Ethical Hacking MCQs | Healthcare, Smart Cities & Advanced Cloud

Master your Certified Ethical Hacker (CEH) and OSCP exams with 300+ free penetration testing MCQs and interview questions.

CEH v12 Syllabus Penetration Testing Network Security Bug Bounty Prep
« First 12 13 14 15 Last »
« Previous Page Next Page »

281. What is "ISO 27060" standard?

  • a) Privacy impact assessment methodology
  • b) Network penetration testing
  • c) Malware detection
  • d) Firewall configuration
Answer: A - Guides organizations in evaluating privacy risks for PII.

282. Which attack exploits "Azure AD External Identities"?

  • a) Compromising B2B/B2C guest user privileges
  • b) SQL injection
  • c) Cross-site scripting
  • d) DNS spoofing
Answer: A - Over-privileged guest accounts can access internal resources.

283. What is "ISO 27090" standard?

  • a) Health informatics security
  • b) Network segmentation
  • c) Malware analysis
  • d) Cryptographic protocols
Answer: A - Secures electronic health records (EHR) and medical IoT devices.

284. Which tool performs "AWS Detective investigation"?

  • a) AWS CLI + Detective API
  • b) Nmap
  • c) Wireshark
  • d) Metasploit
Answer: A - Queries security findings and visualizes attack paths.

285. What is "ISO 27099" standard?

  • a) PKI implementation for information security
  • b) Network security controls
  • c) Malware detection
  • d) Physical security
Answer: A - Best practices for certificate authorities and key management.

286. Which attack exploits "GCP Assured Workloads"?

  • a) Bypassing compliance boundaries via misconfigured controls
  • b) SQL injection
  • c) Cross-site scripting
  • d) DNS spoofing
Answer: A - Exploits gaps in regulated environment isolation (e.g., HIPAA/FedRAMP).

287. What is "ISO 27110" standard?

  • a) Cybersecurity framework development
  • b) Network penetration testing
  • c) Malware detection
  • d) Firewall configuration
Answer: A - Helps organizations create tailored security frameworks.

288. Which tool performs "Azure Purview data governance testing"?

  • a) MicroBurst
  • b) Nmap
  • c) Wireshark
  • d) Burp Suite
Answer: A - Tests for sensitive data classification and policy bypasses.

289. What is "ISO 27570" standard?

  • a) Smart city security guidelines
  • b) Network segmentation
  • c) Malware analysis
  • d) Cryptographic algorithms
Answer: A - Secures IoT/OT systems in urban infrastructure.

290. Which attack exploits "AWS Security Hub automation rules"?

  • a) Triggering false positives to overwhelm analysts
  • b) SQL injection
  • c) Cross-site scripting
  • d) DNS spoofing
Answer: A - Abuse of custom actions in automated alert workflows.

291. What is "ISO 27799" standard?

  • a) Health information security management
  • b) Network security controls
  • c) Malware detection
  • d) Physical security
Answer: A - Extends ISO 27002 for healthcare organizations.

292. Which tool performs "GCP Chronicle SIEM testing"?

  • a) Chronicle API Client
  • b) Nmap
  • c) Wireshark
  • d) Metasploit
Answer: A - Identifies detection gaps in YARA-L detection rules.

293. What is "ISO 28000" standard?

  • a) Supply chain security management
  • b) Network penetration testing
  • c) Malware detection
  • d) Firewall configuration
Answer: A - Secures logistics/supply chains against cyber-physical threats.

294. Which attack exploits "Azure Confidential Computing"?

  • a) Side-channel attacks on secure enclaves (SGX/SEV)
  • b) SQL injection
  • c) Cross-site scripting
  • d) DNS spoofing
Answer: A - Exploits hardware vulnerabilities in trusted execution environments.

295. What is "ISO 31000" standard?

  • a) Risk management principles
  • b) Network segmentation
  • c) Malware analysis
  • d> Cryptographic protocols
Answer: A - Framework for identifying, assessing, and mitigating risks.

296. Which tool performs "AWS Macie data discovery testing"?

  • a> Macie CLI
  • b) Nmap
  • c) Wireshark
  • d) Burp Suite
Answer: A - Tests for false negatives in sensitive data classification.

297. What is "ISO 33000" series?

  • a) Process assessment standards
  • b) Network security controls
  • c) Malware detection
  • d) Physical security
Answer: A - Includes SPICE (ISO 33020) for capability maturity evaluation.

298. Which attack exploits "GCP Security Command Center (SCC) gaps"?

  • a) Disabling findings for specific resources/projects
  • b) SQL injection
  • c) Cross-site scripting
  • d) DNS spoofing
Answer: A - Exploits misconfigured exclusion filters in SCC.

299. What is "ISO 37001" standard?

  • a) Anti-bribery management system
  • b) Network penetration testing
  • c) Malware detection
  • d) Firewall configuration
Answer: A - Mitigates bribery risks in procurement/vendor relationships.

300. Which header prevents "Cross-Origin-Opener-Policy (COOP) bypasses"?

  • a> Cross-Origin-Opener-Policy
  • b) Content-Security-Policy
  • c) X-Frame-Options
  • d) Strict-Transport-Security
Answer: A - Cross-Origin-Opener-Policy: same-origin isolates browsing contexts.
« First 12 13 14 15 Last »
« Previous Page Next Page »

Ethical Hacking MCQs - Master Cybersecurity & Penetration Testing | PCBooks

🔐 Preparing for CEH, OSCP, or cybersecurity interviews? Get free practice MCQs covering ethical hacking, penetration testing, network security, and cyber defense. Perfect for:

🛡️ Ethical Hacking Fundamentals MCQs

👉 Footprinting & reconnaissance techniques
👉 Scanning networks (Nmap, Nessus)
👉 System hacking methodologies
👉 Social engineering attacks

💻 Penetration Testing MCQs

🎯 Web application security tests
- SQL injection and XSS vulnerabilities
- CSRF and session hijacking defenses
🎯 Network penetration strategies
- Firewall evasion techniques
- IDS/IPS bypass methods
🎯 Wireless security assessments

🔐 Cryptography & Security MCQs

👉 Symmetric vs asymmetric encryption
👉 SSL/TLS implementation
👉 PKI infrastructure concepts
👉 GDPR compliance requirements

🚀 Start Your Cybersecurity Practice

Ethical Hacking Practice Questions →

🏆 Trusted by 70,000+ cybersecurity aspirants for CEH, CISSP, and OSCP exam success!

ethical hacking multiple choice questions with answers PDF, Top 50 ethical hacking interview questions and answers, CEH v12 MCQ questions and answers, Basic ethical hacking quiz for beginners, OSCP interview questions and answers, Penetration testing MCQ questions, Cybersecurity multiple choice questions for beginners, Top 100 cybersecurity interview questions 2024, CISSP exam questions and answers PDF, Network security MCQ with explanations, Cybersecurity quiz for freshers, Security+ SY0-701 practice questions, Cryptography MCQ questions for interviews, Web application security interview questions, SOC analyst technical interview questions, Bug bounty hunter interview questions, Cloud security MCQ questions and answers, GDPR compliance interview questions, Free ethical hacking practice questions with answers, How to prepare for cybersecurity technical interview, Best websites for cybersecurity MCQs, Scenario-based ethical hacking interview questions, Difference between XSS and CSRF MCQ