COPA MCQ's

1. Why would a hacker use a proxy server?

A. To create a stronger connection with the target.
B. To create a ghost server on the network.
C. To obtain a remote access connection.
D. To hide malicious activity on the network.
 

2. What type of symmetric key algorithm using a streaming cipher to encrypt information?

A. RC4
B. Blowfish
C. SHA
D. MD5
 

3. Which of the following is not a factor in securing the environment against an attack on security?

A. The education of the attacker
B. The system configuration
C. The network architecture
D. The business strategy of the company
E. The level of access provided to employees
 

4. What type of attack uses a fraudulent server with a relay address?

A. NTLM
B. MITM
C. NetBIOS
D. SMB
 

5. What port is used to connect to the Active Directory in Windows 2000?

A. 80
B. 445
C. 139
D. 389

​

​

​

​

​

​

​

​

​

​

​

​

​

​
 

6. To hide information inside a picture, what technology is used?

A. Rootkits
B. Bitmapping
C. Steganography
D. Image Rendering
 

7. Which phase of hacking performs actual attack on a network or system?

A. Reconnaissance
B. Maintaining Access
C. Scanning
D. Gaining Access
 

8. Attempting to gain access to a network using an employee’s credentials is called the _____________ mode of ethical hacking.

A. Local networking
B. Social engineering
C. Physical entry
D. Remote networking
 

9. Which Federal Code applies the consequences of hacking activities that disrupt subway transit systems?

A. Electronic Communications Interception of Oral Communications
B. 18 U.S.C. § 1029
C. Cyber Security Enhancement Act 2002
D. 18 U.S.C. § 1030

​

​

​

​

​

​

​

​

​

​

​

​

​

​
 

10. Which of the following is not a typical characteristic of an ethical hacker?

A. Excellent knowledge of Windows.
B. Understands the process of exploiting network vulnerabilities.
C. Patience, persistence and perseverance.
D. Has the highest level of security for the organization.
 

11. What is the proper command to perform an Nmap XMAS scan every 15seconds?

A. nmap -sX -sneaky
B. nmap -sX -paranoid
C. nmap -sX -aggressive
D. nmap -sX -polite
 

12. What type of rootkit will patch, hook, or replace the version of system call in order to hide information?

A. Library level rootkits
B. Kernel level rootkits
C. System level rootkits
D. Application level rootkits
 

13. What is the purpose of a Denial of Service attack?

A. Exploit a weakness in the TCP/IP stack
B. To execute a Trojan on a system
C. To overload a system so it is no longer operational
D. To shutdown services by turning them off
 

14. What are some of the most common vulnerabilities that exist in a network or system?

A. Changing manufacturer, or recommended, settings of a newly installed application.
B. Additional unused features on commercial software packages.
C. Utilizing open source application code
D. Balancing security concerns with functionality and ease of use of a system.

 

15. What is the sequence of a TCP connection?

A. SYN-ACK-FIN
B. SYN-SYN ACK-ACK
C. SYN-ACK
D. SYN-SYN-ACK

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

​
 

16. What tool can be used to perform SNMP enumeration?

A. DNSlookup
B. Whois
C. Nslookup
D. IP Network Browser
 

17. Which ports should be blocked to prevent null session enumeration?

A. Ports 120 and 445
B. Ports 135 and 136
C. Ports 110 and 137
D. Ports 135 and 139
 

18. The first phase of hacking an IT system is compromise of which foundation of security?

A. Availability
B. Confidentiality
C. Integrity
D. Authentication
 

19. How is IP address spoofing detected?

A. Installing and configuring a IDS that can read the IP header
B. Comparing the TTL values of the actual and spoofed addresses
C. Implementing a firewall to the network
D. Identify all TCP sessions that are initiated but does not complete successfully
 

20. Why would a ping sweep be used?

A. To identify live systems
B. To locate live systems
C. To identify open ports
D. To locate firewalls

​

​

​

​

​

​

​

​

​

​

​

​

​
 

21. What are the port states determined by Nmap?

A. Active, inactive, standby
B. Open, half-open, closed
C. Open, filtered, unfiltered
D. Active, closed, unused
 

22. What port does Telnet use?

A. 22
B. 80
C. 20
D. 23
 

23. Which of the following will allow footprinting to be conducted without detection?

A. PingSweep
B. Traceroute
C. War Dialers
D. ARIN
 

24. Performing hacking activities with the intent on gaining visibility for an unfair situation is called ________.

A. Cracking
B. Analysis
C. Hacktivism
D. Exploitation
 

25. What is the most important activity in system hacking?

A. Information gathering
B. Cracking passwords
C. Escalating privileges
D. Covering tracks
 

26. A packet with no flags set is which type of scan?

A. TCP
B. XMAS
C. IDLE
D. NULL

​

​

​

​

 

 

 

​

​

​

​

​

​

 

27. Sniffing is used to perform ______________ fingerprinting.

A. Passive stack
B. Active stack
C. Passive banner grabbing
D. Scanned
 

28. Phishing is a form of ____________________.

A. Spamming
B. Identify Theft
C. Impersonation
D. Scanning
 

29. Why would HTTP Tunneling be used?

A. To identify proxy servers
B. Web activity is not scanned
C. To bypass a firewall
D. HTTP is a easy protocol to work with
 

30. Which Nmap scan is does not completely open a TCP connection?

A. SYN stealth scan
B. TCP connect
C. XMAS tree scan
D. ACK scan
 

31. What protocol is the Active Directory database based on?

A. LDAP
B. TCP
C. SQL
D. HTTP
 

32. Services running on a system are determined by _____________.

A. The system’s IP address.
B. The Active Directory
C. The system’s network name
D. The port assigned
 

33. What are the types of scanning?

A. Port, network, and services
B. Network, vulnerability, and port
C. Passive, active, and interactive
D. Server, client, and network

​

​

​

 

 

 

 

​

​

​

​

​

​

​
 

34. Enumeration is part of what phase of ethical hacking?

A. Reconnaissance
B. Maintaining Access
C. Gaining Access
D. Scanning
 

35. Keyloggers are a form of ______________.

A. Spyware
B. Shoulder surfing
C. Trojan
D. Social engineering
 

36. What are hybrid attacks?

A. An attempt to crack passwords using words that can be found in dictionary.
B. An attempt to crack passwords by replacing characters of a dictionary word with numbers and symbols.
C. An attempt to crack passwords using a combination of characters, numbers, and symbols.
D. An attempt to crack passwords by replacing characters with numbers and symbols.
 

37. Which form of encryption does WPA use?

A. Shared key
B. LEAP
C. TKIP
D. AES
 

38. What is the best statement for taking advantage of a weakness in the security of an IT system?

A. Threat
B. Attack
C. Exploit
D. Vulnerability
 

39. Which database is queried by Whois?

A. ICANN
B. ARIN
C. APNIC
D. DNS
 

40. Having individuals provide personal information to obtain a free offer provided through the Internet is considered what type of social engineering?

A. Web-based
B. Human-based
C. User-based
D. Computer-based

​

​

​

 

 

 

​

​

​

​

​

​

​

​

​

​

​