This set of Cyber Security Multiple Choice Questions & Answers (MCQs) focuses on “Information Gathering Phase & Techniques – 1”.
1. ________________ is a component of the reconnaissance stage that is used to gather possible information for a target computer system or network.
a) Fingerprinting
b) 3D printing
c) Footprinting
d) Data printing
View Answer
Explanation: Footprinting is a component of the reconnaissance stage that is used to gather possible information for a target computer system or network. It can be either active or passive footprinting.
2. How many types of footprinting are there?
a) 5
b) 4
c) 3
d) 2
View Answer
Explanation: Footprinting is a component of the reconnaissance stage that is used to gather possible information for a target computer system or network. It can be of 2 types: active or passive footprinting.
3. ________________ is one of the 3 pre-attacking phase.
a) Fingerprinting
b) 3D printing
c) Footprinting
d) Data printing
View Answer
Explanation: Footprinting is a component of the reconnaissance stage that is used to gather possible information for a target computer system or network. It can be either active or passive footprinting.
4. A/An ______________ spends 85% of his/her time in profiling an organization and rest amount in launching the attack.
a) security analyst
b) attacker
c) auditor
d) network engineer
View Answer
Explanation: An attacker spends 85% of his/her time in profiling an organization and rest amount in launching the attack. Footprinting results in a unique organization profile with respect to the networks.
5. _______________ is necessary to methodically & systematically ensure all pieces of information related to target.
a) Fingerprinting
b) 3D printing
c) Footprinting
d) Data printing
View Answer
Explanation: Footprinting is a component of the reconnaissance stage which is necessary to methodically & systematically ensure all pieces of information related to the target. It can be either active or passive footprinting.
6. Which of the following is not a spot from where attackers seek information?
a) Domain name
b) IP address
c) System enumeration
d) Document files
View Answer
Explanation: Internet is a common medium for gathering information such as from Domain name, IP address of the target user, enumeration of victim’s system, IDSes running, TCP & UDP services etc.
7. Which of them is not an information source over the internet for target attackers?
a) Whois
b) YouTube
c) Nslookup
d) Archive sites
View Answer
Explanation: Information can be available free from some sites and databases residing on the internet. These services and sites are – Whois, Nslookup, Archive Sites, open-source software sites etc.
8. Footprinting is used to collect information such as namespace, employee info, phone number and emails, job details.
a) True
b) False
View Answer
Explanation: Footprinting is used to collect information such as namespace, employee info, phone number and emails, job details, IP address domain name, geo-location, browsing history etc.
9. Spywares can be used to steal _______________ from the attacker’s browser.
a) browsing history
b) company details
c) plug-ins used
d) browser details
View Answer
Explanation: Spywares can be used to steal browsing history, browsing habits and other related searches from the attacker’s browser. Google chrome itself has a search box in the address bar which the spyware might monitor to take search results as information for the attacker.
10. https://archive.org is a popular site where one can enter a domain name in its search box for finding out how the site was looking at a given date.
a) True
b) False
View Answer
Explanation: https://archive.org is a popular archive site where one can enter a domain name in its search box for finding out how the site was looking at a given date. It stores all the details about the look and working of the site, even when the site got updated.
11. Information about people is available people search sites. Which of them is an example of people data searching site?
a) people.com
b) indivinfo.org
c) intelius.com
d) peopleinfo.org
View Answer
Explanation: Information about people is available people search sites. https://www.intelius.com/ is an example of such site which holds records of people’s information.
12. You can attain a series of IP addresses allotted to a particular company using __________ site.
a) https://www.ipdata.org/
b) https://www.arin.net/
c) https://www.ipip.com/
d) https://www.goipaddr.net/
View Answer
Explanation: Hackers can attain a series of IP addresses allotted to a particular company using https://www.arin.net/ site. Hackers can enter the company name in the search box for finding a list of all the assigned IP addresses.
13. ARIN is abbreviated as _____________
a) American Registry for Internet Numbers
b) American Registry for IP Numbers
c) All Registry for Internet Numbers
d) American Registry for IP Numbering
View Answer
Explanation: ARIN is abbreviated as American Registry for Internet Numbers. Hackers can attain a series of IP addresses allotted to a particular company using https://www.arin.net/ site. Hackers can enter the company name in the search box for finding a list of all the assigned IP addresses.
14. Using spyware is an example of _________ type of information gathering.
a) active
b) passive
c) active & passive
d) non-passive
View Answer
Explanation: Using spyware is an example of an active information gathering technique. Spywares can be used to steal browsing history, browsing habits and other related searches from the attacker’s browser. Google chrome itself has a search box in the address bar which the spyware might monitor to take search results as information for the attacker.
15. Collecting freely available information over the internet is an example of ____________ type of information gathering.
a) active
b) passive
c) active & passive
d) non-passive
View Answer
Explanation: Collecting freely available information over the internet is an example of passive information gathering technique. It uses archive sites, Google, domain name, people search, Nslookup etc.
Sanfoundry Global Education & Learning Series – Cyber Security.
To practice all areas of Cyber Security, here is complete set of 1000+ Multiple Choice Questions and Answers.
If you find a mistake in question / option / answer, kindly take a screenshot and email to [email protected]
- Practice Computer Science MCQs
- Apply for Computer Science Internship
- Practice Cryptography & Network Security MCQ
- Check Computer Science Books
- Check Programming Books
