Scribd
Upload
101 views4 pages

Ethical Hacking Question Bank for TYCS

The document is a comprehensive question bank for a TYCS class on Ethical Hacking, covering various units that include topics such as security functionality, stages of ethical hacking, information gathering methodologies, types of hacking technologies, and password cracking techniques. It also addresses web application threats, DoS/DDoS attacks, session hijacking, and penetration testing methodologies. Each unit contains specific questions aimed at assessing knowledge and understanding of ethical hacking concepts and practices.

Uploaded by

yadavsimran2212
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
101 views4 pages

Ethical Hacking Question Bank for TYCS

The document is a comprehensive question bank for a TYCS class on Ethical Hacking, covering various units that include topics such as security functionality, stages of ethical hacking, information gathering methodologies, types of hacking technologies, and password cracking techniques. It also addresses web application threats, DoS/DDoS attacks, session hijacking, and penetration testing methodologies. Each unit contains specific questions aimed at assessing knowledge and understanding of ethical hacking concepts and practices.

Uploaded by

yadavsimran2212
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Ethical Hacking Question Bank

Class – TYCS

UNIT I

1) Explain Security Functionality Ease Use of Triangle

2) Explain five stages of Ethical Hacking

3) State and explain various ethical hacking terminologies


4) Describe Information gathering methodology

5) Identify different types of hacking technologies

6) List different types of hacker classes

7) What is vulnerability research?

8) Define the term footprinting and explain DNS enumeration

9) Identify different types of DNS records.

10) Understand how traceroute is used in footprinting

11) Explain how web spiders work

12) Explain WHOIS and ARIN Lookups in detail

13) What are the common types of attacks (Explain Computer based and Human Based

attacks and its types)

14) Explain insider attacks.

15) Explain online scams.

16) Write a short note on URL obfuscation.

17) Describe Social engineering countermeasures.

18) Define the terms port scanning, network scanning, and vulnerability scanning.

19) Explain the CEH scanning methodology.


20) Write a short note on ping sweep techniques.

21) List and explain nmap command switches.

22) Explain SYN, stealth, XMAS, NULL, IDLE and FIN scans.

23) List TCP communication flag types.

24) Explain war dialing techniques.

25) Understand banner grabbing and OS fingerprinting techniques.

26) Understand how proxy servers are used in launching an attack.

27) Understand HTTP tunneling techniques.

28) What is enumeration and scanning?

29) What are the steps involved in performing enumeration.

UNIT 2

1) List and explain different types of passwords used and explain password cracking
techniques.

2) Identify various password attacks types

3) Explain the process of escalating privileges.

4) Explain keyloggers and other spyware technologies.

5) Write a short note on rootkits.

6) Explain active and passive sniffing.

7) Explain ARP poisoning.

8) Write a short note on MAC flooding.

9) Explain DNS spoofing techniques.


10) Describe sniffing countermeasures

11) Understand the types of DoS attacks.

12) Understand how a DDoS attack works.

13) Understand how BOT s/BOTNETs work.

14) What is smurf attack?

15) What is SYN flooding?

16) Describe the DoS/DDoS countermeasures

17) List the types of session hijacking.

18) What are the steps in performing session hijacking?

19) Describe how you would prevent session hijacking.

20) List the types of web server vulnerabilities.

21) Understand the attacks against web servers.

22) Understand patch management techniques.

23) Describe web server hardening methods

UNIT 3

1) Explain how web application works.

2) Explain Anatomy of an attack

3) Explain various Web application threats

4) Describe web application countermeasures.

5) List the authentication types

6) What is a password cracker and how does it work.


7) Describe password cracking countermeasures.

8) What is SQL injection? Explain the steps to conduct SQL Injection

9) Explain SQL Server vulnerabilities

10) Describe SQL Injection countermeasures

11) Identify the different types of buffer overflows (stack and heap in detail – the
question on stack and heap can come separate also) and methods of detection.

12) Describe buffer overflow mutation techniques.

13) Explain WEP, WPA authentication systems and cracking techniques (expect separate
questions on WEP,WPA2,WPA3,WPA)

14) Write a short note on wireless sniffers and SSID, MAC spoofing.

15) Explain wireless hacking techniques.

16) Describe the methods in securing wireless networks.

17) Describe the penetration testing methodologies

18) List the penetration testing steps.

19) Explain the Pen-Test legal framework.

20) Explain the Pen-Test deliverables.

21) List the automated penetration testing tools.

You might also like