This set of Cyber Security Multiple Choice Questions & Answers (MCQs) focuses on “Exploits and Exploitation”.
1. ________________ are piece of programs or scripts that allow hackers to take control over any system.
a) Exploits
b) Antivirus
c) Firewall by-passers
d) Worms
View Answer
Explanation: Exploits are the piece of programs or scripts that allow hackers to take control over any system. Vulnerability scanners such as Nexpose and Nessus are used for finding such vulnerabilities.
2. The process of finding vulnerabilities and exploiting them using exploitable scripts or programs are known as _____________
a) infiltrating
b) exploitation
c) cracking
d) hacking
View Answer
Explanation: The process of finding vulnerabilities and exploiting them using exploitable scripts or programs are known as exploitation. Vulnerability scanners such as Nexpose and Nessus are used for finding such vulnerabilities and then they are exploited using such programs and scripts.
3. Which of them is not a powerful vulnerability detecting tool?
a) Nessus
b) Nexpose
c) Metasploit
d) Nmap
View Answer
Explanation: Some of the most widely used tools for detecting vulnerabilities in a system are Nessus, Nexpose, Metasploit and OpenVAS. Hackers use these tools for detecting vulnerabilities and then write exploits to exploit the systems.
4. __________ is the specific search engine for exploits where anyone can find all the exploits associated to vulnerability.
a) Google
b) Bing
c) Exploit-db
d) Exploit-engine
View Answer
Explanation: Since based on vulnerabilities, we can find exploits, Exploit-db is the specific search engine for exploits where anyone can find all the exploits associated with vulnerability. You can find this from https://www.exploit-db.com.
5. Which of the following are not a vulnerability-listed site/database?
a) Exploit-db
b) Common Vulnerabilities and Exposures (CVE)
c) National Vulnerability Database (NVD)
d) Bing Vulnerability database (BVD)
View Answer
Explanation: Exploit-db (https://www.exploit-db.com/), Common Vulnerabilities and Exposures (CVE) (https://cve.mitre.org/), and National Vulnerability Database (NVD) (https://nvd.nist.gov/) are three vulnerability listing site.
6. There are __________ types of exploits based on their working.
a) two
b) three
c) four
d) five
View Answer
Explanation: There are two different types of exploits. These are remote exploits – where hackers can gain access to the system or network remotely, and local exploits – where the hacker need to access the system physically and overpass the rights.
7. How many types of exploits are there based on their nature from hacking’s perspective?
a) 4
b) 3
c) 2
d) 5
View Answer
Explanation: There are basically 2 types of exploits based on the nature of their existence and knowledge. These are known and unknown (i.e. Zero Day). Known exploits are those that are released publicly and people know about them. Unknown exploits are such type of exploits that are not known or the bugs are not fixed by vendors or owners.
8. Known exploits have a confirmation of and measures can be taken against it to resolve them.
a) True
b) False
View Answer
Explanation: Known exploits have a confirmation of and measures can be taken against it to resolve them. These types of vulnerabilities and exploit details are available online in blogs and sites.
9. Unknown exploits are those exploits that have not yet been reported openly and hence present a straightforward attack at firms and the government agencies.
a) True
b) False
View Answer
Explanation: Unknown exploits are those exploits that have not yet been reported openly and hence present a straightforward attack at firms and the government agencies. They’re also called Zero-day exploits.
10. A ____________ is a set of changes done to any program or its associated data designed for updating, fixing, or improving it.
a) scratch
b) patch
c) fixer
d) resolver
View Answer
Explanation: The term ‘patch’ in the applied computer science is a set of changes done to any program or its associated data designed for updating, fixing, or improving it. Patch releases are done by vendors to solve any bug in a system.
11. Fixing of security vulnerabilities in a system by additional programs is known as __________ patches.
a) hacking
b) database
c) server
d) security
View Answer
Explanation: Fixing of security vulnerabilities in a system by additional programs is known as security patches. These type of patches helps in fixing security bugs and improving the overall security of the system.
12. Known bugs can be solved or removed by __________________ develop by the vendors of the application.
a) removing the application
b) changing the software
c) installing security patches
d) installing database patches
View Answer
Explanation: Known bugs and vulnerabilities of a system can be solved or installing or updating the security patches developed by the vendor or owner of that particular application.
13. ___________________ are some very frequent updates that come for every anti-virus.
a) Patch update
b) Data update
c) Code update
d) Definition update
View Answer
Explanation: Definition updates are some very frequent updates that come for every anti-virus. These updates are frequently rolled out in order to update your antivirus software with the latest releases of attack vectors and bugs.
14. National Vulnerability Database (NVD) is _________________ repository of data regarding vulnerability standards.
a) U.S. government
b) India government
c) Russian government
d) China Government
View Answer
Explanation: National Vulnerability Database (NVD) is the US government repository of data regarding vulnerability standards. It is available from the link https://nvd.nist.gov.
15. CVE is a directory of lists of publicly recognized information security vulnerabilities as well as exposures.
a) True
b) False
View Answer
Explanation: CVE is a directory of lists of publicly recognized information security vulnerabilities as well as exposures. It is available from the link https://cve.mitre.org.
Sanfoundry Global Education & Learning Series – Cyber Security.
To practice all areas of Cyber Security, here is complete set of 1000+ Multiple Choice Questions and Answers.
If you find a mistake in question / option / answer, kindly take a screenshot and email to [email protected]
- Check Computer Science Books
- Practice Computer Science MCQs
- Check Cyber Security Books
- Apply for Computer Science Internship
- Practice Programming MCQs
