allows an attacker to obtain a complete copy of the DNS database for a domain?

A. DNS Reflection
B. DNS Zone Transfer
C. DNS Cache Poisoning
D. DNS Spoofing

26 Which of the following is an example of Passive Information Gathering?

A. Running a port scan with Nmap
B. Attempting default passwords on a login page
C. Injecting XSS payloads
D. Browsing the target's LinkedIn employee list

27 What is Smishing?

A. Phishing via SMS (Text Message)
B. Phishing via Social Media
C. Phishing via Smart Mail
D. Phishing via SMTP

28 In the context of the Human Psyche, 'Scarcity' creates a feeling of:

A. Trust in authority
B. Comfort in following the crowd
C. Obligation to return a favor
D. Urgency due to limited availability

29 What is the Quid Pro Quo social engineering technique?

A. Looking through trash
B. Threatening the victim
C. Pretending to be a CEO
D. Promising a benefit in exchange for information

30 Which tool can be used to extract Metadata (EXIF data) from images found on a target's website?

A. Netcat
B. Traceroute
C. Ping
D. ExifTool

31 What does the traceroute (or tracert) command help a penetration tester identify?

A. The web server software version
B. The content of the database
C. The path packets take and intermediate routers (network topology)
D. The passwords of users

32 What is Lock Picking classified as?

A. A physical security attack
B. A network-based attack
C. A social engineering attack
D. A cryptographic attack

33 Which online database allows users to look up the ownership and contact details of a domain name?

A. ARP
B. WHOIS
C. NAT
D. DHCP

34 What does the acronym OSINT stand for?

A. Open Source Intelligence
B. Open Source Internal Network Technology
C. Official Security Intelligence
D. Operating System Integration

35 A hacker calls a receptionist claiming to be from the IT department and asks for the WiFi password to 'fix the network'. This is an example of:

A. Impersonation
B. Dumpster Diving
C. Buffer Overflow
D. SQL Injection

36 Which Google search operator restricts results to a specific domain (e.g., only showing results from example.com)?

A. domain:example.com
B. site:example.com
C. link:example.com
D. host:example.com

37 Why is Social Media scrubbing (gathering data from Facebook, LinkedIn, Twitter) valuable to a penetration tester?

A. It allows for physical access to the building.
B. It helps build a profile of employees for password guessing and social engineering.
C. It crashes the target's network.
D. It directly provides root access to servers.

38 What is the best countermeasure against Dumpster Diving?

A. Installing a firewall
B. Shredding sensitive documents before disposal
C. Using strong passwords
D. Encrypting email

39 In the context of Human Vulnerabilities, what does FOMO (Fear Of Missing Out) relate to?

A. Technical exploitations
B. Social engineering leveraging Urgency/Scarcity
C. Wireless encryption cracking
D. Physical bypassing of locks

40 What is Piggybacking in physical security?

A. Using a brute force attack.
B. Copying a hard drive.
C. Intercepting WiFi signals.
D. An unauthorized person enters a secure area with the consent/knowledge of an authorized person.

41 Which tool would you use to identify the technologies (CMS, Web Server, Frameworks) used by a website?

A. Calculator
B. Notepad
C. Ping
D. BuiltWith

42 What is the risk of Reverse Image Searching an employee's profile picture?

A. It changes the employee's password.
B. It can reveal other social media profiles using the same image.
C. It deletes the image from the server.
D. It infects the computer with a virus.

43 Which DNS record type maps an IP address back to a hostname (Reverse DNS)?

A. NS
B. MX
C. A
D. PTR

44 Which of the following describes Insider Threat?

A. A denial of service attack from a botnet.
B. An attack originating from outside the firewall.
C. A virus downloaded from the internet.
D. A threat from a disgruntled or compromised employee within the organization.

45 What type of information is found in the EDGAR database?

A. Criminal records
B. DNS records
C. Financial reports of publicly traded US companies
D. Email passwords

46 The command ping is used primarily to test:

A. The type of web server software
B. Reachability of a host on an IP network
C. The strength of a password
D. The speed of the CPU

47 Which social engineering tactic relies on the principle of 'Social Proof' (Consensus)?

A. 'Everyone else in the department has already updated their password.'
B. 'I will give you a gift card if you help me.'
C. 'Do this because the CEO said so.'
D. 'This offer expires in 5 minutes.'

48 What is RFID Cloning?

A. Copying the data from an RFID badge to a blank card to gain physical access
B. Copying a biological fingerprint
C. Duplicating an email
D. Cloning a website

49 In the context of footprinting, what is the 'target address range'?

A. The range of WiFi signal
B. The physical distance between the hacker and the server
C. The set of IP addresses owned or used by the target organization
D. The list of email addresses

50 If a penetration tester finds a document with the extension .xls via Google Dorking, what kind of data are they likely looking at?

A. A database backup
B. A PDF document
C. An executable program
D. An Excel spreadsheet