1 $Which of the following best describes the primary objective of the footprinting phase in penetration testing?$

A.

To install a backdoor for future access

B.

To gain administrative access to the system

C.

To gather as much information as possible about the target system or network

D.

To launch a Denial of Service (DoS) attack

2 $What is the key difference between Passive and Active footprinting?$

A.

Active footprinting uses open-source tools, while passive uses proprietary tools.

B.

Passive footprinting involves direct interaction with the target, while active does not.

C.

Active footprinting generates log entries on the target system, while passive usually does not.

D.

Passive footprinting is illegal, while active is legal.

3 $Which of the following is considered an OSINT (Open Source Intelligence) source?$

A.

Packet sniffing on a local LAN

B.

Intercepted internal company emails

C.

Configuration files obtained via an exploit

D.

Public social media profiles and WHOIS records

4 $In the context of 'Google Hacking', what does the search operator filetype:pdf accomplish?$

A.

It restricts search results to files with the .pdf extension.

B.

It converts HTML pages to PDF.

C.

It searches for the text 'pdf' in the URL.

D.

It searches for websites hosted on a PDF server.

5 $Which DNS record type would a penetration tester query to identify the mail servers of a target organization?$

A.

MX Record

B.

PTR Record

C.

A Record

D.

CNAME Record

6 $What is the purpose of the archive.org'Wayback Machine' in the context of information gathering?$

A.

To view historical versions of a website to find removed information

B.

To conduct SQL injection attacks

C.

To crack password hashes

D.

To scan for open ports on a server

7 $Which tool is specifically designed to visualize relationships between people, groups, and companies using open-source intelligence?$

A.

Wireshark

B.

Metasploit

C.

John the Ripper

D.

Maltego

8 $A penetration tester uses the search engine Shodan . What is Shodan primarily used for?$

A.

Finding people on social media

B.

Searching for academic papers

C.

Reverse image searching

D.

Locating Internet-connected devices (IoT, SCADA, Servers)

9 $Which of the following activities is an example of Social Engineering ?$

A.

Manipulating an employee into revealing their password via a phone call

B.

Performing a buffer overflow attack

C.

Scanning a firewall for open ports

D.

Cracking a WiFi WPA2 handshake

10 $What is Dumpster Diving in the context of physical security vulnerabilities?$

A.

Hiding malware in the recycle bin

B.

Jumping over a physical security turnstile

C.

Searching through trash to find discarded sensitive documents

D.

Deleting files from the trash bin

11 $Which term describes a social engineering attack where the attacker follows an authorized person through a secure door without using a badge?$

A.

Phishing

B.

Spoofing

C.

Whaling

D.

Tailgating

12 $In website information gathering, what file is checked to see which parts of the website the administrator wants to hide from search engine crawlers?$

A.

config.php

B.

sitemap.xml

C.

index.html

D.

robots.txt

13 $Which psychological principle of persuasion (defined by Robert Cialdini) relies on the target's tendency to obey figures such as police officers or executives?$

A.

Consistency

B.

Scarcity

C.

Liking

D.

Authority

14 $What is Phishing ?$

A.

Sending fraudulent emails to induce individuals to reveal personal information

B.

Listening to network traffic

C.

Guessing passwords using a dictionary

D.

A physical attack on server hardware

15 $Which social engineering technique specifically targets high-profile executives like CEOs or CFOs?$

A.

Vishing

B.

Dumpster Diving

C.

Whaling

D.

Baiting

16 $What is Vishing ?$

A.

Voice Phishing (using the telephone)

B.

Visual Hacking

C.

Video Phishing

D.

Virtual Phishing

17 $An attacker drops a USB drive labeled 'Payroll 2024' in the company parking lot, hoping an employee plugs it in. What type of attack is this?$

A.

Pretexting

B.

Baiting

C.

Tailgating

D.

Quid Pro Quo

18 $Which tool is commonly used to harvest email addresses and subdomains from public sources like search engines and PGP servers?$

A.

Wireshark

B.

Aircrack-ng

C.

theHarvester

D.

Nmap

19 $What information does the command nslookup primarily provide?$

A.

Operating System version

B.

MAC addresses of local machines

C.

DNS records and IP address mapping

D.

List of open ports

20 $In the context of physical security, what is Shoulder Surfing ?$

A.

Sharing a WiFi connection

B.

Looking over a user's shoulder to view passwords or sensitive data

C.

Using a ladder to climb over a wall

D.

Browsing the internet on someone else's computer

21 $Which social engineering attack involves creating a fabricated scenario to persuade a victim to release information?$

A.

Sniffing

B.

War Driving

C.

Pretexting

D.

Port Scanning

22 $What is the primary purpose of Competitive Intelligence gathering in footprinting?$

A.

To understand the target organization's market position, partners, and technologies

B.

To shut down a competitor's website

C.

To install ransomware

D.

To steal physical assets from a competitor

23 $When performing website mirroring (e.g., using HTTrack), what is the attacker attempting to do?$

A.

Download a local copy of the website for offline analysis

B.

Inject SQL commands

C.

Deface the website

D.

Crash the web server

24 $Which Google Dork operator would you use to find pages specifically containing the phrase 'login' in the URL?$

A.

site:login

B.

inurl:login

C.

intext:login

D.

filetype:login

25 $What allows an attacker to obtain a complete copy of the DNS database for a domain?$

A.

DNS Reflection

B.

DNS Cache Poisoning

C.

DNS Zone Transfer

D.

DNS Spoofing

26 $Which of the following is an example of Passive Information Gathering ?$

A.

Browsing the target's LinkedIn employee list

B.

Running a port scan with Nmap

C.

Attempting default passwords on a login page

D.

Injecting XSS payloads

27 $What is Smishing ?$

A.

Phishing via Smart Mail

B.

Phishing via SMTP

C.

Phishing via Social Media

D.

Phishing via SMS (Text Message)

28 $In the context of the Human Psyche, 'Scarcity' creates a feeling of:$

A.

Trust in authority

B.

Comfort in following the crowd

C.

Urgency due to limited availability

D.

Obligation to return a favor

29 $What is the Quid Pro Quo social engineering technique?$

A.

Threatening the victim

B.

Promising a benefit in exchange for information

C.

Pretending to be a CEO

D.

Looking through trash

30 $Which tool can be used to extract Metadata (EXIF data) from images found on a target's website?$

A.

Ping

B.

ExifTool

C.

Traceroute

D.

Netcat

31 $What does the traceroute (or tracert) command help a penetration tester identify?$

A.

The passwords of users

B.

The content of the database

C.

The web server software version

D.

The path packets take and intermediate routers (network topology)

32 $What is Lock Picking classified as?$

A.

A physical security attack

B.

A network-based attack

C.

A cryptographic attack

D.

A social engineering attack

33 $Which online database allows users to look up the ownership and contact details of a domain name?$

A.

DHCP

B.

WHOIS

C.

NAT

D.

ARP

34 $What does the acronym OSINT stand for?$

A.

Open Source Intelligence

B.

Operating System Integration

C.

Official Security Intelligence

D.

Open Source Internal Network Technology

35 $A hacker calls a receptionist claiming to be from the IT department and asks for the WiFi password to 'fix the network'. This is an example of:$

A.

Impersonation

B.

Buffer Overflow

C.

Dumpster Diving

D.

SQL Injection

36 $Which Google search operator restricts results to a specific domain (e.g., only showing results from example.com)?$

A.

site:example.com

B.

domain:example.com

C.

link:example.com

D.

host:example.com

37 $Why is Social Media scrubbing (gathering data from Facebook, LinkedIn, Twitter) valuable to a penetration tester?$

A.

It directly provides root access to servers.

B.

It crashes the target's network.

C.

It allows for physical access to the building.

D.

It helps build a profile of employees for password guessing and social engineering.

38 $What is the best countermeasure against Dumpster Diving ?$

A.

Encrypting email

B.

Using strong passwords

C.

Shredding sensitive documents before disposal

D.

Installing a firewall

39 $In the context of Human Vulnerabilities, what does FOMO (Fear Of Missing Out) relate to?$

A.

Social engineering leveraging Urgency/Scarcity

B.

Wireless encryption cracking

C.

Physical bypassing of locks

D.

Technical exploitations

40 $What is Piggybacking in physical security?$

A.

Copying a hard drive.

B.

An unauthorized person enters a secure area with the consent/knowledge of an authorized person.

C.

Intercepting WiFi signals.

D.

Using a brute force attack.

41 $Which tool would you use to identify the technologies (CMS, Web Server, Frameworks) used by a website?$

A.

BuiltWith

B.

Calculator

C.

Notepad

D.

Ping

42 $What is the risk of Reverse Image Searching an employee's profile picture?$

A.

It infects the computer with a virus.

B.

It deletes the image from the server.

C.

It can reveal other social media profiles using the same image.

D.

It changes the employee's password.

43 $Which DNS record type maps an IP address back to a hostname (Reverse DNS)?$

A.

NS

B.

A

C.

MX

D.

PTR

44 $Which of the following describes Insider Threat ?$

A.

A virus downloaded from the internet.

B.

An attack originating from outside the firewall.

C.

A threat from a disgruntled or compromised employee within the organization.

D.

A denial of service attack from a botnet.

45 $What type of information is found in the EDGAR database?$

A.

Email passwords

B.

Financial reports of publicly traded US companies

C.

DNS records

D.

Criminal records

46 $The command ping is used primarily to test:$

A.

The strength of a password

B.

The type of web server software

C.

The speed of the CPU

D.

Reachability of a host on an IP network

47 $Which social engineering tactic relies on the principle of'Social Proof' (Consensus)?$

A.

'I will give you a gift card if you help me.'

B.

'Do this because the CEO said so.'

C.

'This offer expires in 5 minutes.'

D.

'Everyone else in the department has already updated their password.'

48 $What is RFID Cloning ?$

A.

Copying a biological fingerprint

B.

Duplicating an email

C.

Cloning a website

D.

Copying the data from an RFID badge to a blank card to gain physical access

49 $In the context of footprinting, what is the 'target address range'?$

A.

The physical distance between the hacker and the server

B.

The list of email addresses

C.

The range of WiFi signal

D.

The set of IP addresses owned or used by the target organization

50 $If a penetration tester finds a document with the extension .xls via Google Dorking, what kind of data are they likely looking at?$

A.

An executable program

B.

An Excel spreadsheet

C.

A PDF document

D.

A database backup

Unit 2 - Practice Quiz