Explore topic-wise InterviewSolutions in .

The correct answer is (C) Maltego

Easiest explanation: SUPERSCAN, TCPVIEW and OWASP ZED are tools used for scanning footprints. Maltego is not a footprint-scanning tool. It is used for reconnaissance purpose only.

The correct CHOICE is (C) Port Scanning

For explanation: Port scanning is a method used in the scanning phase. Altering or changing log FILES, tunnelling for hiding your identity and REMOVING footprints from different sites are EXAMPLES of clearing tracks.

The correct CHOICE is (B) Tracks clearing

To explain I would say: Tracks clearing or covering tracks is the name of the PHASE where the hackers delete logs of their existence & other activity records they do during the hacking process. This step is actually an unethical ONE.

The correct answer is (d) WIRESHARK

Easiest explanation: Wireshark is not a tool for maintaining access because it is used for ANALYSING network protocols at a microscopic level (very minutely). It is an INTERACTIVE tool for DATA traffic analysing on any computer.

The CORRECT option is (a) Powersploit

Explanation: The Powersploit is an access MAINTAINING tool used for Windows SYSTEMS. This tool is used for GAINING re-access to the victim’s system using PowerShell.

Correct choice is (c) Maintaining Access

For explanation: After gaining access to a system, the hacker needs to keep a path OPEN so that he/she in FUTURE can access the system. Therefore, BACKDOORS are SET which will later allow the attacker to gain access through it EASILY.

The correct option is (a) Tunnelling

The explanation is: Tunnelling is a method that is followed to cover tracks CREATED by attackers and erasing digital FOOTPRINTS. BUFFER overflow, session hijacking and password cracking are examples of GAINING access to test the flaw in system or network.

The correct CHOICE is (d) Gaining access

Easiest explanation: Penetration testers after SCANNING the SYSTEM or network tries to EXPLOIT the flaw of the system or network in “gaining access” phase.

Right answer is (d) Gaining access

The EXPLANATION is: Gaining access is the next step after scanning. Once the scanning tools are used to LOOK for flaws in a SYSTEM, it is the next PHASE where the ethical hackers or penetration testers have to TECHNICALLY gain access to a network or system.

The correct option is (C) Maltego

The explanation is: NMAP is used for both RECONNAISSANCE and scanning purposes. Nepose and Nessus are fully scanning TOOL. Maltego is an example of a reconnaissance tool used for acquiring information about target user.

The correct answer is (d) Google Dorks

The BEST I can EXPLAIN: Google dork is used for RECONNAISSANCE, which uses special search queries for NARROWING down the search results. The rest THREE scanning methodologies are used for scanning ports (logical), and network vulnerabilities.

Right option is (b) SCANNING

Best explanation: Scanning is DONE to look for entry points in a NETWORK or system in order to LAUNCH an attack and check whether the system is PENETRABLE or not.

Right answer is (b) Scanning

The best I can EXPLAIN: In the scanning phase, the HACKER actively SCANS for the vulnerabilities or SPECIFIC information in the network which can be exploited.

Correct answer is (d) Search about TARGET records in ONLINE people DATABASE

The explanation: Passive reconnaissance is all about acquiring of information about the target indirectly, HENCE searching any information about the target on online people database is an example of passive reconnaissance.

The CORRECT choice is (B) Telephone CALLS as a HELP desk or fake customer care person

The best explanation: As active reconnaissance is all about interacting with target victim directly, hence telephonic calls as a legitimate customer care person or help desk person, the attacker can get more information about the target user.

The correct option is (a) 2

Easy explanation: Reconnaissance can be done in two different ways. 1^st, ACTIVE Reconnaissance which involves interacting with the TARGET user or system directly in order to GAIN information; 2^nd, PASSIVE Reconnaissance, where information gathering from target user is done INDIRECTLY without interacting with the target user or system.

Correct CHOICE is (d) Nexpose

Easy EXPLANATION: Hping, NMAP & Google Dorks are tools and techniques for reconnaissance. Nexpose is a tool for scanning the network for VULNERABILITIES.

Correct ANSWER is (a) Reconnaissance

Easiest EXPLANATION: Reconnaissance is the phase where the ethical hacker TRIES to GATHER different KINDS of information about the target user or the victim’s system.

Right option is (C) 6

To ELABORATE: ACCORDING to the standard ethical hacking standards, the entire process of hacking can be divided into 6 steps or PHASES. These are: Reconnaissance, Scanning, Gaining Access, Maintaining Access, Tracks CLEARING, reporting.