1 $Which of the following best describes the primary objective of the footprinting phase in penetration testing?$

A.

To launch a Denial of Service (DoS) attack

B.

To install a backdoor for future access

C.

To gather as much information as possible about the target system or network

D.

To gain administrative access to the system

2 $What is the key difference between Passive and Active footprinting?$

A.

Passive footprinting involves direct interaction with the target, while active does not.

B.

Passive footprinting is illegal, while active is legal.

C.

Active footprinting uses open-source tools, while passive uses proprietary tools.

D.

Active footprinting generates log entries on the target system, while passive usually does not.

3 $Which of the following is considered an OSINT (Open Source Intelligence) source?$

A.

Packet sniffing on a local LAN

B.

Configuration files obtained via an exploit

C.

Intercepted internal company emails

D.

Public social media profiles and WHOIS records

4 $In the context of 'Google Hacking', what does the search operator filetype:pdf accomplish?$

A.

It converts HTML pages to PDF.

B.

It searches for websites hosted on a PDF server.

C.

It searches for the text 'pdf' in the URL.

D.

It restricts search results to files with the .pdf extension.

5 $Which DNS record type would a penetration tester query to identify the mail servers of a target organization?$

A.

A Record

B.

PTR Record

C.

CNAME Record

D.

MX Record

6 $What is the purpose of the archive.org'Wayback Machine' in the context of information gathering?$

A.

To view historical versions of a website to find removed information

B.

To conduct SQL injection attacks

C.

To scan for open ports on a server

D.

To crack password hashes

7 $Which tool is specifically designed to visualize relationships between people, groups, and companies using open-source intelligence?$

A.

Maltego

B.

Metasploit

C.

John the Ripper

D.

Wireshark

8 $A penetration tester uses the search engine Shodan . What is Shodan primarily used for?$

A.

Locating Internet-connected devices (IoT, SCADA, Servers)

B.

Searching for academic papers

C.

Reverse image searching

D.

Finding people on social media

9 $Which of the following activities is an example of Social Engineering ?$

A.

Performing a buffer overflow attack

B.

Scanning a firewall for open ports

C.

Manipulating an employee into revealing their password via a phone call

D.

Cracking a WiFi WPA2 handshake

10 $What is Dumpster Diving in the context of physical security vulnerabilities?$

A.

Hiding malware in the recycle bin

B.

Deleting files from the trash bin

C.

Jumping over a physical security turnstile

D.

Searching through trash to find discarded sensitive documents

11 $Which term describes a social engineering attack where the attacker follows an authorized person through a secure door without using a badge?$

A.

Whaling

B.

Spoofing

C.

Tailgating

D.

Phishing

12 $In website information gathering, what file is checked to see which parts of the website the administrator wants to hide from search engine crawlers?$

A.

index.html

B.

robots.txt

C.

sitemap.xml

D.

config.php

13 $Which psychological principle of persuasion (defined by Robert Cialdini) relies on the target's tendency to obey figures such as police officers or executives?$

A.

Consistency

B.

Liking

C.

Scarcity

D.

Authority

14 $What is Phishing ?$

A.

A physical attack on server hardware

B.

Guessing passwords using a dictionary

C.

Sending fraudulent emails to induce individuals to reveal personal information

D.

Listening to network traffic

15 $Which social engineering technique specifically targets high-profile executives like CEOs or CFOs?$

A.

Baiting

B.

Dumpster Diving

C.

Vishing

D.

Whaling

16 $What is Vishing ?$

A.

Video Phishing

B.

Voice Phishing (using the telephone)

C.

Virtual Phishing

D.

Visual Hacking

17 $An attacker drops a USB drive labeled 'Payroll 2024' in the company parking lot, hoping an employee plugs it in. What type of attack is this?$

A.

Tailgating

B.

Quid Pro Quo

C.

Baiting

D.

Pretexting

18 $Which tool is commonly used to harvest email addresses and subdomains from public sources like search engines and PGP servers?$

A.

theHarvester

B.

Wireshark

C.

Aircrack-ng

D.

Nmap

19 $What information does the command nslookup primarily provide?$

A.

DNS records and IP address mapping

B.

MAC addresses of local machines

C.

Operating System version

D.

List of open ports

20 $In the context of physical security, what is Shoulder Surfing ?$

A.

Browsing the internet on someone else's computer

B.

Sharing a WiFi connection

C.

Using a ladder to climb over a wall

D.

Looking over a user's shoulder to view passwords or sensitive data

21 $Which social engineering attack involves creating a fabricated scenario to persuade a victim to release information?$

A.

Port Scanning

B.

War Driving

C.

Sniffing

D.

Pretexting

22 $What is the primary purpose of Competitive Intelligence gathering in footprinting?$

A.

To shut down a competitor's website

B.

To install ransomware

C.

To understand the target organization's market position, partners, and technologies

D.

To steal physical assets from a competitor

23 $When performing website mirroring (e.g., using HTTrack), what is the attacker attempting to do?$

A.

Crash the web server

B.

Download a local copy of the website for offline analysis

C.

Inject SQL commands

D.

Deface the website

24 $Which Google Dork operator would you use to find pages specifically containing the phrase 'login' in the URL?$

A.

filetype:login

B.

site:login

C.

inurl:login

D.

intext:login

25 $What allows an attacker to obtain a complete copy of the DNS database for a domain?$

A.

DNS Spoofing

B.

DNS Reflection

C.

DNS Zone Transfer

D.

DNS Cache Poisoning

26 $Which of the following is an example of Passive Information Gathering ?$

A.

Injecting XSS payloads

B.

Browsing the target's LinkedIn employee list

C.

Attempting default passwords on a login page

D.

Running a port scan with Nmap

27 $What is Smishing ?$

A.

Phishing via SMS (Text Message)

B.

Phishing via SMTP

C.

Phishing via Social Media

D.

Phishing via Smart Mail

28 $In the context of the Human Psyche, 'Scarcity' creates a feeling of:$

A.

Comfort in following the crowd

B.

Urgency due to limited availability

C.

Trust in authority

D.

Obligation to return a favor

29 $What is the Quid Pro Quo social engineering technique?$

A.

Pretending to be a CEO

B.

Promising a benefit in exchange for information

C.

Looking through trash

D.

Threatening the victim

30 $Which tool can be used to extract Metadata (EXIF data) from images found on a target's website?$

A.

Netcat

B.

Traceroute

C.

Ping

D.

ExifTool

31 $What does the traceroute (or tracert) command help a penetration tester identify?$

A.

The passwords of users

B.

The path packets take and intermediate routers (network topology)

C.

The web server software version

D.

The content of the database

32 $What is Lock Picking classified as?$

A.

A social engineering attack

B.

A network-based attack

C.

A physical security attack

D.

A cryptographic attack

33 $Which online database allows users to look up the ownership and contact details of a domain name?$

A.

WHOIS

B.

ARP

C.

NAT

D.

DHCP

34 $What does the acronym OSINT stand for?$

A.

Open Source Internal Network Technology

B.

Operating System Integration

C.

Open Source Intelligence

D.

Official Security Intelligence

35 $A hacker calls a receptionist claiming to be from the IT department and asks for the WiFi password to 'fix the network'. This is an example of:$

A.

SQL Injection

B.

Buffer Overflow

C.

Dumpster Diving

D.

Impersonation

36 $Which Google search operator restricts results to a specific domain (e.g., only showing results from example.com)?$

A.

host:example.com

B.

site:example.com

C.

domain:example.com

D.

link:example.com

37 $Why is Social Media scrubbing (gathering data from Facebook, LinkedIn, Twitter) valuable to a penetration tester?$

A.

It helps build a profile of employees for password guessing and social engineering.

B.

It crashes the target's network.

C.

It allows for physical access to the building.

D.

It directly provides root access to servers.

38 $What is the best countermeasure against Dumpster Diving ?$

A.

Encrypting email

B.

Shredding sensitive documents before disposal

C.

Using strong passwords

D.

Installing a firewall

39 $In the context of Human Vulnerabilities, what does FOMO (Fear Of Missing Out) relate to?$

A.

Technical exploitations

B.

Social engineering leveraging Urgency/Scarcity

C.

Wireless encryption cracking

D.

Physical bypassing of locks

40 $What is Piggybacking in physical security?$

A.

An unauthorized person enters a secure area with the consent/knowledge of an authorized person.

B.

Intercepting WiFi signals.

C.

Copying a hard drive.

D.

Using a brute force attack.

41 $Which tool would you use to identify the technologies (CMS, Web Server, Frameworks) used by a website?$

A.

Notepad

B.

Ping

C.

BuiltWith

D.

Calculator

42 $What is the risk of Reverse Image Searching an employee's profile picture?$

A.

It deletes the image from the server.

B.

It infects the computer with a virus.

C.

It changes the employee's password.

D.

It can reveal other social media profiles using the same image.

43 $Which DNS record type maps an IP address back to a hostname (Reverse DNS)?$

A.

A

B.

NS

C.

MX

D.

PTR

44 $Which of the following describes Insider Threat ?$

A.

A virus downloaded from the internet.

B.

An attack originating from outside the firewall.

C.

A threat from a disgruntled or compromised employee within the organization.

D.

A denial of service attack from a botnet.

45 $What type of information is found in the EDGAR database?$

A.

DNS records

B.

Email passwords

C.

Financial reports of publicly traded US companies

D.

Criminal records

46 $The command ping is used primarily to test:$

A.

The speed of the CPU

B.

The type of web server software

C.

Reachability of a host on an IP network

D.

The strength of a password

47 $Which social engineering tactic relies on the principle of'Social Proof' (Consensus)?$

A.

'Everyone else in the department has already updated their password.'

B.

'Do this because the CEO said so.'

C.

'I will give you a gift card if you help me.'

D.

'This offer expires in 5 minutes.'

48 $What is RFID Cloning ?$

A.

Copying a biological fingerprint

B.

Copying the data from an RFID badge to a blank card to gain physical access

C.

Cloning a website

D.

Duplicating an email

49 $In the context of footprinting, what is the 'target address range'?$

A.

The list of email addresses

B.

The range of WiFi signal

C.

The physical distance between the hacker and the server

D.

The set of IP addresses owned or used by the target organization

50 $If a penetration tester finds a document with the extension .xls via Google Dorking, what kind of data are they likely looking at?$

A.

A database backup

B.

An Excel spreadsheet

C.

A PDF document

D.

An executable program

Unit 2 - Practice Quiz