Explore topic-wise InterviewSolutions in .

Correct CHOICE is (c) Snort

Explanation: Nexpose, Nikto Web SCANNER, and Nessus Professional are some of the popular VULNERABILITY scanning tools. Vulnerability scanners are inspection tools used to CHECK for potential points of exploit on a system or NETWORK for identifying security holes.

The correct choice is (C) Maltego

Best explanation: Netcat, Unicornscan, Angry IP scanners are some of the POPULAR tools USED for PORT scanning. These TYPES of tools are a special type of application designed for probing a server or host for open ports.

The correct choice is (a) PORT knocking

Explanation: Port knocking is quite an esoteric PROCESS for preventing session creation through a particular port. Port knocking is not presently used by default in any stack, but soon PATCHES will come to ALLOW the use of knocking protocols.

The correct OPTION is (d) Server malware scanning

For explanation I would say: Hping2 is a command-line TCP/IP packet ASSEMBLER and analyzer TOOL. Also, it has a trace-route mode. It has the ability to send files between COVERED channels & also SUPPORTS ICMP echo requests. Server malware scanning is not a valid feature of Hping2 tool.

Right OPTION is (c) 6

The BEST I can explain: There are 6 standard flags are USED in a TCP communication between client and server. These standard flags are: Synchronize, Acknowledgement, Push, URGENT, FINISH and Reset.

Right answer is (b) Hping2

The best explanation: Hping2 is a command-line TCP/IP packet assembler and ANALYZER TOOL. Also, it has a trace-route mode. It has the ABILITY to SEND FILES between covered channels & also supports ICMP echo requests.

The correct choice is (d) Start

Best explanation: Start is not a standard and VALID flag of TCP communication in a client-server connection. These standard flags are: SYNCHRONIZE Acknowledgement, Push, Urgent, Finish and RESET.

The correct CHOICE is (d) UDP, TCP

The best explanation: Firewalk is a tool which uses traceroute-like techniques for analyzing IP packet RESPONSES. Firewalk works by sending UDP & TCP PACKETS. It determines filter rules in place on all packet forwarding DEVICES.

Correct choice is (b) PORT

To explain: In port scanning, a port is always associated with an IP address (TYPICALLY of the host system) & the type of PROTOCOL (UDP or TCP) employed for communication.

Right answer is (a) IP ADDRESS, protocol

For EXPLANATION: In port scanning, a port is always associated with an IP address (typically of HOST system) & the type of protocol (UDP or TCP) employed for communication.

The correct choice is (d) System

The EXPLANATION is: There are a total of three TYPES of scanning in ETHICAL hacking and cyber-security. These are VULNERABILITY scanning, network scanning & port scanning. System scanning is not a standard TERMINOLOGY or type of scanning.

The correct OPTION is (c) Vulnerability

Explanation: Vulnerability SCANNING is an automatic process for IDENTIFYING VULNERABILITIES of a computing system WITHIN a network. It is one of the popular scanning methodologies.

Right CHOICE is (a) Network

To explain: Network SCANNING is a PROCEDURE to IDENTIFY active hosts on your network. It is done with the intention to either attack your system or for security purposes by ethical hackers.

Right CHOICE is (a) True

Best explanation: ICMP sweep is a simple network scanning technique used for determining which range of IP address map to live hosts. The ping sweep CONSISTS of ICMP ECHO requests. If any given address is RUNNING live, it will return an ICMP ECHO reply.

Right option is (b) Port

Explanation: Scanning is done when a series of messages are SENT by SOMEONE keeping in mind to break into a computer to LEARN about computer NETWORK SERVICES.

Correct answer is (a) ICMP Sweep

For explanation I would say: PING sweep is ALSO known as ICMP sweep is a SIMPLE network scanning technique USED for determining which RANGE of IP address map to live hosts. The ping sweep consists of ICMP ECHO requests.

The correct CHOICE is (b) ping sweep

The EXPLANATION is: A ping sweep is a SIMPLE network scanning technique used for determining which range of IP ADDRESS MAP to live hosts. The ping sweep consists of ICMP ECHO requests.

Right choice is (d) RAM space

To explain I would say: SCANNING using IP address SIMPLY pings each IP address for checking if it is live or not. This helps in providing NETBIOS INFORMATION such as the name of the system, WORKGROUP and MAC address.

The correct option is (a) True

The best explanation: Check for live systems, open ports and identification of SERVICES running on the systems are some of the STEPS and methodologies USED in SCANNING. In live system scanning, it is checked which HOSTS are up in the network by pinging the systems in the network.

Correct CHOICE is (B) -t

To elaborate: -t attribute is used while pinging any SYSTEM to tweak the ping timeout value. It is an example of live system scanning, to CHECK which hosts are up in the NETWORK by pinging the systems in the network.

Correct answer is (b) LIVE systems

Best explanation: Check for live systems, OPEN ports and identification of services running on the systems are some of the steps and methodologies USED in scanning. ICMP scanning is used for CHECKING live systems.

Right option is (c) IDENTIFYING the malware in the system

To explain: Check for LIVE SYSTEMS, OPEN ports and identification of services running on the systems are some of the steps and methodologies used in SCANNING.

The correct choice is (d) Detection of spyware in a SYSTEM

The best explanation: Detection of the live system running on the NETWORK, DISCOVERING the IP ADDRESS of the target system, & discovering the SERVICES running on the target system are some of the objectives of scanning.

Correct choice is (B) 3

The best EXPLANATION: There are a total of three types of scanning in ethical HACKING and cyber-security. These are VULNERABILITY scanning, network scanning & port scanning.

The correct CHOICE is (a) process, product

For explanation I would say: In the world of data, where data is considered the oil and fuel of modern TECHNOLOGY, Competitive Intelligence gathering is both a product and a process which comprises of some PREDEFINED steps to HANDLE data.

Right answer is (a) Spyware

Easiest explanation: By the name of competitive information gathering if DONE in the form of active ATTACK using malware or by other illicit means can PUT your HIRED HACKER or your company at stake. It’s a cyber-crime.

Correct choice is (c) Microsoft CI

The explanation is: Carratu INTERNATIONAL, CI CENTER, Marven Consulting Group, Lubrinco Pvt LTD. are some of the names of FIRMS and companies that provide INFO regarding competitive intelligence gathering.

Right ANSWER is (d) https://www.bidigital.com/ci/

The explanation: In the world of data, where data is considered the oil and fuel of MODERN technology, COMPETITIVE Intelligence gathering is both a PRODUCT and a process. https://www.bidigital.com/ci/ is a WEBSITE which is used for such purpose.

Correct answer is (b) False

The BEST I can explain: Predict and analyze the tactics of competitors from data taken out from online data sources is a crime. In the world of data, where data is considered the oil and FUEL of modern TECHNOLOGY. It can be done using COMPETITIVE intelligence gathering techniques.

Correct choice is (a) True

Easy explanation: By the NAME of competitive information gathering if done in the FORM of active attack using malware or by other illicit MEANS can PUT your hired HACKER or your company at stake. It’s a cyber-crime also.

Right ANSWER is (C) FETCHING confidential plans about your COMPETITORS

Best explanation: Fetching confidential plans about your competitors’ is not the work of ethical hackers hired for competitive information gathering. Also fetching such type of confidential information is a crime.

The correct option is (d) 3

The explanation: There are two types of cognitive HACKING and information gathering which are BASED on the source TYPE, from where data is fetched. These are single source & MULTIPLE SOURCES.

The CORRECT answer is (c) Data analysis

The EXPLANATION: In the WORLD of data, where data is considered the OIL and fuel of modern technology, Competitive Intelligence gathering is both a product and a process which comprises of some specific steps to handle data. These are data gathering, analysis, verification, and SECURITY.

Right choice is (a) Competitive Intelligence GATHERING

To explain: In the world of data, where data is considered the oil and FUEL of MODERN TECHNOLOGY, Competitive Intelligence gathering is both a product and a process. Hackers are hired with skills for gathering competitive knowledge so that data analysts can analyze those for further understanding of PRODUCTS.

Correct answer is (d) Network analysis

Explanation: In the world of data, where data is CONSIDERED the oil and FUEL of modern technology, Competitive Intelligence GATHERING is both a product and a process which comprises of some PREDEFINED steps to handle data. These are data gathering, analysis, verification, and security.

The correct CHOICE is (b) https://www.arin.net/

For explanation: Hackers can attain a SERIES of IP addresses allotted to a particular COMPANY USING https://www.arin.net/ site. Hackers can enter the company name in the search box for finding a list of all the assigned IP addresses.

Right answer is (a) COMPETITIVE Intelligence gathering

For EXPLANATION: In the world of data, where data is considered the oil and FUEL of MODERN technology, Competitive Intelligence gathering is both a PRODUCT and a process.

Correct ANSWER is (B) competitive

Easy explanation: Competitive Intelligence GATHERING is the term USED for gathering information about your competitors from online resources, RESEARCHES, and newsgroups. The competitive intelligence gathering is non-interfering & subtle in nature.

The CORRECT choice is (a) Competitive Intelligence gathering

Explanation: Competitive Intelligence gathering is the term used for gathering information about your competitors from online RESOURCES, researches, and NEWSGROUPS. The competitive intelligence gathering is non-interfering & SUBTLE in nature.

Right answer is (b) passive

For explanation I would say: COLLECTING freely available information over the internet is an example of passive information gathering TECHNIQUE. It uses ARCHIVE sites, Google, domain name, PEOPLE search, Nslookup etc.

Right answer is (a) active

The best I can explain: Using spyware is an EXAMPLE of an active information gathering technique. Spywares can be used to STEAL browsing HISTORY, browsing habits and other related searches from the attacker’s browser. Google CHROME itself has a search BOX in the address bar which the spyware might monitor to take search results as information for the attacker.

Right option is (c) intelius.com

The best EXPLANATION: Information about people is available people SEARCH sites. https://www.intelius.com/ is an example of such SITE which holds RECORDS of people’s information.

Correct choice is (a) True

For explanation I would say: https://archive.org is a popular archive site where one can enter a domain name in its search box for finding out how the site was looking at a given date. It STORES all the details about the look and WORKING of the site, even when the site got updated.