Assignment questions:

UNIT – I: Reconnaissance
1. What is social engineering, and how is it used in reconnaissance?
2. Explain the role of physical security in preventing reconnaissance.
3. List and describe key Internet reconnaissance techniques.
4. Differentiate between passive and active reconnaissance.
5. How do DNS zone transfers and WHOIS help in reconnaissance?
6. Give a real-world example of reconnaissance leading to a breach.
UNIT – II: Enumeration and Exploitation
1. Define enumeration in ethical hacking.
2. Explain major enumeration techniques with examples.
3. What are soft objectives, and why are they important?
4. Describe common password cracking methods and tools.
5. Define rootkits and explain their types.
6. How is network exploitation done using wardialing and service scanning?
UNIT – III: Deliverable and Integration
1. What is a deliverable in a security assessment?
2. List the key components of a penetration test report.
3. How are findings aligned with business objectives?
4. Explain integrating results in defense and incident management.
5. What is mitigation, and why is defense planning important?
6. How do policies and incident management improve security?
UNIT – I: Reconnaissance
Multiple Choice Questions (MCQs)
1. Which of the following best defines reconnaissance?
a) Identifying vulnerabilities
b) Gathering information about a target
c) Exploiting the target system
d) Installing malware
Answer: b
2. Social engineering attacks mainly target:
a) Software vulnerabilities
b) Human psychology
c) Hardware devices
d) Firewalls
Answer: b
3. Which of the following is an example of passive reconnaissance?
a) Port scanning
b) WHOIS lookup
c) Banner grabbing
d) Password cracking
Answer: b
4. Which tool is commonly used for Internet reconnaissance?
a) Nmap
b) Shodan
 c) Cain & Abel
d) John the Ripper
Answer: b
5. Physical security measures primarily protect against:
a) Network sniffing
b) Social engineering
c) Unauthorized physical access
d) Email phishing
Answer: c
6. What is the main purpose of performing reconnaissance in ethical hacking?
a) Exploitation
b) Evidence collection
c) Information gathering for planning attacks
d) Denial of service attack
Answer: c
7. DNS zone transfer helps attackers to:
a) Encrypt data
b) Get the IP addresses and subdomains
c) Perform password cracking
d) Hide identity
Answer: b
UNIT – II: Enumeration and Exploitation
8. Enumeration is the process of:
a) Scanning ports
b) Extracting information from available network services
c) Injecting malicious code
d) Cracking passwords
Answer: b
9. NetBIOS enumeration is used to gather:
a) MAC addresses
b) Shared resources and user lists
c) ARP tables
d) Firewall configurations
Answer: b
10. Which of the following is a password-cracking tool?
a) Nmap
b) Burp Suite
c) John the Ripper
d) Wireshark
Answer: c
11. Rootkits are primarily used to:
a) Detect malware
b) Gain persistent unauthorized access
c) Perform network scanning
d) Encrypt network traffic
Answer: b
12. Wardialing is used to discover:
a) Web servers
b) Modems connected to phone lines
 c) IP addresses
d) Firewalls
Answer: b
13. Intuitive testing in exploitation refers to:
a) Random guessing of passwords
b) Using experience-based logic to discover vulnerabilities
c) Port scanning
d) Network sniffing
Answer: b
14. Which operating system is most commonly used for exploitation frameworks?
a) Ubuntu Desktop
b) Windows 11
c) Kali Linux
d) Fedora
Answer: c
15. The primary goal of exploitation is to:
a) Identify threats
b) Gain authorized access
c) Gain unauthorized control
d) Strengthen system security
Answer: c
16. Which section of a deliverable provides a summary for non-technical management?
a) Technical details
b) Executive summary
c) Appendices
d) Methodology
Answer: b
17. The primary goal of a penetration testing report is to:
a) Hide security flaws
b) Document findings and recommend fixes
c) Advertise hacking tools
d) Delete test results
Answer: b
18. Integration of results mainly helps in:
a) Combining vulnerabilities for patching strategy
b) Identifying new targets
c) Modifying system architecture
d) Encrypting system data
Answer: a
19. A mitigation plan should always be aligned with:
a) Organizational risk policies
b) Hacker preferences
c) Operating system versions
d) Patch naming conventions
Answer: a
20. Incident management begins immediately after:
a) Discovery of an incident
b) Implementation of updates
c) Firewall installation
 d) Network scanning
Answer: a
21. Security policy development plays a vital role in:
a) Preventing unauthorized actions
b) Encouraging system misuse
c) Disabling antivirus tools
d) Increasing attack surface
Answer: a
22.
UNIT – III: Deliverable and Integration
16. The main deliverable of a penetration test is:
a) Exploit scripts
b) Security report
c) System logs
d) Malware samples
Answer: b
17. Aligning findings in a report means:
a) Matching vulnerabilities with organizational goals
b) Hiding results from management
c) Using random report formats
d) Combining unrelated issues
Answer: a
18. The integration phase focuses on:
a) Gathering data
b) Combining results for defense planning
c) Exploit development
d) Network monitoring
Answer: b
19. Mitigation refers to:
a) Removing security policies
b) Reducing the impact of vulnerabilities
c) Reporting false positives
d) Launching attacks
Answer: b
20. Incident management in ethical hacking helps organizations:
a) Respond effectively to security breaches
b) Create malware samples
c) Disable monitoring tools
d) Hide vulnerabilities
Answer: a

Fill in the Blanks

1. Reconnaissance is also known as the _______ phase of hacking.
Answer: information-gathering
2. Social engineering exploits _______ instead of technical vulnerabilities.
Answer: human psychology
3. WHOIS lookup is used to collect _______ information about a domain.
Answer: registration
 4. ___________ reconnaissance involves interacting directly with the target system.
Answer: Active
5. Physical security prevents _______ access to sensitive areas.
Answer: unauthorized
6. Enumeration is typically performed after the _______ phase.
Answer: scanning
7. NetBIOS is mainly associated with _______ operating systems.
Answer: Windows
8. Password cracking aims to recover lost or _______ passwords.
Answer: forgotten
9. A _______ maintains unauthorized access while hiding its presence.
Answer: rootkit
10. Wardialing involves dialing multiple phone numbers to find _______.
Answer: modems
11. Exploitation uses known _______ to gain system access.
Answer: vulnerabilities
12. The document submitted after assessment is called a _______.
Answer: deliverable
13. Aligning findings ensures vulnerabilities are linked to _______ goals.
Answer: business
14. Integrating results helps in creating an effective _______ plan.
Answer: defense
15. Mitigation focuses on reducing the _______ of security threats.
Answer: impact
16. Incident management helps detect and respond to security _______.
Answer: incidents
17. A good penetration test report includes executive summary, findings, and _______.
Answer: recommendations
18. A strong security policy defines rules for _______ protection.
Answer: asset
19. Defense planning is used to prepare for future _______ attacks.
Answer: potential
20. Ethical hacking concludes with implementing _______ to enhance security.
Answer: countermeasures

UNIT – II: Enumeration and Exploitation

21. The process of identifying active hosts and open ports before enumeration is called
__________.
Answer: scanning
22. During exploitation, maintaining control over a compromised system is referred to as
__________.
Answer: privilege escalation
UNIT – III: Deliverable and Integration
21. The section of a security report that summarizes key risks and recommendations is
known as the __________.
Answer: executive summary
22. Integrating results into incident management helps organizations create a __________
plan for future security breaches.
Answer: response