InterviewSolution

Explore topic-wise InterviewSolutions in .

This section includes InterviewSolutions, each offering curated multiple-choice questions to sharpen your knowledge and support exam preparation. Choose a topic below to get started.

1.	CVE is a directory of lists of publicly recognized information security vulnerabilities as well as exposures.(a) True(b) FalseI had been asked this question in quiz.The above asked question is from Exploits and Exploitation in section Cyber Security of Cyber Security
Answer» CORRECT choice is (a) True For EXPLANATION: CVE is a directory of lists of publicly recognized information security VULNERABILITIES as well as exposures. It is available from the LINK https://cve.mitre.org.

2.	National Vulnerability Database (NVD) is _________________ repository of data regarding vulnerability standards.(a) U.S. government(b) India government(c) Russian government(d) China GovernmentI had been asked this question in unit test.Origin of the question is Exploits and Exploitation topic in division Cyber Security of Cyber Security
Answer» Correct OPTION is (a) U.S. GOVERNMENT Easiest explanation: National Vulnerability DATABASE (NVD) is the US government repository of DATA regarding vulnerability standards. It is available from the LINK https://nvd.nist.gov.

3.	___________________ are some very frequent updates that come for every anti-virus.(a) Patch update(b) Data update(c) Code update(d) Definition updateThis question was posed to me in a national level competition.Enquiry is from Exploits and Exploitation topic in portion Cyber Security of Cyber Security
Answer» Right choice is (d) Definition update Easy explanation: Definition UPDATES are some very frequent updates that come for EVERY anti-virus. These updates are frequently ROLLED out in order to update your antivirus SOFTWARE with the latest releases of attack VECTORS and bugs.

4.	Known bugs can be solved or removed by __________________ develop by the vendors of the application.(a) removing the application(b) changing the software(c) installing security patches(d) installing database patchesThe question was asked at a job interview.The origin of the question is Exploits and Exploitation topic in division Cyber Security of Cyber Security
Answer» The CORRECT choice is (C) installing security patches Easiest explanation: Known BUGS and vulnerabilities of a system can be solved or installing or updating the security patches developed by the VENDOR or owner of that PARTICULAR application.

5.	A ____________ is a set of changes done to any program or its associated data designed for updating, fixing, or improving it.(a) scratch(b) patch(c) fixer(d) resolverThe question was asked in an interview for job.The query is from Exploits and Exploitation in chapter Cyber Security of Cyber Security
Answer» The correct option is (b) patch The best EXPLANATION: The term ‘patch’ in the applied computer science is a set of CHANGES DONE to any program or its associated data designed for updating, FIXING, or improving it. Patch releases are done by vendors to solve any bug in a system.

6.	Fixing of security vulnerabilities in a system by additional programs is known as __________ patches.(a) hacking(b) database(c) server(d) securityThis question was addressed to me by my college professor while I was bunking the class.My question is based upon Exploits and Exploitation topic in portion Cyber Security of Cyber Security
Answer» RIGHT option is (d) security To ELABORATE: Fixing of security vulnerabilities in a system by additional programs is known as security patches. These type of patches HELPS in fixing security BUGS and improving the overall security of the system.

7.	Known exploits have a confirmation of and measures can be taken against it to resolve them.(a) True(b) FalseI have been asked this question in examination.This key question is from Exploits and Exploitation in section Cyber Security of Cyber Security
Answer» CORRECT option is (a) True Easiest EXPLANATION: Known exploits have a confirmation of and measures can be TAKEN against it to resolve them. These types of vulnerabilities and exploit details are AVAILABLE online in blogs and sites.

8.	Unknown exploits are those exploits that have not yet been reported openly and hence present a straightforward attack at firms and the government agencies.(a) True(b) FalseThis question was addressed to me in an internship interview.The question is from Exploits and Exploitation in section Cyber Security of Cyber Security
Answer» Correct OPTION is (a) True Best EXPLANATION: Unknown exploits are those exploits that have not yet been reported openly and hence present a straightforward attack at FIRMS and the GOVERNMENT agencies. They’re also called Zero-day exploits.

9.	How many types of exploits are there based on their nature from hacking’s perspective?(a) 4(b) 3(c) 2(d) 5This question was posed to me by my school principal while I was bunking the class.This intriguing question comes from Exploits and Exploitation in portion Cyber Security of Cyber Security
Answer» Right option is (c) 2 Explanation: There are basically 2 types of exploits based on the NATURE of their existence and knowledge. These are known and UNKNOWN (i.e. Zero Day). Known exploits are those that are released publicly and people know about them. Unknown exploits are such TYPE of exploits that are not known or the bugs are not FIXED by vendors or owners.

10.	There are __________ types of exploits based on their working.(a) two(b) three(c) four(d) fiveThis question was addressed to me in unit test.I'm obligated to ask this question of Exploits and Exploitation topic in portion Cyber Security of Cyber Security
Answer» The correct option is (a) two For explanation I would say: There are two different types of exploits. These are remote exploits – where HACKERS can gain ACCESS to the system or network REMOTELY, and local exploits – where the hacker need to access the system PHYSICALLY and OVERPASS the rights.

11.	Which of the following are not a vulnerability-listed site/database?(a) Exploit-db(b) Common Vulnerabilities and Exposures (CVE)(c) National Vulnerability Database (NVD)(d) Bing Vulnerability database (BVD)I have been asked this question during an online interview.This intriguing question comes from Exploits and Exploitation in section Cyber Security of Cyber Security
Answer» Correct answer is (d) BING Vulnerability database (BVD) To EXPLAIN: Exploit-db (https://www.exploit-db.com/), Common Vulnerabilities and Exposures (CVE) (https://cve.mitre.org/), andNational Vulnerability Database (NVD) (https://nvd.nist.gov/) are three vulnerability listing site.

12.	__________ is the specific search engine for exploits where anyone can find all the exploits associated to vulnerability.(a) Google(b) Bing(c) Exploit-db(d) Exploit-engineI had been asked this question during an internship interview.Asked question is from Exploits and Exploitation in chapter Cyber Security of Cyber Security
Answer» The correct option is (C) Exploit-db Best explanation: Since BASED on vulnerabilities, we can find exploits, Exploit-db is the specific SEARCH engine for exploits where anyone can find all the exploits ASSOCIATED with vulnerability. You can find this from https://www.exploit-db.com.

13.	Which of them is not a powerful vulnerability detecting tool?(a) Nessus(b) Nexpose(c) Metasploit(d) NmapThis question was posed to me during an internship interview.This interesting question is from Exploits and Exploitation in division Cyber Security of Cyber Security
Answer» Correct answer is (d) Nmap To explain I WOULD say: Some of the most WIDELY used tools for detecting VULNERABILITIES in a system are Nessus, Nexpose, Metasploit and OpenVAS. Hackers use these tools for detecting vulnerabilities and then write EXPLOITS to exploit the SYSTEMS.

14.	The process of finding vulnerabilities and exploiting them using exploitable scripts or programs are known as _____________(a) infiltrating(b) exploitation(c) cracking(d) hackingThis question was addressed to me in class test.My doubt is from Exploits and Exploitation in portion Cyber Security of Cyber Security
Answer» The correct option is (b) exploitation To EXPLAIN: The process of FINDING vulnerabilities and EXPLOITING them using exploitable SCRIPTS or programs are known as exploitation. VULNERABILITY scanners such as Nexpose and Nessus are used for finding such vulnerabilities and then they are exploited using such programs and scripts.

15.	________________ are piece of programs or scripts that allow hackers to take control over any system.(a) Exploits(b) Antivirus(c) Firewall by-passers(d) WormsThe question was asked in my homework.My doubt is from Exploits and Exploitation topic in section Cyber Security of Cyber Security
Answer» The correct choice is (a) Exploits The best I can explain: Exploits are the PIECE of programs or scripts that ALLOW hackers to take control over any system. Vulnerability SCANNERS such as Nexpose and NESSUS are USED for finding such vulnerabilities.