Professional Documents
Culture Documents
CSM Question Bank
CSM Question Bank
2 What is the ethics behind training how to hack a system? CO1.1 CL1
a) To think like hackers and know how to defend such
attacks
b) To hack a system without the permission
c) To hack a network that is vulnerable
d) To corrupt software or service using malware
3 After performing ____________ the ethical hacker should never CO1.1 CL2
disclose client information to other parties.
a) Hacking
b) cracking
c) penetration testing
d) exploiting
4 Which of the following laws prevents unlawful and authorized
interception of electronic communication?
1. Regulation of Investigation Act
2. Regulator of Investigation Powers Act
3. Regulation of Investigatory Powers Act
4. Regulating of Investigations Act
10 They are nefarious hackers, and their main motive is to gain CO1.2 CL1
financial profit by doing cyber crimes. Who are “they” referred
to here?
a) White Hat Hackers
b) Black Hat Hackers
c) Hactivists
d) Gray Hat Hackers
11 Governments hired some highly skilled hackers. These types of CO1.2 CL1
hackers are termed as _______
a) Special Hackers
b) Government Hackers
c) Cyber Intelligence Agents
d) Nation / State sponsored hackers
13 Someone (from outside) who tests security issues for bugs before CO1.2 CL1
launching a system or application, and who is not a part of that
organization or company are ______
a) Black Hat hacker
b) External penetration tester
c) Blue Hat hacker
d) White Hat Hacke
a. AttackBrute Forcing
b. AttacksHybrid
c. AttackSyllable
15 A penetration test was done at a company. After the test, a report CO1.4 CL2
was written and given to the company’s IT authorities. A section
from the report is shown below:
Access List should be written between VLANs.
Port security should be enabled for the intranet.
A security solution which filters data packets should be set
between intranet (LAN) and DMZ.
A WAF should be used in front of the web applications.
According to the section from the report, which of the following
choice is true?
A. A stateful firewall can be used between intranet (LAN)
and DMZ.
B. There is access control policy between VLANs.
C. MAC Spoof attacks cannot be performed.
D. Possibility of SQL Injection attack is eliminated.
16 Who was the first individual who performed a major hacking in CO1.2 CL1
the year 1971?
a) Steve Wozniak
b) Steve Jobs
c) Kevin Mitnick
d) John Draper
17 Which character is typically used first by the penetration tester? CO1.3 CL1
a. Semicolon
b. Dollar sign
c. Single quote
d. None of the above
18 A penetration tester must identify and keep in mind the CO1.3 CL1
___________ & ___________ requirements of a firm while
evaluating the security postures.
a) Privacy and security
b) rules and regulations
c) hacking techniques
d) ethics to talk to seniors
19 Before performing any penetration test, through legal procedure, CO1.3 CL1
which key points listed below is not mandatory?
a) Know the nature of the organization
b) Characteristics of work done in the firm
c) System and network
d) Type of broadband company used by the firm
20 Clicking a link which is there in your email which came from an CO1.4 CL1
unknown source can redirect you to ____________ that
automatically installs malware in your system.
a) that vendor’s site
b) security solution site
c) malicious site
d) software downloading site
21 Which of them is not an information source over the internet for CO1.4 CL1
target attackers?
a) Whois
b) YouTube
c) Nslookup
d) Archive sites
22 The two commonly used penetration tests are __________ CO1.4 CL1
a) Standard penetration test
b) Cone penetration test
c) All of the mentioned
d) None of the mentioned
23 Role of security auditor is to ____________ CO1.4 CL1
a) secure the network
b) probe for safety and security of organization’s security
components and systems
c) detects and prevents cyber attacks and threats to organization
d) does penetration testing on different web applications
24 Which one of the following Google advanced search operators CO1.4 CL1
allows an attacker to restrict the results to those websites in the
given domain?
A. [cache:]
B. [site:]
C. [inurl:]
D. [link:]
27 When paying for products online it is best to check the CO1.9 CL1
website starts with the protocol HTTPS and shows a padlock.
What is this known as?
1. Security lab
2. Secure Socket Layer
3. Encryption
4. Firewall
a. Attack
b. Exploit
c. Threat
d. Vulnerability
29 Nsecure direct object reference is a type of vulnerability where CO1.9 CL2
the application does not verify if the user is authorized to access
the internal object via its name or key. Suppose a malicious user
Rob tries to get access to the account of a benign user Ned.
Which of the following requests best illustrates an attempt to
exploit an insecure direct object reference vulnerability?
A. “GET/restricted/goldtransfer?to=Rob&from=1 or 1=1’
HTTP/1.1Host: westbank.com”
B. “GET/restricted/accounts/?name=Ned HTTP/1.1 Host:
westbank.com”
C. “GET/restricted/bank.getaccount(‘Ned’) HTTP/1.1 Host:
westbank.com”
D. “GET/restricted/\r\n\%00account%00Ned%00access
HTTP/1.1 Host: westbank.com”
30 CO1.10 CL1
Which of the following should be included in an ethical hacking
report? (Choose all that apply.)
A. Findings of the test
B. Risk analysis
C. Documentation of laws
D. Ethics disclosure
PART -B
1 In ethical hacking, what is a "DMZ" (Demilitarized Zone), and CO1.1 CL1
why is it used?
3 During the "Gaining Access" phase, what is the significance of CO1.1 CL1
"exploitation" in ethical hacking? How does it relate to
vulnerabilities?
4 How do gray hats act under various situations? Justify your CO1.2 CL2
Statement
5 Interpret some of the legal implications of hacking in a real time CO1.2 CL2
environment.
6 “Vulnerability research is a boon”. Justify the statement and list CO1.2,9 CL2
out the steps to check whether an organization require
vulnerability analysis and interpret the methods used to
overcome vulnerability.
7 In what way risk Assessment is used in security. Can you relate CO1.3,4 CL2
risk assessment with pre engagement ?
8 What are the key considerations when selecting a target for CO1.4 CL2
ethical hacking? How does target selection impact the overall
assessment?
10 In a "Wireless Penetration Test," what are the main areas of CO1.7 CL1
assessment, and why is wireless security important?
11 Describe the importance of false positives and false negatives in CO1.9 CL2
vulnerability assessment results. How does continuous
vulnerability assessment contribute to an organization's
cybersecurity posture?
12 Do you agree with the following statement: “White-hat hackers CO1.10 CL2
are “good” guys who use their skills for defensive purposes”.
Justify the statement.
PART C
1 Describe the concept of "Fileless Malware" and its implications CO1.1 CL2
for security. How can organizations defend against such attacks?
2 Investigate case study about what was the motivation for hacking CO1.1 CL2
the system and government websites in detail
3 You are hired by a financial institution to conduct a penetration CO1.3 CL2
test. During your assessment, you discover a critical vulnerability
in their online banking application that could potentially lead to
unauthorized access to user accounts. What steps would you take
to responsibly disclose this vulnerability to the organization and
ensure it is addressed?
7 Compare all the methods involved in the penetration test. In CO1.3 CL2
Detail classify the categories of penetration testing and evaluate
a key factor for a good report?
8 You are tasked with creating a detailed incident response report CO1.4 CL2
following a successful cyberattack on a financial institution.
Explain the importance of documenting the incident, the steps
taken to contain and mitigate the attack, and the lessons learned
for future improvement.
9 Design and justify the requirements for penetration testing, CO1.6 CL3
preventing hacking, data loss and data manipulation with e-
commerce as case study.
10 If the employee of the company is not trained properly and held CO1.9 CL2
accountable for password management then their computer
might be easily broken or hacked. By considering this problem,
explain how we can manage such threats that are faced by the
organization.
191ITV21 / CLOUD SERVICE & MANAGEMENT
QUESTION BANK
6 What would you enter, if you wanted to perform a stealth scan CO2.1 CL2
using Nmap?
A. nmap -sU
B. nmap -sS
C. nmap -sM
D. nmap –St
9 What is the ethics behind training how to hack a system? CO2.3 CL1
a) to think like hackers and know how to defend such attacks
b) to hack a system without the permission
c) To hack a network that is vulnerable
d) to corrupt software or service using malware
10 ARIN is abbreviated as _____________ CO2.4 CL2
a) American Registry for Internet Numbers
b) American Registry for IP Numbers
c) All Registry for Internet Numbers
d) American Registry for IP Numbering
11 _________ are also used for hides user’s physical location. CO2.5 CL1
a) Firewall
b) Antivirus
c) Incognito mode
d) VPN
12 How does traceroute work? CO2.6 CL1
A. It uses an ICMP destination-unreachable message to elicit the
name of a router.
B. It sends a specially crafted IP packet to a router to locate the
number of hops from the sender to the destination network.
C. It uses a protocol that will be rejected by the gateway to
determine the location.
D. It uses the TTL value in an ICMP message to determine
the number of hops from the sender to the router.
13 ICMP scanning is used to scan _______________ CO2.7 CL1
a) open systems
b) live systems
c) malfunctioned systems
d) broken systems
14 Connection authentication is offered for ensuring that the remote CO2.7 CL2
host has the likely Internet Protocol (IP) ___________ &
_________
a) address, name
b) address, location
c) network, name
d) network, location
15 Which of the protocol is not used in the network layer of the CO2.8 CL1
TCP/IP model?
a) ICMP
b) IP
c) IGMP
d) HTTP
16 With the help of ------ transport layer identifies an application to CO2.8 CL2
which a segment belongs to ? NPTEL
a. Application id
b. Process id
c. Port number
d. IP Address
17 Which of the following is/are false for TCP/IP model? CO2.8 CL1
NPTEL
a. It allows cross-platform communications among heterogeneous
networks.
b. Itis a scalable client-server architecture which allows network
modification without disrupting the current services.
c. It can also represent any other protocol stack other than
the TCP/IP suite such as Bluetooth connection.
d. None of these.
18 Which of the following is considered as one of the most reliable CO2.8 CL1
forms of TCP scanning?
A. TCP Connect/Full Open Scan
B. Half-open Scan
C. NULL Scan
D. Xmas Scan
28 Which Intrusion Detection System is the best applicable for large CO2.16 CL1
environments where critical assets on the network need extra
scrutiny and is ideal for observing sensitive network segments?
A. Honeypots
B. Firewalls
C. Network-based intrusion detection system (NIDS)
D. Host-based intrusion detection system (HIDS)
3 How can ethical hackers use passive DNS data to gather CO2.3 CL1
information about a target's online presence?
5 Discuss the potential risks associated with relying solely on CO2.6 CL2
location tracing data for making critical decisions. How can these
risks be mitigated?
6 How can ICMP Redirect attacks be used to manipulate a victim's CO2.7 CL2
routing table? What are the potential consequences of a
successful ICMP Redirect attack?
8 Explain the significance of the "Server" HTTP response header in CO2.10 CL1
web server fingerprinting. How can attackers manipulate this
header to mislead fingerprinting attempts?
9 Explain how operators like “insite” , “inurl”, and “intitle” can be CO2.11 CL2
used in google hacking.
10 How can DNS zone transfer be exploited during enumeration, CO2.12 CL1
and what potential risk does it pose for an
organization.
10 What security vulnerabilities are associated with SNMP and how CO2.13 CL2
can it be mitigated. Provide an example.
11 What security measures can organizations implement to prevent CO2.16 CL2
abuse or misuse of their SMTP servers for sending spam or
malicious emails.
12 What challenges or limitations might organizations face When CO2.16 CL2
deploying firewall in clod environments and how can these
challenges be addressed.
PART C
1 Explain the importance of minimizing the footprint during the CO2.1 CL1
information gathering phase to maintain a low profile. How is
OSINT used in information gathering?
2 A persons social media posts indicate potential security risks CO2.4 CL1
How would you go about tracing the location of their posts,
considering factors like geo tagged photos , check-ins, and other
location based information.
3 Discuss how analyzing error pages (e.g., 404,500) can provide CO2.10 CL1
valuable information during web server enumeration. What kind
of details can you extract from error pages and how might they
assist in the assessment.
4 Provide an example of a Google dork that targets vulnerable CO2.11 CL2
applications, potentially leading to the discovery of sites with
known security flaws.
5 By considering a real time scenario, briefly explain the myths in CO2.11 CL2
Google hacking. “How hackers track location using Social
engineering” Discuss its steps involved in it.
6 A company's web application has been compromised, and the CO2.12 CL2
attacker has defaced the homepage. Describe the steps you would
take to investigate the incident, identify the entry point of the
attack, and restore the application's functionality and security.
8 CO3.3 CL1
_________ are those devices which can be plugged into your
network at the hardware level & it can monitor traffic.
a) Hardware sniffers & analyzers
b) Hardware protocol analyzers
c) Hardware protocol sniffers
d) Hardware traffic sniffers and observers
Options:
a. A and B
b. A and C
c. B and C
d. A, C, and D
14 What is the purpose of a Denial of Service attack? CO3.7 CL1
A. Exploit a weakness in the TCP/IP stack
B. To execute a Trojan on a system
C. To overload a system so it is no longer operational
D. To shutdown services by turning them off
15 The DoS attack, in which the attacker establishes a large number CO3.7 CL1
of half-open or fully open TCP connections at the target host is
________
a) Vulnerability attack
b) Bandwidth flooding
c) Connection flooding
d) UDP flooding
16 Which of the following is a type of denial of service attack? CO3.7 CL1
a) Smurf attack
b) SQL injection
c) Cross-site scripting
d) Port scanning
In the above figure from left to right, the correct order of the
shaded levels are
a) Network level, Application level, Transport level
b) Application level, Network level, Transport level
c) Transport level, Application level, Network level
d) Network level, Transport level, Application level
19 Which one of the following is not a higher –layer SSL protocol?
a) Alert Protocol
b) Handshake Protocol
c) Alarm Protocol
d) Change Cipher Spec Protocol
20 ________ is a set of extensions to DNS that provide the origin CO3.1 CL1
authentication of DNS data to DNS clients (resolvers) so as to 0
reduce the threat of DNS poisoning, spoofing, and similar types
of attacks.
A. DNSSEC
B. Resource records
C. Resource transfer
D. Zone transfer
21 ___________________ is the method used to locate all the DNS- CO3.1 CL1
servers and their associated records for an organization. 0
a) DNS enumeration
b) DNS hacking
c) DNS cracking
d) DNS server hacking
22 _____________ which is also termed as DNS spoofing, is a kind CO3.1 CL1
of attack which uses DNS based vulnerabilities for diverting the 0
traffic of the internet.
a) DNS poisoning
b) DNS re-routing
c) DNS cracking
d) Domain link poisoning
23 After obtaining the IP address, to prevent the IP conflict the client CO3.1 CL1
may use _________ 2
a) internet relay chat
b) broader gateway protocol
c) address resolution protocol
d) none of the mentioned
24 DHCP works on top of NPTEL CO3.1 CL1
a. TCP 2
b. UDP
c. Session Layer
d. DNS
25 What is DHCP spoofing? CO3.1 CL1
a) techniques applied to ensure the security of an existing 2
DHCP infrastructure
b) encryption of the DHCP server requests
c) algorithm for DHCP
d) none of the mentioned
26 DHCP snooping is a great solution to prevent rogue DHCP CO3.1 CL1
servers on your network. Which security feature on switchers 2
leverages the DHCP snooping database to help prevent man-in-
the-middle attacks?
A. Spanning tree
B. Dynamic ARP Inspection (DAI)
C. Port security
D. Layer 2 Attack Prevention Protocol (LAPP)
PART C
1 Provide insights into how organizations can analyze vulnerability CO3.1 CL1
data to identify the most critical threats and efficiently allocate
resources for patching.
2 How do exploit databases contribute to the evolution of CO3.2 CL1
cybersecurity tools and technologies?
3 How can directory traversal attacks exploit vulnerabilities in web CO3.5 CL1
applications to access sensitive files? What measures can
developers take to mitigate directory traversal vulnerabilities?
4 In a wireless network environment, how can an attacker execute a CO3.6 CL2
MitM attack using a Rogue Access Point? What are some
countermeasures that organizations can implement to prevent this
type of attack?
5 A user is making an online purchase on an e-commerce website. CO3.9 CL2
Explain how an attacker might use a MitM attack to intercept the
session and modify the transaction details, such as changing the
recipient's address or altering the payment amount. How can end-
to-end encryption and checksums be utilized to detect and prevent
such tampering?
6 Explain the concept of HTTP traffic stripping in the context of a CO3.1 CL2
Man-in-the-Middle attack. How does an attacker leverage this 0
technique to intercept and manipulate unencrypted HTTP traffic
between a user and a web server?
7 How might the strategies for preventing DHCP spoofing differ CO3.1 CL2
between wired and wireless networks? Are there specific 2
considerations that need to be taken into account for each type of
network?
8 How can organizations detect and monitor for brute force attacks CO3.1 CL2
in their network or application logs? What signs or patterns 2
should security teams look for to identify ongoing or attempted
brute force attacks?
9 Explain how attackers might leverage SMTP to conduct phishing CO3.1 CL2
attacks. How can an attacker use email messages to trick 3
recipients into revealing sensitive information or clicking on
malicious links?
10 Explain what constitutes weak authentication. What are some CO3.1 CL2
common characteristics or vulnerabilities that can lead to weak 7
authentication mechanisms?
UNIT-IV EXPLOITATION 9
Introduction to Metasploit – Reconnaissance with Metasploit – Port Scanning with
Metasploit –Compromising a Windows Host with Metasploit – Client Side Exploitation
Methods – E–Mails with Malicious Attachments – Creating a Custom Executable –
Creating a Backdoor with SET – PDF Hacking– Social Engineering Toolkit – Browser
Exploitation – Post–Exploitation – Acquiring Situation Awareness – Hashing Algorithms
– Windows Hashing Methods – Cracking the Hashes – Brute force Dictionary Attacks –
Password Salts – Rainbow Tables – John the Ripper – Gathering OS Information –
Harvesting Stored Credentials.
S.NO Q&A CO C
LEVEL
PART- A
1 Which programming language can be used to write Metasploit CO4.1 CL1
scripts for Metasploit 4.x Framework?
a) C
b) Python
c) C#
d) Ruby
2 Which of them is not a scanning tool? CO4.3 CL1
a) NMAP
b) Nexpose
c) Maltego
d) Nessus
3 Which of the following is not an example of social engineering? CO4.1 CL1
a) Dumpster diving 0
b) Shoulder surfing
c) Carding
d) Spear phishing
4 Which of the following is not a reconnaissance tool or technique CO4.2 CL1
for information gathering?
a) Hping
b) NMAP
c) Google Dorks
d) Nexpose
5 ________________ is a component of the reconnaissance stage CO4.2 CL1
that is used to gather possible information for a target computer
system or network.
a) Fingerprinting
b) 3D printing
c) Foot printing
d) Data printing
6 Which of the following Metasploit module can be used CO4.1 CL1
for vulnerability scanning and bruteforce attack?a.
a. Encoder.
b. Payload.
c. Exploit
d. Auxiliary
7 To set port number of the target system in Metasploit framework, CO4.1 CL1
which of the following NPTEL
Commands is used?
a. Set LHOST
b. Set RHOST
c. Set RPORT
d. Set LPORT
8 Which attack attempts to alter system resources or affect their CO4.7 CL1
operation?
a. active attack
b. passive attack
c. dual attack
d. Third-party attack
9 Which of the following commands can be used for privilege CO4.1 CL1
escalation in Metasploit framework?
a. Getuid
b. Getsystem
c. Hashdum
d. Ps
10 Which command would a hacker enter in a web form field to CO4.6 CL1
obtain a directory listing?
a. Blah’;exec master..xp_cmdshell “dir *.*”–
b. Blah’;exec_cmdshell “dir c:\*.* /s >c:\directory.txt”–
c. Blah’;exec master..xp_cmdshell “dir c:\*.* /s >c:\
directory.txt”–
d. Blah’;exec cmdshell “dir c:\*.* “–
11 What is a password cracker? CO4.1 CL1
6
a) tool used to guess passwords through trial and
error
b) A tool used to encrypt passwords for storage
c) A tool used to decrypt passwords for storage
d) A tool used to block password guessing attempt
a. usersb.
b. current-userc.
c. current-dbd.
d. dbs
13 You are logged in as a local admin on a Windows 7 system and CO5.9 CL1
you need to launch the Computer Management Console from
command line.
Which command would you use?
A. c:\gpedit
B. c:\compmgmt.msc
C. c:\ncpa.cp
D. c:\services.msc
14 You are looking for SQL injection vulnerability by sending a CO5.14 CL1
special character to web applications. Which of the following is
the most useful for quick validation?
A. Double quotation
B. Backslash
C. Semicolon
D. Single quotation
21 With regard to DOS attack what is not true from below options CO5.5 CL2
a. MAC spoofing
b. Session hijacking ARP
c. Rogue Access point
d. ARP Poisoning
28 An attacker may use automatic brute forcing tool to compromise CO5.6 CL1
your ____________
a) username
b) employee ID
c) system / PC name
d) password
29 Application layer DoS attack is also known as _______________ CO5.5 CL1
a) Layer4 DoS attack
b) Layer5 DoS attack
c) Layer6 DoS attack
d) Layer7 DoS attack
30 Which of the following is not a proper way of how spammers get CO5.10 CL1
the email Ids?
a) When a user registers to online services, blogs, and sites
b) Databases formed by spiders fetching email Ids from different
sources
c) From offline form fill-up documents
d) Online ad-tracking tools
PART -B
1 Define wireless hacking and explain its relevance in the context CO5.1 CL2
of cybersecurity. How does it differ from other forms of hacking?
2 On which operating systems can you use Aircrack-ng? Name a CO5.2 CL1
few examples of platforms where Aircrack-ng can be installed
and run.
3 In an Evil Twin attack, how can an attacker intercept sensitive CO5.5 CL1
information?
4 In the realm of network attack what causes DOS attack to be CO5.5 CL3
performed on the original Access Point. Write down the
commands used for file creation.
5 How does the term “Malicious” work in network security? CO5.6 CL2
Compare and contrast the difference between Malicious and
Phishing .
6 Why is it important to keep software and applications up to date CO5.9 CL1
for login security?
7 List out some of the common vulnerabilities against CO5.11 CL2
authentication based attacks. Write down the code that would
result in an SQL injection. How can SQL injection be mitigated.
8 How will you test for vulnerability automating with burp suite. CO5.12 CL2
Write down a real time scenario to check its vulnerability.
9 How does a CAPTCHA help differentiate between human users CO5.13 CL2
and automated bots?
10 How does SQLMap help identify and exploit SQL injection CO5.14 CL1
vulnerabilities?
11 Discuss cross site scripting attack. How is it done? Explain the CO5.15 CL2
characteristics of cross site scripting attacks
12 What is the potential impact of an XSS attack on users and CO5.15 CL2
websites?
PART C
7 Discuss the challenges associated with mitigating "blind XSS" CO5.15 CL2
attacks. How does an attacker typically exploit such
vulnerabilities, and what can defenders do to prevent them?
8 Discuss the concept of "indirect SSRF" attacks, where an attacker CO5.17 CL3
tricks a victim into initiating requests on their behalf. What social
engineering tactics might be employed to carry out this type of
attack?