Basic Ethical Hacking Multiple choice Questions and Answers pdf

16) Explain what is Burp Suite, what are the tools it consist of?
Burp suite is an integrated platform used for attacking web applications. It consists of all the Burp tools required for attacking an application.  Burp Suite tool has same approach for attacking web applications like framework for handling HTTP request, upstream proxies, alerting, logging and so on.

The tools that Burp Suite has
Proxy
Spider
Scanner
Intruder
Repeater
Decoder
Comparer
Sequencer

17) Explain what is Pharming and Defacement?
Pharming: In this technique the attacker compromises the DNS ( Domain Name System) servers or on the user computer so that traffic is directed to a malicious site
Defacement: In this technique the attacker replaces the organization website with a different page.  It contains the hackers name, images and may even include messages and background music

18) Explain how you can stop your website getting hacked?
By adapting following method you can stop your website from getting hacked
Sanitizing and Validating users parameters: By Sanitizing and Validating user parameters before submitting them to the database can reduce the chances of being attacked by SQL injection
Using Firewall: Firewall can be used to drop traffic from suspicious IP address if attack is a simple DOS
Encrypting the Cookies: Cookie or Session poisoning can be prevented by encrypting the content of the cookies, associating cookies with the client IP address and timing out the cookies after some time
Validating and Verifying user input : This approach is ready to prevent form tempering by verifying and validating the user input before processing it
Validating and Sanitizing headers :  This techniques is useful against cross site scripting or XSS, this technique includes validating and sanitizing headers, parameters passed via the URL, form parameters and hidden values to reduce XSS attacks

19) Explain what is Keylogger Trojan?
Keylogger Trojan is malicious software that can monitor your keystroke, logging them to a file and sending them off to remote attackers.  When the desired behaviour is observed, it will record the keystroke and captures your login username and password.

20) Explain what is Enumeration?
The process of extracting machine name, user names, network resources, shares and services from a system. Under Intranet environment enumeration techniques are conducted.

Read More Questions:
Ethical Hacking interview questions Part1
Ethical Hacking interview questions Part2



0 comments: