What is the difference between XSS and CSRF attacks?

XSS (Cross-Site Scripting) injects malicious scripts into web pages, while CSRF (Cross-Site Request Forgery) tricks users into executing unwanted actions on authenticated sites.

Which tool would you use to test for SQL injection vulnerabilities?

SQLmap - An open-source tool that automates detecting and exploiting SQL injection flaws.

What are the 3 pillars of the CIA triad in cybersecurity?

Confidentiality, Integrity, and Availability - The foundational principles of information security.

Where can I find free CEH v12 practice questions with explanations?

This page includes 50+ CEH-certified questions with detailed answers. Use the 'CEH v12 MCQ' filter to focus on exam-specific content.

How do these questions help with SOC analyst interviews?

We cover SOC analyst technical interview questions on SIEM tools (like Splunk), log analysis, and real-world incident response scenarios.

Are these MCQs updated for Security+ SY0-701?

Yes! All Security+ questions align with the latest SY0-701 exam objectives, including cloud security and zero-trust architecture.

Ethical Hacking MCQs Set-1 | PCBooks - Free Cybersecurity Prep

1. What is the primary goal of ethical hacking?

a) To exploit vulnerabilities for personal gain
b) To identify and fix security weaknesses
c) To disrupt network services
d) To steal sensitive data

Answer: B - Ethical hacking aims to discover and remediate security flaws to protect systems.

2. Which phase of ethical hacking involves gathering information about the target?

a) Scanning
b) Enumeration
c) Reconnaissance
d) Exploitation

Answer: C - Reconnaissance (or footprinting) is the initial data-collection phase.

3. What is a "zero-day vulnerability"?

a) A flaw with no known patch
b) A bug fixed within 24 hours
c) A low-risk security issue
d) A hardware failure

Answer: A - Zero-day vulnerabilities are unpatched and often exploited before developers can fix them.

4. Which tool is commonly used for network scanning?

a) Wireshark
b) Nmap
c) Metasploit
d) Burp Suite

Answer: B - Nmap (Network Mapper) scans for open ports and services.

5. What does SQL injection target?

a) Database vulnerabilities
b) Firewall configurations
c) Physical security
d) Wireless networks

Answer: A - SQL injection manipulates database queries through input fields.

6. Which protocol is vulnerable to "man-in-the-middle" attacks?

a) HTTPS
b) SSH
c) HTTP
d) FTP

Answer: D - FTP transmits data in plaintext, making it susceptible to interception.

7. What is "phishing"?

a) A physical break-in attempt
b) Tricking users into revealing sensitive data
c) Encrypting files for ransom
d) Scanning for open ports

Answer: B - Phishing uses deceptive emails/websites to steal credentials or data.

8. Which type of test simulates a real-world attack?

a) Vulnerability assessment
b) Penetration testing
c) Risk analysis
d) Compliance audit

Answer: B - Penetration testing (pentesting) actively exploits vulnerabilities.

9. What is "ARP spoofing"?

a) Faking MAC addresses to intercept traffic
b) Encrypting network packets
c) Blocking IP addresses
d) Scanning for DNS leaks

Answer: A - ARP spoofing redirects traffic by falsifying ARP responses.

10. Which tool is used for password cracking?

a) John the Ripper
b) Tcpdump
c) Nessus
d) Snort

Answer: A - John the Ripper is a popular offline password-cracking tool.

11. What is "DDoS" short for?

a) Distributed Denial of Service
b) Data Deletion over System
c) Direct Disk Operating System
d) Dynamic Domain of Security

Answer: A - DDoS floods a target with traffic from multiple sources to overwhelm it.

12. Which encryption method is asymmetric?

a) AES
b) RSA
c) DES
d) Blowfish

Answer: B - RSA uses public/private key pairs, unlike symmetric methods (AES/DES).

13. What does "IDS" stand for?

a) Intrusion Detection System
b) Internet Data Security
c) Integrated Defense System
d) Internal Disk Storage

Answer: A - IDS monitors networks/systems for malicious activity.

14. Which file extension is commonly associated with ransomware?

a) .txt
b) .exe
c) .jpg
d) .pdf

Answer: B - Ransomware often arrives as an executable (.exe) file.

15. What is "OSINT"?

a) Open-Source Intelligence
b) Operating System Interface
c) Offensive Security Initiative
d) Online System Integrity Test

Answer: A - OSINT involves collecting publicly available data for reconnaissance.

16. Which attack exploits session tokens?

a) XSS
b) CSRF
c) Session hijacking
d) Buffer overflow

Answer: C - Session hijacking steals valid session IDs to impersonate users.

17. What is "shodan.io" used for?

a) Password cracking
b) Searching vulnerable IoT devices
c) Encrypting emails
d) Detecting malware

Answer: B - Shodan is a search engine for exposed devices/servers.

18. Which law governs hacking activities in the U.S.?

a) DMCA
b) CFAA
c) HIPAA
d) GDPR

Answer: B - The Computer Fraud and Abuse Act (CFAA) criminalizes unauthorized access.

19. What does "VPN" protect against?

a) Eavesdropping on public networks
b) Phishing attacks
c) SQL injection
d) DDoS attacks

Answer: A - VPNs encrypt traffic to prevent interception on untrusted networks.

20. Which header helps prevent XSS attacks?

a) Content-Security-Policy
b) X-Frame-Options
c) Strict-Transport-Security
d) Cache-Control

Answer: A - CSP restricts sources of executable scripts to mitigate XSS.

Ethical Hacking MCQs | CEH & Cybersecurity Certification Practice

Ethical Hacking MCQs - Master Cybersecurity & Penetration Testing | PCBooks

🛡️ Ethical Hacking Fundamentals MCQs

💻 Penetration Testing MCQs

🔐 Cryptography & Security MCQs

🚀 Start Your Cybersecurity Practice