Tools and Methods Used in Cybercrime
1. ______________ is an internet scam done by cyber-criminals
where the user is convinced digitally to provide confidential
information.
a) Phishing attack
b) DoS attack
c) Website attack
d) MiTM attack
Answer: a
Clarification: Phishing is an internet scam done by cyber-criminals
where the user is convinced digitally to provide confidential
information. There are different types of phishing. Some of them
redirect the user to different sites via emails & spyware.
2. In _______________ some cyber-criminals redirect the
legitimate users to different phishing sites and web pages via emails,
IMs, ads and spyware.
a) URL Redirection
b) DoS
c) Phishing
d) MiTM attack
Answer: c
Clarification: Phishing is an internet scam done by hackers to provide
classified information. In some of them, cyber-criminals redirect the
users to different sites via emails, IMs, and ads.
3. ______________ was the first type of phishing where the
phishers developed an algorithm for generating random credit card
numbers.
a) Algo-based phishing
b) Email-based phishing
c) Domain Phishing
d) Vishing
Answer: a
Clarification: Phishing is a category of social engineering attack. In
Algorithm-Based Phishing, an algorithm for generating random credit
card numbers for getting an original card’s match.
4. _________________ type of phishing became very popular as if
it has been sent from a legitimate source with a legitimate link to its
official website.
a) Algo-based phishing
b) Email-based phishing
c) Domain Phishing
d) Vishing
Answer: b
Clarification: In email phishing, the email is fashioned as if it has been
sent from a legitimate source with a legitimate link to its official
website. It came into origin in the year 2000.
5. ____________ or smishing is one of the simplest types of
phishing where the target victims may get a fake order detail with a
cancellation link.
a) Algo-based phishing
b) SMS phishing
c) Domain Phishing
d) Spear phishing
Answer: b
Clarification: SMS phishing or Smishing is one of the simplest types of
phishing where the target victims may get a fake order detail with a
cancellation link or any other link that leads you to a malicious link.
6. ________________ phishing is that type of phishing where the
construction of a fake webpage is done for targeting definite keywords
& waiting for the searcher to land on the fake webpage.
a) Voice
b) SMS
c) Search engine
d) Email
Answer: c
Clarification: Search engine phishing is that type of phishing where
the construction of a fake webpage is done for targeting definite
keywords & waiting for the searcher to land on the fake webpage.
7. Which of the following is not an example or type of phishing?
a) Spear phishing
b) Deceptive phishing
c) Whaling
d) Monkey in the Middle
Answer: d
Clarification: Phishing is an internet scam done by cyber-criminals
where the user is convinced digitally to provide confidential
information. There are different types of phishing. Some of them are
Spear phishing, deceptive phishing, whaling, pharming, vishing.
8. _____________ attack is the exploitation of the web-session & its
mechanism that is usually managed with a session token.
a) Session Hacking
b) Session Hijacking
c) Session Cracking
d) Session Compromising
Answer: b
Clarification: Session Hijacking attack is the exploitation of the websession & its mechanism that is usually managed with a session token.
Mostly it is called TCP session hijacking that deals with a security
attack on any target victim’s session over a protected network.
9. The most commonly used session hijacking attack is the
_______________
a) IP hacking
b) IP spooling
c) IP spoofing
d) IP tracking
Answer: c
Clarification: Session Hijacking is the utilization of a valid system
session which is usually managed with a token. The most commonly
used session hijacking attack is IP spoofing.
10. ________________ are required because HTTP uses a lot of
diverse TCP connections, so, the web server needs a means to
distinguish every user’s connections.
a) Internet
b) Network
c) Hijacking
Answer: d
Clarification: Sessions are required because HTTP uses a lot of diverse
TCP connections, so, the web server needs the means to distinguish
every user’s connections. Session hijacking attack is the exploitation of
the web-session & its mechanism that is usually managed with a
session token.
11. Since most _______________________ occur at the very
beginning of the TCP session, this allows hackers to gain access to any
system.
a) authentications
b) breaches
c) integrations
d) associations
Answer: a
Clarification: TCP session hijacking that deals with a security attack
on any target victim’s session over a protected network. Since most
authentications occur at the very beginning of the TCP session, this
allows hackers to gain access to any machine.
12. Which of the following example do not comes under network level
session hijacking.
a) TCP/IP Hijacking
b) RST Hijacking
c) Domain Hijacking
d) Blind Hijacking
Answer: c
Clarification: The network hijacking is implemented on the data flow
of protocol shared by all web applications. Examples of network level
hijacking are TCP/IP hijacking, RST hijacking, blind hijacking UDP
hijacking etc.
13. In ___________________ session hijacking, hackers gain
session ID for taking control of existing session or even create a new
unauthorized session.
a) network level
b) physical level
c) application level
d) data level
Answer: b
Clarification: These are network level and application level hijacking.
In application level session hijacking, hackers gain session ID for
taking control of existing session or even create a new unauthorized
session.
14. Which of them is not a session hijacking tool?
a) Juggernaut
b) IP watcher
c) Wireshark
d) Paros HTTP Hijacker
Answer: c
Clarification: The session depicts the time period in which
communication of 2 computer systems takes place. Some of the
sessions hijacking tools are Jiggernaut, IP watcher and Paros HTTP
Hijacker.
15. Which of the following is a session hijacking tool?
a) T-Sight
b) Wireshark
c) Maltego
d) Nessus
Answer: a
Clarification: The session remains valid up to the ending of any
communication. Some of the sessions hijacking tools are T-Sight,
Jiggernaut, IP watcher and Paros HTTP Hijacker.
16. _____________ are unwanted software intended to pitch
advertisements upon the user’s screen, most often within a web
browser.
a) Shareware
b) Adware
c) Bloatware
d) Ransomware
Answer: b
Clarification: Adwares are unwanted software intended to pitch
advertisements upon the user’s screen, most often within a web
browser. Sometimes, hackers embed malware along with it to
compromise systems. So, security professionals treat it as modern-day
PUP (potentially unwanted programs).
17. PUP is abbreviated as ____________
a) Potentially Useless Programs
b) Potentially Unwanted Protocols
c) Potentially Unwanted Programs
d) Partial Unwanted Programs
Answer: c
Clarification: Adwares are designed to pitch advertisements upon
user’s screen, most often within a web browser.
18. Users might invite some bogus virus in his/her system by clicking
the ____________
a) Shareware
b) Spyware
c) URL
d) Adware
Answer: d
Clarification: The unwanted software used to pitch ads on the user’s
screen is the adware, displayed most often within a web browser.
Users might invite some bogus virus in his/her system by clicking the
adware.
19. Which among the following is not an abnormal symptom found
once you click any malicious adware?
a) Automatic opening of new tabs in the browser
b) Automatic updates of antivirus
c) Changes in home page
d) Popping up of new Search engines on your browser
Answer: b
Clarification: Some abnormal symptom found once you click any
malicious adware are the automatic openinThank you for helping us measure the g of new tabs in the
Internet.
20. Once _____________ hijacks your system, it might perform
different sorts of unwanted tasks.
a) Server hacking
b) Banner grabbing
c) Cracking
d) Hijacking
Answer: d
Clarification: Once adware hijacks your system, it might perform
different kinds of superfluous tasks. The adware’s functions may be
intended to analyze a victim’s location & what different Internet sites
he/she is visiting.
21. Creators of _____________ also sell your browsing behaviour &
information to 3 parties.
a) Shareware
b) Spyware
c) URL
d) Adware
Answer: d
Clarification: The adware’s functions may be intended to analyze a
victim’s location & what different Internet sites he/she is visiting.
Creators of adware also sell your browsing behaviour & information to
3 parties.
22. Modern ____________ can even use it to target users with
additional advertisements that are customized to the browsing habits.
a) smart shareware
b) smart adware
c) smart bloatware
d) smart spyware
Answer: b
Clarification: Creators of adware also sell your browsing behaviour &
information to 3 parties. Modern smart adware can even use it to
target users with additional advertisements that are customized to
browsing habits.
23. Creators of adware also sell your browsing behaviour & information
to 3 parties.
a) True
b) False
Answer: a
Clarification: The adware’s functions may be intended to analyze the
victim’s location & what different Internet sites he/she is visiting.
Creators of adware also sell your browsing behaviour & information to
3 parties.
24. Which among the following is not a symptom of your system
compromised with adware?
a) Website links redirect to sites unlike from what user is intended
b) Web browser acts slows to a crawl
c) System takes restarts frequently
d) The browser might crash frequently
Answer: c
Clarification: When adware hijacks your system, various kinds of
unessential tasks keep on happening. Website links redirect to sites
unlike from what user is intended, web browser acts slows to a crawl,
the browser might crash frequently etc are some of the symptoms of
adware infected system.
25. Malicious adware may sneak into your system by __________
different ways.
a) five
b) four
c) three
d) two
Answer: d
Clarification: Malicious adware may sneak into your system in 2
different ways. 1 , if you download and install a program that is
freeware or shareware, it might install some other programs and ads –
popping applications. 2 , through insidious – websites containing
adware.
26. Which of the following term is not a valid terminology and type of
adware?
a) Mobile adware
b) Mac Adware
c) Smart-home adware
d) Windows adware
Answer: c
Clarification: Website links redirect to sites unlike from what the user
is intended, web browser acts slows to a crawl, the browser might
crash frequently etc are some of the symptoms of adware infected
system These are mobile/android adware, Mac and Windows adware
etc
27. ________________ is a type of reverse engineering tool that is
used to dissect binary codes into assembly codes.
a) PE & Resource Viewer
b) Debugger
c) Disassembler
d) Hex Editor
Answer: c
Clarification: Disassembler is a type of reverse engineering tool that is
used to dissect binary codes into assembly codes. They are also in use
to extract functions, strings, libraries, and other parts of a program.
28. Which of the following is not a function or use of disassembler?
a) Extracting functions & libraries
b) Extracting strings and values
c) Assemble medium-level codes
d) Dissect binary codes
Answer: c
Clarification: Assembling of medium-level codes is not the use of
disassembler. The disassembler is a type of reverse engineering tool
that is used to dissect binary codes into assembly codes.
29. Which of the following is not a feature of IDAPro?
a) Instant debugging
b) Connect local and remote systems easily
c) Explore in-depth binary data
d) Convert machine language to high-level code
Answer: d
Clarification: IDAPro is used as a disassembler in manual binary code
analysis and also used as debugger which is used for instant
debugging, connect local and remote systems easily and explore indepth binary data.
30. A _____________ takes executable file as input and tries to
generate high level code.
a) Debugger
b) Decompiler
c) Disassembler
d) Hex Editor
Answer: b
Clarification: A decompiler takes an executable file as input and tries
to generate high-level code. They can be said as opposite of compiler.
It does not attempt to reverse the actions of the compiler; rather it
transforms the input program repeatedly until HLL code is achieved.
31. ________________ does not attempt to reverse the actions of
compiler; rather it transforms the input program repeatedly until HLL
code is achieved.
a) Debugger
b) Hex Editor
c) Disassembler
d) Decompiler
Answer: d
Clarification: Usually, decompiler is feed with executable files and it
tries to produce high-level code. They can be said as opposite of
compiler. It does not attempt to reverse the actions of a compiler;
rather it transforms the input program repeatedly until HLL code is
achieved.
32. _____________ will not recreate the original source file created
by the compiler.
a) Debugger
b) Hex Editor
c) Decompiler
d) Disassembler
Answer: c
Clarification: Decompilers does not attempt to reverse the actions of a
compiler; rather it transforms the input program repeatedly until HLL
code is achieved. They will not recreate the original source file created
by the compiler.
33. Which of the following is not a decompiler tool?
a) DCC decompiler
b) Borol and C
c) Boomerang Decompiler
d) ExeToC
Answer: b
Clarification: Decompilers are part of Reverse Engineering tools that
try to generate high-level code. Some common decompiler tools are
DCC decompiler, Boomerang Decompiler, ExeToC, REC (reverse
engineering compiler) etc.
34. REC stands for ________________
a) Reverse Engineering Compiler
b) Reverse Engineering Computer
c) Return-to-Code Engineering Compiler
d) Reversing Engineered Compiler
Answer: a
Clarification: Reverse Engineering Compiler (REC) is a decompiler
tool that is part of Reverse Engineering tools which takes an
executable file as input and tries to generate high-level code.
35. _______________ is a universal interactive program
environment for reverse engineering.
a) TurboC
b) Andromeda Decompiler
c) IDAPro
d) PE Explorer
Answer: b
Clarification: Andromeda Decompiler is a universal interactive
program environment for reverse engineering. It is a popular
interactive decompiler that tries to general
36. Which one is not an example of .Net application decompiler?
a) Salamander
b) Dis#
c) Decompiler.Net
d) MultiRipper
Answer: d
Clarification: Decompilers are part of Reverse Engineering tools that
take an executable file as input and tries to generate high-level code.
MultiRipper is a Delphi and C++ decompiler. Salamander, Dis#,
Anakrino & Decompiler.Net are .NET application decompilers.
37. A ______________ tries to formulate a web resource occupied or
busy its users by flooding the URL of the victim with unlimited
requests than the server can handle.
a) Phishing attack
b) DoS attack
c) Website attack
d) MiTM attack
Answer: b
Clarification: A DoS attack tries to formulate a web resource occupied
or busy to its users by flooding the URL of the victim with unlimited
requests than the server can handle.
38. During a DoS attack, the regular traffic on the target
_____________ will be either dawdling down or entirely
interrupted.
a) network
b) system
c) website
d) router
Answer: c
Clarification: Using of DoS attack put together web resource by
flooding its users with unlimited requests. During a DoS attack, the
regular traffic on the target website will be either dawdling down or
entirely interrupted.
39. The intent of a ______________ is to overkill the targeted
server’s bandwidth and other resources of the target website.
a) Phishing attack
b) DoS attack
c) Website attack
d) MiTM attack
Answer: b
Clarification: Web resource gets occupied or busy as it floods its users
performing DoS attack. The intent of this attack is to overkill the
targeted server’s bandwidth and other resources of the target website.
40. DoS is abbreviated as _____________________
a) Denial of Service
b) Distribution of Server
c) Distribution of Service
d) Denial of Server
Answer: a
Clarification: A Denial of Service attack targets its victim by flooding
the URL of the victim with unlimited requests. The intent of this
attack is to overkill the targeted server’s bandwidth and other
resources of the target website.
41. A DoS attack coming from a large number of IP addresses, making
it hard to manually filter or crash the traffic from such sources is
known as a _____________
a) GoS attack
b) PDoS attack
c) DoS attack
d) DDoS attack
Answer: d
Clarification: A DoS attack coming from a large number of IP
addresses, making it hard to manually filter or crash the traffic from
such sources is known as a Distributed Denial of Service (DDoS)
attack.
42. DDoS stands for _________________
a) Direct Distribution of Server
b) Distributed Denial of Service
c) Direct Distribution of Service
d) Distributed Denial of Server
Answer: b
Clarification: When a DoS attack comes from a large number of IP
addresses, this makes it hard to manually filter or crash the traffic
from such sources and the attack is known as a Distributed Denial of
Service (DDoS) attack.
43. Instead of implementing single computer & its internet bandwidth,
a ____________ utilizes various systems & their connections for
flooding the targeted website.
a) GoS attack
b) PoS attack
c) DDoS attack
d) DoS attack
Answer: c
Clarification: DDoS is another leading attack type. Instead of
implementing single computer & its internet bandwidth, a DDoS
utilizes various systems & their connections for flooding the targeted
website.
44. There are ______ types of DoS attack.
a) 2
b) 3
c) 4
d) 5
Answer: a
Clarification: With the help of DoS attack attackers try to busy its
users by flooding the URL of the victim with limitless requests. There
are two types of DoS attack. These are Application Layer Attacks and
Network Layer DoS attacks.
45. Application layer DoS attack is also known as _______________
a) Layer4 DoS attack
b) Layer5 DoS attack
c) Layer6 DoS attack
d) Layer7 DoS attack
Answer: d
Clarification: A DoS attack is a very dangerous threat for users who
have their services running via the internet. The Application Layer
DoS is also known as Layer-7 DoS attack.
46. ___________ is a type of DoS threats to overload a server as it
sends a large number of requests requiring resources for handling &
processing.
a) Network Layer DoS
b) Physical Layer DoS
c) Transport Layer DoS
d) Application Layer DoS
Answer: d
Clarification: DoS attacks are of two types. These are Application
Layer Attacks and Network Layer DoS attacks. Application Layer DoS
is a type of DoS threats to overload a server as it sends a large number
of requests requiring resources for handling & processing.
48. Which of the following is not a type of application layer DoS?
a) HTTP flooding
b) Slowloris
c) TCP flooding
d) DNS query flooding
Answer: c
Clarification: In application Layer DoS, its threats to overload a server
as it sends a large quantity of requests requiring resources for
handling & processing. This category includes HTTP flooding, slowflooding attack and DNS query flooding.
49. Network layer attack is also known as ________________
a) Layer3-4 DoS attack
b) Layer5 DoS attack
c) Layer6-7 DoS attack
d) Layer2 DoS attack
Answer: a
Clarification: Denial of Service attack becomes dangerous because it
floods the target service over the internet. There are two types of DoS
attack. The Network Layer DoS is also known as the Layer 3-4 DoS
attack.
50. Which of the following do not comes under network layer DoS
flooding?
a) UDP flooding
b) HTTP Flooding
c) SYN flooding
d) NTP Amplification
Answer: b
Clarification: Network layer DoS attack is set up to congest the
“pipelines” that are connecting user’s network. This includes attacks
such as NTP amplification, SYN flooding, UDP flooding and DNS
amplification.
51. Which of the following do not comes under network layer DoS
flooding?
a) DNS amplification
b) UDP flooding
c) DNS query flooding
d) NTP Amplification
Answer: c
Clarification: Network layer DoS attack includes attacks such as NTP
amplification, SYN flooding, UDP flooding and DNS amplification.
DNS query flooding does not come under the Network layer DoS
attack.
52. DDoS are high traffic events that are measured in Gigabits per
second (Gbps) or packets per second (PPS).
a) True
b) False
Answer: a
Clarification: At the time of DoS attack, it becomes hard to manually
filter or crash the traffic from such sourceThank you for helping us measure the s. DDoS are high traffic
Internet.
events that are measured in Gigabits per second (Gbps) or packets per
second (PPS).
53. A DDoS with 20 to 40 Gbps is enough for totally shutting down the
majority network infrastructures.
a) True
b) False
Answer: a
Clarification: A DoS attack is very dangerous for any targeted victim
because it can seize business and bring loss to a company running on
the website. A DDoS with 20 to 40 Gbps is enough for totally shutting
down the majority network infrastructures.
0 Comments