The Maharashtra State Board of Technical Education designed the ETI course to equip students with the latest knowledge and developments in the field.
This post contains all Chapters/units mcq from 1 to 6 of ETI
To evaluate your understanding of the course, you can practice the ETI MCQs available in PDF format. You can easily download and practice them whenever and wherever you want. The MCQs are divided into different units and chapters, allowing you to focus on specific areas of the course. You can also take the ETI online test to evaluate your knowledge and identify areas of improvement.
Chapter 1: Artificial Intelligence
1. What is the full form of “AI”?
a) Artificially Intelligent
b) Artificial Intelligence
c) Artificially Intelligence
d) Advanced Intelligence
View Answer
Explanation: AI is abbreviated as Artificial Intelligence. It is used to create systems or build machines to think and work like humans.
2. What is Artificial Intelligence?
a) Artificial Intelligence is a field that aims to make humans more intelligent
b) Artificial Intelligence is a field that aims to improve the security
c) Artificial Intelligence is a field that aims to develop intelligent machines
d) Artificial Intelligence is a field that aims to mine the data
View Answer
Explanation: Artificial Intelligence is the development of intelligent systems that work and react in the same way that humans do. Intelligence is a process or a component of the ability to achieve goals in the world. People, animals, and a few machines all have different types and degrees of intelligence.
3. Who is the inventor of Artificial Intelligence?
a) Geoffrey Hinton
b) Andrew Ng
c) John McCarthy
d) Jürgen Schmidhuber
View Answer
Explanation: John McCarthy was a pioneer in Artificial Intelligence research, helping to name the field and spending decades teaching computers to grasp concepts that are intuitive to humans.
4. Which of the following is the branch of Artificial Intelligence?
a) Machine Learning
b) Cyber forensics
c) Full-Stack Developer
d) Network Design
View Answer
Explanation: Machine learning is one of the important sub-areas of Artificial Intelligence likewise Neural Networks, Computer Vision, Robotics, and NLP are also the sub-areas. In machine learning, we build or train ML models to do certain tasks.
5. What is the goal of Artificial Intelligence?
a) To solve artificial problems
b) To extract scientific causes
c) To explain various sorts of intelligence
d) To solve real-world problems
View Answer
Explanation: Artificial Intelligence’s goal is to explain various sorts of intelligence.
6. Which of the following is an application of Artificial Intelligence?
a) It helps to exploit vulnerabilities to secure the firm
b) Language understanding and problem-solving (Text analytics and NLP)
c) Easy to create a website
d) It helps to deploy applications on the cloud
View Answer
Explanation: Language understanding and problem-solving come under the NLP and Text Analysis area which involves text recognition and sentiment analysis of the text. NLP ML model is trained to mainly do the task which processes human language’s speech or text. For example voice assistant.
7. In how many categories process of Artificial Intelligence is categorized?
a) categorized into 5 categories
b) processes are categorized based on the input provided
c) categorized into 3 categories
d) process is not categorized
View Answer
Explanation: It is categorized into 3 steps Sensing, Reasoning, Acting
i) Sensing: Through the sensor taking in the data about the world
ii) Reasoning: Reasoning is thinking or processing the data sensed by the sensor.
iii) Action: On the basis of input and reasoning, acting is generating and controlling actions in the environment.
8. Based on which of the following parameter Artificial Intelligence is categorized?
a) Based on functionally only
b) Based on capabilities only
c) Based on capabilities and functionally
d) It is not categorized
View Answer
Explanation: The two main categorizations of AI are based on the capability and functionality. Based on capability it is divided into Artificial Narrow Intelligence (ANI), Artificial General Intelligence (AGI), and Artificial Super Intelligence (ASI). Based on functionality it is divided into reactive machines, limited memory, theory of mind, and self-awareness.
9. Which of the following is a component of Artificial Intelligence?
a) Learning
b) Training
c) Designing
d) Puzzling
View Answer
Explanation: Intelligence is intangible and is composed of mainly five techniques. Learning is the process of gaining knowledge by understanding, practicing, being taught, or experiencing one thing. Learning enhances the awareness of any topic, hence learning is one of the important components.
10. What is the function of an Artificial Intelligence “Agent”?
a) Mapping of goal sequence to an action
b) Work without the direct interference of the people
c) Mapping of precept sequence to an action
d) Mapping of environment sequence to an action
View Answer
Explanation: A math function that converts a collection of perceptions into actions is known as the agent function. The function is implemented using agent software. An agent is responsible for the actions performed by the machine once it senses the environment.
11. Which of the following is not a type of Artificial Intelligence agent?
a) Learning AI agent
b) Goal-based AI agent
c) Simple reflex AI agent
d) Unity-based AI agent
View Answer
Explanation: There are mainly 5 types of agents:
12. Which of the following is not the commonly used programming language for Artificial Intelligence?
a) Perl
b) Java
c) PROLOG
d) LISP
View Answer
Explanation: Perl is a scripting language. Whereas other programming languages are used to program AI machines.
13. What is the name of the Artificial Intelligence system developed by Daniel Bobrow?
a) program known as BACON
b) system known as STUDENT
c) program known as SHRDLU
d) system known as SIMD
View Answer
Explanation: STUDENT is the name of the Artificial Intelligence system developed by Daniel Bobrow in 1964. Daniel Bobrow had used LISP programming language to write this AI program for his PhD thesis.
14. What is the function of the system Student?
a) program that can read algebra word problems only
b) system which can solve algebra word problems but not read
c) system which can read and solve algebra word problems
d) None of the mentioned
View Answer
Explanation: The system STUDENT developed by Daniel Bobrow was written in LISP to read and solve algebra word problems of high school books. This is referred as the achievement in the field of Natural Language Processing.
15. Which of the following is not an application of artificial intelligence?
a) Face recognition system
b) Chatbots
c) LIDAR
d) DBMS
View Answer
Explanation: Face recognition system, Chatbots, and LIDAR are the various applications of AI in various fields like security system, business, automobiles etc. DBMS is used to store and manipulate data.
16. Which of the following machine requires input from the humans but can interpret the outputs themselves?
a) Actuators
b) Sensor
c) Agents
d) AI system
View Answer
Explanation: Actuators are used in machines to convert energy from one form to another to perform a physical function. The sensor is a device that receives signals from the physical environment to detect the changes. Systems receive input from humans and interpret the outputs.
17. _________ number of informed search method are there in Artificial Intelligence.
a) 4
b) 3
c) 2
d) 1
View Answer
Explanation: There are four types of informed search methods. The four types of informed search method are best-first search, Greedy best-first search, A* search and memory bounded heuristic search.
18. The total number of proposition symbols in AI are ________
a) 3 proposition symbols
b) 1 proposition symbols
c) 2 proposition symbols
d) No proposition symbols
View Answer
Explanation: There are totally 2 proposition symbols. The two proposition symbols are true and false.
19. The total number of logical symbols in AI are ____________
a) There are 3 logical symbols
b) There are 5 logical symbols
c) Number of logical symbols are based on the input
d) Logical symbols are not used
View Answer
Explanation: There are totally five logical symbols. The five logical symbols are:
a) Negation
b) Conjunction
c) Disjunction
d) Implication
e) Biconditional
20. Which of the following are the approaches to Artificial Intelligence?
a) Applied approach
b) Strong approach
c) Weak approach
d) All of the mentioned
View Answer
Explanation: Strong AI is used to build machines that can truly reason and solve problems.
Weak AI deals with building computer-based Artificial Intelligence that can act as if it were intelligent but cannot truly reason and solve problems. Applied approach creates commercially viable “smart” systems.
In the Cognitive approach, a computer is used to test theories about how the human mind works.
21. Face Recognition system is based on which type of approach?
a) Weak AI approach
b) Applied AI approach
c) Cognitive AI approach
d) Strong AI approach
View Answer
Explanation: Applied approach aims to produce commercially viable “smart” systems such as, for example, a security system that recognizes the faces of people to provide access. The applied approach has already enjoyed considerable success.
22. Which of the following is an advantage of artificial intelligence?
a) Reduces the time taken to solve the problem
b) Helps in providing security
c) Have the ability to think hence makes the work easier
d) All of the above
View Answer
Explanation: Artificial intelligence creates a machine that can think and make decisions without human involvement.
23. Which of the following can improve the performance of an AI agent?
a) Perceiving
b) Learning
c) Observing
d) All of the mentioned
View Answer
Explanation: An AI agent learns from previous states by saving it and responding to the same situation better if it occurs again in the future. Hence, learning can improve the performance of an AI agent.
24. Which of the following is/are the composition for AI agents?
a) Program only
b) Architecture only
c) Both Program and Architecture
d) None of the mentioned
View Answer
Explanation: An AI agent program will implement function mapping percepts to actions.
25. On which of the following approach A basic line following robot is based?
a) Applied approach
b) Weak approach
c) Strong approach
d) Cognitive approach
View Answer
Explanation: Weak approach is concerned with the development of a computer-based artificial intelligence that can behave intelligently but cannot really reason or solve issues. According to Weak approach, properly configured computers can mimic human intellect.
26. Artificial Intelligence has evolved extremely in all the fields except for _________
a) Web mining
b) Construction of plans in real time dynamic systems
c) Understanding natural language robustly
d) All of the mentioned
View Answer
Explanation: Artificial Intelligence is used in all the fields to make work easier and complete the work before the deadline. However, it could not excel in these fields. Hence, these areas need more focus for improvements.
27. Which of the following is an example of artificial intelligent agent/agents?
a) Autonomous Spacecraft
b) Human
c) Robot
d) All of the mentioned
View Answer
Explanation: Humans can be considered agents. Sensors include eyes, ears, skin, taste buds, and so on, whereas effectors include hands, fingers, legs, and mouth. Agents are robots. Sensors on robots might include a camera, sonar, infrared, bumper, and so on. Actuators can include grippers, wheels, lights, speakers, and other components. Based on its senses, autonomous spacecraft makes decisions on its own.
28. Which of the following is an expansion of Artificial Intelligence application?
a) Game Playing
b) Planning and Scheduling
c) Diagnosis
d) All of the mentioned
View Answer
Explanation: In recent days AI is used in all sectors in different forms. All sectors require intelligence and automation for its working.
29. What is an AI ‘agent’?
a) Takes input from the surroundings and uses its intelligence and performs the desired operations
b) An embedded program controlling line following robot
c) Perceives its environment through sensors and acting upon that environment through actuators
d) All of the mentioned
View Answer
Explanation: An AI agent is defined as anything that uses sensors and actuators to perceive and act on the environment. It receives information from its surroundings via sensors, executes operations, and outputs via actuators.
30. Which of the following environment is strategic?
a) Rational
b) Deterministic
c) Partial
d) Stochastic
View Answer
Explanation: In a deterministic environment the output is determined based on a particular state. If the environment is deterministic except for the action of other agents it is called deterministic.
31. What is the name of Artificial Intelligence which allows machines to handle vague information with a deftness that mimics human intuition?
a) Human intelligence
b) Boolean logic
c) Functional logic
d) Fuzzy logic
View Answer
Explanation: Many popular goods, such as microwave ovens, cars, and plug-in circuit boards for desktop PCs, employ the first widely-used commercial form of Artificial Intelligence. It enables robots to handle ambiguous data with a dexterity that resembles human intuition.
32. Which of the following produces hypotheses that are easy to read for humans?
a) Machine Learning
b) ILP
c) First-order logic
d) Propositional logic
View Answer
Explanation: ILP (Inductive logic programming) is a subfield of artificial intelligence. Because ILP can participate in the scientific cycle of experimentation So that it can produce a flexible structure.
33. What does the Bayesian network provide?
a) Partial description of the domain
b) Complete description of the problem
c) Complete description of the domain
d) None of the mentioned
View Answer
Explanation: A Bayesian network provides a complete description of the domain.
33. What is the total number of quantification available in artificial intelligence?
a) 4
b) 3
c) 1
d) 2
View Answer
Explanation: There are two types of quantification. They are:
a) Universal
b) Existential
34. What is Weak AI?
a) the study of mental faculties using mental models implemented on a computer
b) the embodiment of human intellectual capabilities within a computer
c) a set of computer programs that produce output that would be considered to reflect intelligence if it were generated by humans
d) all of the mentioned
View Answer
Explanation: Weak AI is the study of mental faculties using mental models implemented on a computer.
35. Which of the following are the 5 big ideas of AI?
a) Perception
b) Human-AI Interaction
c) Societal Impact
d) All of the above
View Answer
Explanation: The 5 big ideas are:
Chapter 2: Internet of things MCQ
1. What is the full form of IoT?
a) Internet of Technology
b) Incorporate of Things
c) Internet of Things
d) Incorporate of Technology
View Answer
Explanation: The full form of IoT is the “Internet of Things”. IoT means accessing and controlling equipment and devices that are used daily through the Internet.
2. What is IoT?
a) network of physical objects embedded with sensors
b) network of virtual objects
c) network of objects in the ring structure
d) network of sensors
View Answer
Explanation: The Internet of Things (IoT) is a network of physical objects embedded with sensors, software, and other technologies for exchanging data with other devices over the internet.
3. Who coined the term “Internet of Things”?
a) Kevin Aston
b) John Wright
c) Edward Jameson
d) George Garton
View Answer
Explanation: Kevin invented coined the term “Internet of Things” in 1999 during his work at Procter & Gamble to describe the network connecting objects in the physical world with the Internet.
4. When was the actual term “Internet of Things” coined?
a) 1998
b) 1999
c) 2000
d) 2002
View Answer
Explanation: The actual term “Internet of Things” was coined in 1999 by technologist Kevin Aston during his work at Procter & Gamble while giving a presentation about technology and the internet.
5. Which of the following is not an IoT device?
a) Table
b) Laptop
c) Arduino
d) Tablet
View Answer
Explanation: IoT devices are embedded with sensors, microprocessors, actuators, etc. Laptop, Arduino, and Tablet are embedded systems and they can be operated with the internet, thus they are IoT devices.
6. Which of the following is false about IoT devices?
a) IoT devices use the internet for collecting and sharing data
b) IoT devices need microcontrollers
c) IoT devices use wireless technology
d) IoT devices are completely safe
View Answer
Explanation: IoT devices are wireless devices and they use the internet for collecting and sharing data. They are not completely safe because they store data and sometimes hackers access them.
7. Which of the following is not an IoT platform?
a) Amazon Web Services
b) Microsoft Azure
c) Salesforce
d) Flipkart
View Answer
Explanation: Amazon Web Services, Microsoft Azure, and Salesforce provide cloud computing IoT services. But Flipkart is an e-commerce website that provides marketing facilities.
8. Which of the following is not an application of IoT?
a) BMP280
b) Smart home
c) Smart city
d) Self-driven cars
View Answer
Explanation: Smart homes, smart cities, and self-driven cars are applications of IoT. BMP280 is a sensor that is used to measure air pressure. It is a component of IoT devices.
9. Which of the following is not a fundamental component of an IoT system?
a) Sensors
b) Connectivity and data processing
c) User interface
d) Transformer
View Answer
Explanation: Sensors are required to collect data, network connectivity is required for data processing and to interface with the user. Transformers are not required as they are used for voltage transformation.
10. What is the full form of IIOT?
a) Index Internet of Things
b) Incorporate Internet of Things
c) Industrial Internet of Things
d) Intense Internet of Things
View Answer
Explanation: The full form of IIOT is the “Industrial Internet of Things”. It is for industry-oriented applications and communication transportation is done through both wired and wireless devices.
11. Which layer is used for wireless connection in IoT devices?
a) Application layer
b) Network layer
c) Data link layer
d) Transport layer
View Answer
Explanation: Data link layer is used for Ethernet and wireless connections. The network layer is used for Internet Protocols. The transport layer is used for TCP/UDP protocols and the application layer directly interacts with the application.
12. Which of the following is false about the IoT components?
a) A light sensor (photoresistor) is an analog sensor
b) A microphone is a digital sensor
c) A push button is a digital sensor
d) A keyboard is a digital sensor
View Answer
Explanation: A light sensor is an analog sensor because it senses light intensity. A microphone is also an analog sensor because it senses sound. Push buttons and keyboards are operated digitally so, they are digital sensors.
13. Which of the following is used to capture data from the physical world in IoT devices?
a) Sensors
b) Actuators
c) Microprocessors
d) Microcontrollers
View Answer
Explanation: Sensors are used to capture data from the physical world. Microprocessors and microcontrollers are used to control the operations and actuators are for outputs of IoT devices.
14. Which of the following command is used to trigger the Amazon echo IOT device?
a) Hello
b) Suri
c) Alexa
d) Hey
View Answer
Explanation: Amazon Echo is a hands-free speaker that can be controlled with the human voice. It connects to Alexa voice services and “Alexa” command is used to trigger Amazon echo IoT device.
15. Which of the following is false about the MANET IoT network?
a) It is a self-configuring network
b) It has a low data rate
c) It doesn’t have any encryption
d) Power is readily available for complex security
View Answer
Explanation: MANET is an unstable network. It is self-configuring and it has a low data rate. It doesn’t have power availability for complex security. It also doesn’t have any encryption.
16. Which of the following is not a sensor in IoT?
a) BMP280
b) DHT11
c) Photoresistor
d) LED
View Answer
Explanation: BMP280 is an air pressure sensor. DHT11 is a humidity and temperature sensor. A photoresistor is a light sensor. LED is not a sensor as it emits light.
17. Which of the following is not an actuator in IoT?
a) Stepper motor
b) A fan
c) An LED
d) Arduino
View Answer
Explanation: An actuator converts electrical signals into a corresponding physical quantity. A stepper motor or a fan can rotate. An LED can emit light. So, they are actuators. But Arduino is not.
18. What is the use of PWM signals in IoT development boards?
a) They are used by sensors to have analog input
b) They are used by sensors to have digital input
c) They are used by actuators to have analog input
d) They are used by actuators to have digital input
View Answer
Explanation: PWM signals are used for power regulation. Actuators mostly need analog signals to operate. So, PWM signals are used by actuators to have analog input.
19. Which of the following is used to reprogram a Bootloader in IoT devices?
a) VHDL programming
b) IDE
c) ICSP
d) MANET
View Answer
Explanation: Bootloader is firmware on a microcontroller. ICSP is used to reprogram a Bootloader in IoT devices. ICSP stands for In-Circuit Serial Programming. It is a special programming method to program firmware.
20. Which of the following is true about Arduino IoT devices?
a) They are open-source software
b) They can only read analog inputs
c) They have their own operating systems
d) They don’t have pre-programmed firmware
View Answer
Explanation: Arduino designs are open-source software. They can read both analog and digital inputs. They don’t have operating systems and firmware is pre-programmed inside them.
21. How many number of elements in the Open IoT Architecture?
a) 3 elements
b) 7 elements
c) 8 elements
d) 6 elements
View Answer
Explanation: The 7 main elements are: sensor middleware (X-GSN), cloud data storage, scheduler, service delivery, and utility manager, request definition, request presentation, configuration and monitoring.
22. IoT-A stands for ________
a) Internet of Things Area
b) Industrial of things Architecture
c) Internet of Things Address
d) Internet of Things Architecture
View Answer
Explanation: The EU’s Internet of Things Architecture is another example of the way in which we can solve IoT related challenges.
23. Which of the following is not a feature of the Raspberry PI model B IoT device?
a) It has 256 MB SDRAM
b) It has a single USB connector
c) It has its own operating system
d) It has an Ethernet port
View Answer
Explanation: Raspberry PI model B has a single 2.0 USB connector and an on-board 10/100 Ethernet RJ45 jack. It has its own operating system and 512 MB SDRAM memory.
24. Which of the following processor is used in the Raspberry PI 3 IoT device?
a) Broadcom BCM2711
b) Broadcom BCM2837
c) Broadcom BCM2838
d) Intel 8085
View Answer
Explanation: Raspberry PI 3 has Broadcom BCM2837 microprocessor. It is a 64-bit Quad-core microprocessor. Broadcom BCM2711 is the microprocessor of Raspberry PI 4 Model B.
25. Which library is used to access I2C in Arduino IoT devices?
a) EEPROM
b) Wire
c) DHT11
d) ArduinoJson
View Answer
Explanation: I2C is a synchronous and serial communication protocol. Wire library is used to access this protocol in Arduino. Initialization is done with Wire.begin() command.
26. Which of the following is not related to Arduino IDE IoT software?
a) Serial monitor
b) Verify
c) Upload
d) Terminate
View Answer
Explanation: Verify option is used to verify or compile the Arduino code and the upload option is used to upload the code to the Arduino development board. Serial monitor is used to display the data.
27. Which of the following is a complete line of home IoT devices that include smart switches?
a) Belkin’s WeMo
b) Cinder
c) Awair
d) Canary
View Answer
Explanation: Belkin’s WeMo is a complete line of home IoT devices that includes smart switches, cameras, lights, an air purifier and more. It allows the end user to control a lot of different devices with one smartphone app.
28. IoT gateway must provide __________
a) Protocol abstraction
b) Data storage
c) Security with hardware
d) Simple and fast installation
View Answer
Explanation: IoT gateway must provide:
Protocol abstraction
Computing and I/O performance
Integration communication capability.
29. What IoT collects?
a) Device data
b) Machine generated data
c) Sensor data
d) Human generated data
View Answer
Explanation: IoT is aggregating and compressing massive amounts of low latency/ low duration/high volume machine generated data coming from a wide variety of sensor to support real time use cases.
30. Which of the following protocol is used to link all the devices in the IoT?
a) HTTP
b) UDP
c) Network
d) TCP/IP
View Answer
Explanation: The internet of Thing is the global system of interconnected computer networks that use the Internet Protocol suite (TCP/IP) to link billions of devices worldwide.
31. Which service permits the changes to the IoT services?
a) Update
b) Registered service status
c) Enable from suspension
d) Enable
View Answer
Explanation: Update service permits changes to the IoT services. In particular, it allows for the updating of the service’s lifecycle metadata according to the requested changes.
32. What is the role of Cloud in smart grid architecture of IoT?
a) Security
b) Collect data
c) Manage data
d) Store data
View Answer
Explanation: Cloud to edge Middleware: manage data and edge devices, data streaming and event processing, control authorized access.
33. What is the component of an IoT system that executes a program?
a) A sensor
b) A microcontroller
c) An actuator
d) A digital to analog converter
View Answer
Explanation: Microcontroller is the component of an IOT device that executes a program. It contains a control unit, converters, timers, flash memory, etc. These are used to control the program execution.
34. Which programming language is used by Arduino IDE IoT software for writing codes?
a) Python
b) Java
c) C/C++
d) JavaScript
View Answer
Explanation: C and C++programming languages are used in Arduino IDE for writing, compiling, and uploading codes. Several in-built libraries are also imported for better coding efficiency.
35. What is the full form of DHCP in IoT communication protocols?
a) Dynamic Host Communication Protocol
b) Domain Host Communication Protocol
c) Dynamic Host Control Protocol
d) Domain Host Control Protocol
View Answer
Explanation: DHCP is a network management protocol used on internet protocol networks to automatically assign IP addresses. DHCP stands for Dynamic Host Communication Protocol.
36. What is the full form of IDE in Arduino IDE IoT software?
a) Intra Defence Environment
b) Intra Development Environment
c) Integrated Development Environment
d) Integrated Deployed Environment
View Answer
Explanation: The full form of IDE in Arduino IDE IoT software is Integrated Development Environment. It is a cross-platform application for Windows, macOS, and Linux operating systems.
37. dweet.io provides __________ to send data from IoT devices.
a) Web API
b) POST HTTP
c) JSON
d) HTTP
View Answer
Explanation: The dweet.io data sharing utility provides Web API so that we can send data from our IoT device, known as thing in dweet.io documentation.
Chapter-3 Basics of Digital Forensics
ETI MCQ MSBTE1. Digital forensics is all of them except:
A. Extraction of computer data.
B. Preservation of computer data.
C. Interpretation of computer data.
D. Manipulation of computer data.
Ans:D
2. IDIP stands for
A. Integrated Digital Investigation Process.
B. Integrated Data Investigator Process.
C. Integrated Digital Investigator Process.
D. Independent Digital Investigator Process.
Ans: A
3. Who proposed Road Map for Digital Forensic Research (RMDFR)
A. G.Gunsh.
B. S.Ciardhuain
C. J.Korn.
D. G.Palmar
Ans: D
4. The investigator should satisfy the following points:
A. Contribute to society and human beings.
B. Avoid harm to others.
C. Honest and trustworthy.
D. All of the above
Ans: D
5. In the past, the method for expressing an opinion has been to frame a ____ question based on
available factual evidence.
A. Hypothetical
B. Nested
C. Challenging
D. Contradictory
Ans: A
6. More subtle because you are not aware that you are running these macros (the document opens and the application automatically runs); spread via email
A. The purpose of the copyright
B. The danger of macro viruses
C. Derivative works
D. computer-specific crime
Ans: B
7. There are three c's in computer forensics. Which is one of the three?
A. Control
B. Chance
C. Chains
D. Core
Ans: A
8. When Federal Bureau Investigation program was created?
A.1979
B.1984
C.1995
D.1989
Ans: B
9. When the field of PC forensics began?
A.1960's
B.1970's
C.1980's
D.1990's
Ans: C
10. What is Digital Forensic?
A. Process of using scientific knowledge in analysis and presentation of evidence in court
B. The application of computer science and investigative procedures for a legal purpose
involving the analysis of digital evidence after proper search authority, the chain of custody,
validation with mathematics, use of validated tools, repeatability, reporting, and possible
expert presentation
C. process where we develop and test hypotheses that answer questions about digital events
D. Use of science or technology in the investigation and establishment of the facts or
evidence in a court of law
Ans: B
11. Digital Forensics entails _____.
A. Accessing the system's directories viewing mode and navigating through the various systems
files and folders
B. Undeleting and recovering lost files
C. Identifying and solving computer crimes
D. The identification, preservation, recovery, restoration, and presentation of digital evidence
from systems and devices
Ans: D
12. Which of the following is FALSE?
A. The digital forensic investigator must maintain absolute objectivity
B. It is the investigator’s job to determine someone’s guilt or innocence.
C. It is the investigator’s responsibility to accurately report the relevant facts of a case.
D. The investigator must maintain strict confidentiality, discussing the results of an investigation
on only a “need to know”
Ans: B
13. What is the most significant legal issue in computer forensics?
A. Preserving Evidence
B. Seizing Evidence
C. Admissibility of Evidence
D. Discovery of Evidence
Ans: C
14. _______phase includes putting the pieces of a digital puzzle together and developing
investigative hypotheses
A. Preservation phase
B. Survey phase
C. Documentation phase
D. Reconstruction phase
E. Presentation phase
Ans: D
15. In _______phase investigator transfers the relevant data from a venue out of physical or
administrative control of the investigator to a controlled location
A. Preservation phase
B. Survey phase
C. Documentation phase
D. Reconstruction phase
E. Presentation phase
Ans: B
16. In _______phase investigator transfers the relevant data from a venue out of physical or
administrative control of the investigator to a controlled location
A. Preservation phase
B. Survey phase
C. Documentation phase
D. Reconstruction phase
E. Presentation phase
Ans: B
17. Computer forensics do not involve_____activity.
A. Preservation of computer data.
B. Extraction of computer data.
C. Manipulation of computer data.
D. Interpretation of computer data.
Ans: C
18. A set of instruction compiled into a program that perform a particular task is known as:
A. Hardware.
B.CPU
C. Motherboard
D. Software
Ans: D
19. Which of following is not a rule of digital forensics?
A. An examination should be performed on the original data
B. A copy is made onto forensically sterile media. New media should always be used if
available.
C. The copy of the evidence must be an exact, bit-by-bit copy
D. The examination must be conducted in such a way as to prevent any modification of the
evidence.
Ans: A
20. To collect and analyze the digital evidence that was obtained from the physical investigation
phase, is the goal of which phase?
A. Physical crime investigation
B. Digital crime investigation.
C. Review phase.
D. Deployment phase.
Ans: B
21. To provide a mechanism to an incident to be detected and confirmed is purpose of which
phase?
A. Physical crime investigation
B. Digital crime investigation.
C. Review phase.
D. Deployment phase.
Ans: D
22. Which phase entails a review of the whole investigation and identifies an area of improvement?
A. Physical crime investigation
B. Digital crime investigation.
C. Review phase.
D. Deployment phase
Ans: C
23. ____________is known as father of computer forensic.
A. G. Palmar
B. J. Korn
C. Michael Anderson
D. S.Ciardhuain.
Ans: C
24. ___________is well established science where various contribution have been made
A. Forensic
B. Crime
C. Cyber Crime
D. Evidence
Ans: A
25. Who proposed End to End Digital Investigation Process (EEDIP)?
A. G. Palmar
B. Stephenson
C. Michael Anderson
D. S.Ciardhuain
Ans: B
26. Which model of Investigation proposed by Carrier and Safford?
A. Extended Model of Cybercrime Investigation (EMCI)
B. Integrated Digital Investigation Process(IDIP)
C. Road Map for Digital Forensic Research (RMDFR)
D. Abstract Digital Forensic Model (ADFM)
Ans: B
27. Which of the following is not a property of computer evidence?
A. Authentic and Accurate.
B. Complete and Convincing.
C. Duplicated and Preserved.
D. Conform and Human Readable.
Ans. D
28. _______can makes or breaks investigation.
A. Crime
B. Security
C: Digital Forensic
D: Evidence
Ans: D
29. __________ is software that blocks unauthorized users from connecting to your computer.
A. Firewall
B. Quick launch
C. OneLogin
D. Centrify
Ans: A
30. Which of the following are general Ethical norms for Investigator?
A. To contribute to society and human beings.
B. To avoid harm to others.
C. To be honest and trustworthy.
D. All of the above
E. None of the above
Ans: D
31. Which of the following are Unethical norms for Investigator?
A. Uphold any relevant evidence.
B. Declare any confidential matters or knowledge.
C. Distort or falsify education, training, credentials.
D. All of the above
E. None of the above
Ans: D
32. Which of the following is not a general ethical norm for Investigator?
A. To contribute to society and human beings.
B. Uphold any relevant Evidence.
C. To be honest and trustworthy.
D. To honor confidentially.
Ans: B
33. Which of the following is a not unethical norm for Digital Forensics Investigation?
A. Uphold any relevant evidence.
B. Declare any confidential matters or knowledge.
C. Distort or falsify education, training, credentials.
D. To respect the privacy of others.
Ans: D
34. What is called as the process of creation a duplicate of digital media for purpose of
examining it?
A. Acquisition.
B. Steganography.
C. Live analysis
D. Hashing.
Ans: A
35. Which term refers to modifying a computer in a way which was not originally intended to
view Information?
A. Metadata
B. Live analysis
C. Hacking
D. Bit Copy
Ans: C
36. The ability to recover and read deleted or damaged files from a criminal’s computer is an
example of a law enforcement specialty called?
A. Robotics
B. Simulation
C. Computer Forensics
D. Animation
Ans: C
37. What are the important parts of the mobile device which used in Digital forensic?
A. SIM
B. RAM
C. ROM.
D.EMMC chip
Ans: D
38. Using what, data hiding in encrypted images be carried out in digital forensics?
A. Acquisition.
B. Steganography.
C. Live analysis
D. Hashing.
And: B
39. Which of this is not a computer crime?
A. e-mail harassment
B. Falsification of data.
C. Sabotage.
D. Identification of data
Ans. D
40. Which file is used to store the user entered password?
A. .exe
B. .txt
C. .iso
D. .sam
Ans: D
41. __________is the process of recording as much data as possible to create reports and analysis
on user input.
A. Data mining
B. Data carving
C. Metadata
D. Data Spoofing.
Ans: A
42. ________searches through raw data on a hard drive without using a file system.
A. Data mining
B. Data carving
C. Metadata
D. Data Spoofing.
Ans: B
43. What is the first step to Handle Retrieving Data from an Encrypted Hard Drive?
A. Formatting disk
B. Storing data
C. Finding configuration files.
D. Deleting Files
Ans: C
Chapter 4: Digital Evidence
1. A valid definition of digital evidence is:
A. Data stored or transmitted using a computer
B. Information of probative value
C. Digital data of probative value
D. Any digital evidence on a computer
Ans: C
2. What are the three general categories of computer systems that can contain digital evidence?
A. Desktop, laptop, server
B. Personal computer, Internet, mobile telephone
C. Hardware, software, networks
D. Open computer systems, communication systems, and embedded systems
Ans: D
3. In terms of digital evidence, a hard drive is an example of:
A. Open computer systems
B. Communication systems
C. Embedded computer systems
D. None of the above
Ans: A
4. In terms of digital evidence, a mobile telephone is an example of:
A. Open computer systems
B. Communication systems
C. Embedded computer systems
D. None of the above
Ans: C
5. In terms of digital evidence, a Smart Card is an example of:
A. Open computer systems
B. Communication systems
C. Embedded computer systems
D. None of the above
Ans: C
6. In terms of digital evidence, the Internet is an example of:
A. Open computer systems
B. Communication systems
C. Embedded computer systems
D. None of the above
Ans: B
7. Computers can be involved in which of the following types of crime?
A. Homicide and sexual assault
B. Computer intrusions and intellectual property theft
C. Civil disputes
D. All the above
Ans: D
8. A logon record tells us that, at a specific time:
A. An unknown person logged into the system using the account
B. The owner of a specific account logged into the system
C. The account was used to log into the system
D. None of the above
Ans: C
9. Cyber trails are advantageous because:
A. They are not connected to the physical world.
B. Nobody can be harmed by crime on the Internet.
C. They are easy to follow.
D. Offenders who are unaware of them leave behind more clues than they otherwise would have.
Ans: D
10. Private networks can be a richer source of evidence than the Internet because:
A. They retain data for longer periods of time.
B. Owners of private networks are more cooperative with law enforcement.
C. Private networks contain a higher concentration of digital evidence. D. All the above.
Ans: C
11. Due to caseload and budget constraints, often computer security professionals attempt to limit the damage and close each investigation as quickly as possible. Which of the following is NOT a significant drawback to this approach?
A. Each unreported incident robs attorneys and law enforcement personnel of an opportunity to learn about the basics of computer-related crime.
B. Responsibility for incident resolution frequently does not reside with the security professional, but with management.
C. This approach results in under-reporting of criminal activity, deflating statistics that are used to allocate corporate and government spending on combating computer-related crime.
D. Computer security professionals develop loose evidence processing habits that can make it more difficult for law enforcement personnel and attorneys to prosecute an offender. None of the above
Ans: B
12. The criminological principle which states that, when anyone, or anything, enters a crime scene he/she takes something of the scene with him/her, and leaves something of himself/herself behind, is:
A. Locard’s Exchange Principle
B. Differential Association Theory
C. Beccaria’s Social Contract
D. None of the above
Ans: A
13. The author of a series of threatening e-mails consistently uses “im” instead of “I’m.” This is an example of:
A. An individual characteristic
B. An incidental characteristic
C. A class characteristic
D. An indeterminate characteristic
Ans: A
14. Personal computers and networks are often a valuable source of evidence. Those involved with _______ should be comfortable with this technology.
A. Criminal investigation
B. Prosecution
C. Defense work
D. All of the above
Ans:
15. An argument for including computer forensic training computer security specialists is:
A. It provides an additional credential.
B. It provides them with the tools to conduct their own investigations.
C. It teaches them when it is time to call in law enforcement.
D. None of the above.
Ans: C
16. The digital evidence are used to establish a credible link between____________
A. Attacker and victim and the crime scene
B. Attacker and the crime scene
C. Victim and the crime scene
D. Attacker and Information
Ans: A
17. Digital evidences must follow the requirements of the ___________
A. Ideal Evidence rule
B. Best Evidence rule
C. Exchange rule
D. All the mentioned
Ans: B
18. From the two given statements 1 and 2, select the correct option from a-d.
a. Original media can be used to carry out digital investigation process.
b. By default, every part of the victim’s computer is considered as unreliable.
A. a and b both are true
B. a is true and b is false
C. a and b both are false
D. a is false and b is true
Ans: B
19. The evidences or proof can be obtained from the electronic source is called the ___________
A. digital evidence
B. demonstrative evidence
C. Explainable evidence
D. substantial evidence
Ans: A
20. Which of the following is not a type of volatile evidence?
A. Routing tables
B. Main memory
C. Log files
D. Cached data
Ans: C
21. The evidence must be usable in the court which is called as_______
A. Admissible
B. Authentic
C. Complete
D. Reliable
Ans: A
22. Photographs, videos, sound recordings, X-rays, maps drawing, graphs, charts is a a type of _____________
A. Illustrative evidence
B. Electronic evidence
C. Documented evidence
D. Explainable evidence
Ans: A
23. Email, hard drives are examples of ____________
A. Illustrative evidence
B. Electronic evidence
C. Documented evidence
D. Explainable evidence
Ans: B
24. Blood, fingerprints, DNA these are examples of____________
A. Illustrative evidence
B. Electronic evidence
C. Documented evidence
D. Substantial evidence
Ans: D
25. When an incident takes place, a criminal will leave a hint evidence at the scene and remove a hint from the scene which is called as ____________
A. Locard’s Exchange principle
B. Anderson’s Exchange principle
C. Charles’s Anthony principle
D. Kevin Ashton principle
Ans: A
26. Which is not procedure to establish a chain of custody?
A. Save the original materials.
B. Take photos of physical evidence.
C. Don’t take screenshots of digital evidence content.
D. Document date, time, and any other information of receipt.
Ans: C
27. Which is not related with digital evidence?
A. Work with the original evidence to develop procedures.
B. Use clean collecting media.
C. Document any extra scope.
D. Consider safety of personnel at the scene.
Ans: A
28. Which is example of non-volatile memory.
A. Flash memory
B. Registers and Cache
C. Process table
D. Arp cache
Ans: A
29._________ is known as testimonial.
A. Oath affidavit
B. DNA samples
C. Fingerprint
D. Dried blood
Ans: A
30.The process of ensuring that providing or obtaining the data that you have collected is similar to the data provided or presented in a court is known as___________
A. Evidence validation
B. Relative evidence
C. Best evidence
D. Illustrative evidence
Ans: A
31.When cases got to trial your forensics examiner play one of ____ role.
A. 2
B. 4
C. 3
D. 5
Ans. A
32.Types of digital evidence
A. Eye witness
B. Picture and video
C. Paper work
D. None of the above
Ans B
33.Rule of evidence is also known as __________
A. Law of witness
B. Law of litigation
C. Law of evidence
D. All of the above
Ans. C
Chapter 5: Basics of hacking
Chapter6: Digital Evidence
1. SNMP stands for
a) Simple Network Messaging Protocol
b) Simple Network Mailing Protocol
c) Simple Network Management Protocol
d) Simple Network Master Protocol
Answer: Simple Network Management Protocol
2. Which of the following tool is used forNetwork Testing and port scanning?
a) NetCat
b) SuperScan
c) NetScan
d) All of Above
Answer: All of Above
3. Banner grabbing is often used for
a) White Hat Hacking
b) Black Hat Hacking
c) Gray Hat Hacking
d) Script Kiddies
Answer: White Hat Hacking
4. An attacker can create an attack by sending hundreds or thousands of e-mails with very large attachments.
a) Connection Attack
b) Auto responder Attack
c) Attachment Overloading Attack
c) All of the above
Answer: Attachment Overloading Attack
5. An email bomb is also known as
a) Post bomb
b) Internet bomb
c) Letter bomb
d) All of the above
Answer: Letter bomb
6. is any action that might compromise cyber-security.
a) Threat
b) Vulnerability
c) Exploit
d) Attack
Answer: a
Explanation: Threat can be termed as a possible danger that may lead to breach the cyber security and may cause
possible harm to the system or the network.
7. Existence of weakness in a system or network is called
a) Threat
b) Vulnerability
c) Exploit
d) Attack
Answer: b
Explanation: Vulnerability is the term used to define weakness in any network or system that can get exploited by
an attacker. Exploiting the weakness can lead to the unexpected & undesirable event in cyber security.
8. is an act of hacking by the means of which a political or social message is conveyed.
a) Hacktivism
b) Whistle-blowing
c) Surveillance
d) Pseudonymization
Answer: a
Explanation: Hacktivism is an act of defacing a website, or any network or system. Systems and networks are
compromised with a political or social agenda.
9. is the method of developing or creating a structurally similar yet unauthentic and illegitimate data of any firm or company.
a) Data copying
b) Data masking
c) Data breaching
d) Data duplicating
Answer: b
Explanation: Data masking is the method used for developing or creating a structurally similar version of data of any
organization that is not authentic. These types of unauthentic data are purposefully created for protecting the actual data.
10. Data masking is also known as
a) Data obfuscation
b) Data copying
c) Data breaching
d) Data duplicating
Answer: a
Explanation: Data obfuscation is the alternate term used for data masking, that is used for developing or creating a
structurally similar version of data of any organization that is not authentic. These types of unauthentic data are purposefully created for protecting the actual data
11. Backdoors are also known as
a) Trap doors
b) Front doors
c) Cover doors
d) Back entry
Answer: a
Explanation: Trap-doors are hidden entry points in any already hacked system that is set to bypass
security measures.
12. Adware are pre-chosen developed to display ads.
a) banner
b) software
c) malware
d) shareware
Answer: b
Explanation: Adware is software that is displayed on system or web pages for showing pre-chosen ads.
13. is an attack technique occurs when excess data gets written to a memory block.
a) Over buffering
b) Buffering
c) Buffer overflow
d) Memory full
Answer: c
Explanation: Buffer overflow is a flaw that occurs in memory when excessive data is written which makes the buffer
allocated to seize.
14. is an attempt to steal, spy, damage or destroy computer systems, networks or their associated information.
a) Cyber-security
b) Cyber-attack
c) Digital hacking
d) Computer security
Answer: b
Explanation: Cyber-attack can be defined as an attempt to steal, spy, damage or destroy different components of
cyberspace such as computer systems, associated peripherals, network systems, and information.
15. is a device which secretly collects data from credit / debit cards.
a) Card Skimmer
b) Data Stealer
c) Card Copier
d) Card cloner
Answer: a
Explanation: Card skimmer is hardware that is installed and setup in ATMs secretly so that when any user will
swipe or insert their card in the ATM, the skimmer will fetch all information from the magnetic strip.
16. is the way or technique through which majority of the malware gets installed in our system.
a) Drive-by click
b) Drive-by redirection
c) Drive-by download
d) Drive-by injecting USB devices
Answer: c
Explanation: An accidental yet dangerous action that takes place in the cyberspace which helps attackers place
their malware into the victim‟s system. This technique is called Drive-by download.
17. is the hacking approach where cyber-criminals design fake websites or pages for tricking or gaining additional traffic.
a) Cyber-replication
b) Mimicking
c) Website-Duplication
d) Pharming
Answer: a
Explanation: The technique and approach through which cyber-crooks develop fake web pages and sites to trick
people for gaining personal details such as login ID and password as well as personal information, is known as pharming.
18. RAM-Scraping is a special kind of malware that looks (scrap
e) for sensitive data in the hard drive.
a) True
b) False
Answer: a
Explanation: It is a special kind of malware that looks for sensitive data that you‟ve stored in your hard drive. RAM-
scraping is one of those kinds.
19. When you book online tickets by swiping your card, the details of the card gets stored in
a) database system
b) point-of-sale system
c) servers
d) hard drives
Answer: b
Explanation: The point-of-sale system is a system where the retailer or company stores financial records and card
details of the e-commerce system or online business transactions.
20. are deadly exploits where the vulnerability is known and found by cyber-criminals but not known and fixed by the owner of that application or company.
a) Unknown attacks
b) Secret attacks
c) Elite exploits
d) Zero-day exploits
Answer: d
Explanation: Zero-day exploits are used to attack a system as soon as cyber-criminals came to know about the
weakness or the day the weaknesses are discovered in a system. Hackers exploit these types of vulnerabilities before the creator releases the patch or fix the issue.
21. Zero-day exploits are also called
a) zero-day attacks
b) hidden attacks
c) un-patched attacks
d) un-fixed exploits
Answer: a
Explanation: Zero-day exploits are also called zero-day attacks where the vulnerability is known and found by
cyber-criminals or ethical hackers but not known and fixed by the creator/owner of that application or company.
22. There are major types of ports in computers.
a) 1
b) 2
c) 3
d) 4
Answer: b
Explanation: There are 2 major types of ports in computer systems. These are physical ports and logical ports.
23. PS2 and DVI are examples of Logical ports.
a) True
b) False
Answer: b
Explanation: PS2 and DVI are examples of physical ports. Physical ports can be touched and seen with our naked
eyes.
24. Physical ports are usually referred to as
a) jacks
b) cables
c) interfaces
d) hardware plugs
Answer: c
Explanation: Physical ports are connections that connect two systems for their interactions. LAN, PS2 and DVI are
examples of physical ports.
25. are logical numbers assigned for logical connections.
a) Logical ports
b) Physical ports
c) Networking cables
d) IP address
Answer: a
Explanation: Logical ports are end-point to a logical connection. The numbers are pre-assigned by IANA (Internet
Assigned Numbers Authorit
y) which ranges from 0 –
65536.
26. Logical ports are also known as
a) numbered ports
b) virtual numbering
c) virtual ports
d) network protocol ports
Answer: c
Explanation: Logical ports are also known as virtual ports which are part of TCP/IP networking. The numbers of
ports are pre-assigned by IANA (Internet Assigned Numbers Authorit
y) which ranges from 0 –
65536.
27. Which of the following is the port number for FTP data?
a) 20
b) 21
c) 22
d) 23
Answer: a
Explanation: Port number 20 is the logical port number for FTP data service. FTP protocol is a standard protocol
used for transmitting and receiving files from client to server through a network.
28. Which of the following is the port number for SMTP data?
a) 20
b) 21
c) 25
d) 23
Answer: c
29. Which of the following is the port number for FTP control?
a) 20
b) 21
c) 22
d) 23
Answer: b
Explanation: Port number 21 is the logical port number for FTP control service. FTP protocol is a standard protocol
used for transmitting and receiving files from client to server through a network.
30. Which of the following is the port number for SSH (Secure Shel
l)?
a) 20
b) 21
c) 22
d) 23
Answer: c
Explanation: Port number 22 is the logical port number for Secure Shell service. SSH gives users (specifically
system administrator
s), a way to securely access computers on unsecured network connectivity.
31. Which of the following is the port number for Telnet?
a) 20
b) 21
c) 22
d) 23
Answer: d
Explanation: Port number 23 is the logical port number for Telnet. Telnet is used for bi-directional communication
over the internet in text-oriented format. It also gives virtual terminal connectivity.
32. Which of the following are the port numbers for IPSec service?
a) 50, 51
b) 49, 50
c) 51, 52
d) 23, 24
Answer: a
Explanation: Port numbers 50 and 51 are the logical port numbers for IPSec service. IPSec is a standard protocols
suite used among 2 communication points that help in providing data authentication, confidentiality, and integrity.
33. Which of the following are the port numbers for DHCP?
a) 66, 67
b) 67, 68
c) 65, 66
d) 68, 69
Answer: c
Explanation: Port numbers 67 and 68 are the logical port numbers for Dynamic Host Configuration Protocol (DHCP)
service. It helps in providing Internet Protocol (IP) host automatically along with related configuration information like subnet mask and default gateway.
34. Which of the following is the port number for TFTP service?
a) 69
b) 70
c) 71
d) 72
Answer: a
Explanation: Port number 69 is the logical port number for Trivial File Transfer Protocol (TFTP) service. It is an
internet software utility protocol used for transferring files.
35. Port 80 handles unencrypted web traffic.
a) True
b) False
Answer: a
Explanation: Ports are assigned to different services for identification of which port is sending traffic over the
network. Port 80 is used by the popular HTTP (Hyper Text Transfer Protoco
l) that handles unencrypted web traffic.
36. Why it is important to know which service is using which port number?
a) For database security
b) For reporting data security to the auditor
c) For understanding which data is going through secured traffic and which is not
d) For checking unused data traffic
Answer: c
Explanation: If a security analyst or ethical hacker knows which port is open and through which port data is going,
he/she will be able to know which data is going in encrypted form and which one is not. Also, it helps in securing a system by closing the logical ports so that hackers cannot gain access through them.
37. Which of the following is the port number for HTTP?
a) 79
b) 80
c) 81
d) 82
Answer: b
Explanation: Port number 80 is the logical port number for the popular Hyper-Text Transfer Protocol (HTTP)
service. This protocol defines how messages are formatted and transmitted over unencrypted traffic.
38. Which of the following is the port number for POP3?
a) 110
b) 111
c) 112
d) 113
Answer: a
Explanation: Port number 110 is the logical port number for Post Office Protocol-3 service. This protocol periodically
checks our mail-box for synchronizing our latest emails with that of the server.
39. Which of the following is the port number for SNMP?
a) 160
b) 161
c) 162
d) 163
Answer: b
Explanation: Port number 161 is the logical port number for Simple Network Management Protocol (SNMP) service.
It‟s an application layer protocol that helps in managing and monitoring our network devices.
40. Firewalls can be of kinds.
a) 1
b) 2
c) 3
d) 4
Answer: c
Explanation: Firewalls are of three kinds – one is the hardware firewalls, another is software firewalls and the other
is a combination of both hardware and software.
41. An ethical hacker must need to have the skills of understanding the problem, networking knowledge and to know how the technology works.
a) True
b) False
Answer: a
Explanation: An ethical hacker must need to have the skills of understanding the problem, networking knowledge
and to know how the technology works. Password guessing and securing, network traffic sniffing, exploring for vulnerabilities are some other skills.
42. enables a hacker to open a piece of program or application and re-build it with further features & capabilities.
a) Social engineering
b) Reverse engineering
c) Planting malware
d) Injecting code
Answer: b
Explanation: Reverse engineering is the technique used to enable a hacker to open a piece of program or
application (usually in a low-level language such as Assembly languag
e) and re-build it with further features & capabilities.
43. Which of the following do not comes under the intangible skills of hackers?
a) Creative thinking
b) Problem-solving capability
c) Persistence
d) Smart attacking potential
Answer: d
Explanation: Every hacker must possess some intangible skill-set such as creative thinking to process out a new
way of penetrating a system, problem-solving skills as to cease down any active attack and persistence, try in different ways without losing hope.
44. Why programming language is important for ethical hackers and security professionals?
a) Only to write malware
b) For solving problems and building tool and programs
c) To teach programming
d) To develop programs to harm others
Answer: b
Explanation: A programming language is important for hackers and security professionals to understand so that
they can understand the working behaviour of any virus, ransomware, or other malware, or write their own defense code to solve a problem. Nowadays, security tools and malware are developed by security professionals with high skills and knowledge.
45. Understanding of is also important for gaining access to a system through networks.
a) OS
b) email-servers
c) networking
d) hardware
Answer: c
Explanation: A proper understanding of networking is very important for hackers who are trying to gain access to a
system through networks. How TCP/IP works, how topologies are formed and what protocols are used for what purposes are some mandatory stuff a hacker or security professional must understand.
46. For hacking a database or accessing and manipulating data which of the following language the hacker must know?
a) SQL
b) HTML
c) Tcl
d) F#
Answer: a
Explanation: For hacking a database or accessing and manipulating data, a hacker must need to have the
knowledge of SQL (Structured Query Languag
e). From a hacker‟s perspective, if you‟ve accessed any database for short period of time and want to change some specific data, you must need to write a proper SQL query to search for or implement your hack faster.
47. Information Gathering about the system or the person or about organization or network is not important.
a) True
b) False
Answer: b
Explanation: Information Gathering about the system or the person or about organization or network is not
important so that as a hacker one can get to know well about the target system or victim.
48. is an ethical hacking technique used for determining what operating system (OS) is running on a remote computer.
a) Footprinting
b) Cyber-printing
c) OS fingerprinting
d) OS penetration testing
Answer: c
Explanation: OS fingerprinting is an ethical hacking technique used for determining what operating system (OS) is
running on a remote computer.
49. How many types of fingerprinting are there in ethical hacking?
a) 5
b) 4
c) 3
d) 2
Answer: d
Explanation: There are two types of fingerprinting in ethical hacking. These are active fingerprinting and passive
fingerprinting. Active fingerprinting is gained if you send especially skilled packets to a target machine whereas passive fingerprinting is dependent on sniffer traces from the remote computer.
50. is a common tool used for doing OS fingerprinting.
a) Hping
b) Wireshark
c) Nmap
d) Nessus
Answer: c
Explanation: Nmap is a common tool that is used for performing OS fingerprinting. Before targeting any system for
the attack, it is necessary to know what OS the website is hosting, which can be found out using some simple command of this tool.
51. To secure your system from such type of attack, you have to hide your system behind any VPN or proxy server.
a) True
b) False
Answer: a
Explanation: It is recommended to hide your system from such fingerprinting attack, performed by hackers, with a
secure proxy server by using VPN tools. This technique will completely preserve your identity and hence your system.
52. A is a network scanning practice through which hackers can use to conclude to a point which IP address from a list of IP addresses is mapping to live hosts.
a) ping-based hacking
b) ping sweep
c) ping-range
d) pinging
Answer: b
Explanation: A ping sweep is a network scanning practice through which hackers can use to conclude to a point
which IP address from a list of IP addresses is mapping to live hosts.
53. Ping sweep is also known as
a) ICMP sweep
b) SNMP sweep
c) SGNP sweep
d) SICMP sweep
Answer: a
Explanation: A ping sweep which is also known as ICMP sweep is a network scanning practice through which
hackers can use to conclude to a point which IP address from a list of IP addresses is mapping to live hosts.
54. The command is used on Linux for getting the DNS and host-related information.
a) dnslookup
b) lookup
c) nslookup
d) infolookup
Answer: c
Explanation: The „nslookup‟ command is used on Linux for getting the DNS and host-related information. DNS
enumeration is the method used to locate all the DNS-servers and their associated records.
55. The configuration of DNS needs to be done in a secure way.
a) True
b) False
Answer: a
Explanation: Configuration of DNS needs to be done in a secure way, otherwise it is possible that cyber-criminals
and hackers may take away lots of sensitive information from the organization.
56. are piece of programs or scripts that allow hackers to take control over any system.
a) Exploits
b) Antivirus
c) Firewall by-passers
d) Worms
Answer: a
Explanation: Exploits are the piece of programs or scripts that allow hackers to take control over any system.
Vulnerability scanners such as Nexpose and Nessus are used for finding such vulnerabilities.
57. The process of finding vulnerabilities and exploiting them using exploitable scripts or programs are known as
a) infiltrating
b) exploitation
c) cracking
d) hacking
Answer: b
Explanation: The process of finding vulnerabilities and exploiting them using exploitable scripts or programs are
known as exploitation. Vulnerability scanners such as Nexpose and Nessus are used for finding such vulnerabilities and then they are exploited using such programs and scripts.
58. Which of them is not a powerful vulnerability detecting tool?
a) Nessus
b) Nexpose
c) Metasploit
d) Nmap
Answer: d
Explanation: Some of the most widely used tools for detecting vulnerabilities in a system are Nessus, Nexpose,
Metasploit and OpenVAS. Hackers use these tools for detecting vulnerabilities and then write exploits to exploit the systems.
59. is the specific search engine for exploits where anyone can find all the exploits associated to vulnerability.
a) Google
b) Bing
c) Exploit-db
d) Exploit-engine
Answer: c
Explanation: Since based on vulnerabilities, we can find exploits, Exploit-db is the specific search engine for
exploits where anyone can find all the exploits associated with vulnerability. You can find this from https://www.exploit-db.com.
60. Which of the following is not a type of cyber crime?
a) Data theft
b) Forgery
c) Damage to data and systems
d) Installing antivirus for protection
Answer: d
Explanation: Cyber crimes are one of the most threatening terms that is an evolving phase. It is said that major
percentage of the World War III will be based on cyber-attacks by cyber armies of different countries.
61. Cyber-laws are incorporated for punishing all criminals only.
a) True
b) False
Answer: b
Explanation: Cyber-laws were incorporated in our law book not only to punish cyber criminals but to reduce cyber
crimes and tie the hands of citizens from doing illicit digital acts that harm or damage other‟s digital property or identity.
62. Cyber-crime can be categorized into types.
a) 4
b) 3
c) 2
d) 6
Answer: c
Explanation: Cyber crime can be categorized into 2 types. These are peer-to-peer attack and computer as weapon.
In peer-to-peer attack, attackers target the victim users; and in computer as weapon attack technique, computers are used by attackers for a mass attack such as illegal and banned photo leak, IPR violation, pornography, cyber terrorism etc.
63. Which of the following is not a type of peer-to-peer cyber-crime?
a) Phishing
b) Injecting Trojans to a target victim
c) MiTM
d) Credit card details leak in deep web
Answer: d
Explanation: Phishing, injecting Trojans and worms to individuals comes under peer-to-peer cyber crime. Whereas,
leakage of credit card data of a large number of people in deep web comes under computer as weapon cyber- crime.
64. Which of the following is not an example of a computer as weapon cyber-crime?
a) Credit card fraudulent
b) Spying someone using keylogger
c) IPR Violation
d) Pornography
Answer: b
Explanation: DDoS (Distributed Denial of Servic
e), IPR violation, pornography are mass attacks done using a
computer. Spying someone using keylogger is an example of peer-to-peer attack.
65. Which of the following is not done by cyber criminals?
a) Unauthorized account access
b) Mass attack using Trojans as botnets
c) Email spoofing and spamming
d) Report vulnerability in any system
Answer: d
Explanation: Cyber-criminals are involved in activities like accessing online accounts in unauthorized manner; use
Trojans to attack large systems, sending spoofed emails. But cyber-criminals do not report any bug is found in a system, rather they exploit the bug for their profit.
66. What is the name of the IT law that India is having in the Indian legislature?
a) India‟s Technology (IT) Act, 2000
b) India‟s Digital Information Technology (DIT) Act, 2000
c) India‟s Information Technology (IT) Act, 2000
d) The Technology Act, 2008
Answer: c
Explanation: The Indian legislature thought of adding a chapter that is dedicated to cyber law. This finally brought
India‟s Information Technology (IT) Act, 2000 which deals with the different cyber-crimes and their associated laws.
67. In which year India’s IT Act came into existence?
a) 2000
b) 2001
c) 2002
d) 2003
Answer: a
Explanation: On 17th Oct 2000, the Indian legislature thought of adding a chapter that is dedicated to cyber law, for
which India‟s Information Technology (IT) Act, 2000 came into existence.
68. What is the full form of ITA-2000?
a) Information Tech Act -2000
b) Indian Technology Act -2000
c) International Technology Act -2000
d) Information Technology Act -2000
Answer: d
Explanation: Information Technology Act -2000 (ITA-2000), came into existence on 17
th Oct 2000, that is dedicated to cyber-crime and e-commerce law in India.
69. The Information Technology Act -2000 bill was passed by K. R. Narayanan.
a) True
b) False
Answer: b
Explanation: The bill was passed & signed by Dr. K. R. Narayanan on 9th May, in the year
2000. The bill got
finalised by head officials along with the Minister of Information Technology, Pramod Mahajan.
70. Under which section of IT Act, stealing any digital asset or information is written a cyber-crime.
a) 65
b) 65-D
c) 67
d) 70
Answer: a
Explanation: When a cyber-criminal steals any computer documents, assets or any software‟s source code from
any organization, individual, or from any other means then the cyber crime falls under section 65 of IT Act,
2000.
71. What is the punishment in India for stealing computer documents, assets or any software’s source code from any organization, individual, or from any other means?
a) 6 months of imprisonment and a fine of Rs. 50,000
b) 1 year of imprisonment and a fine of Rs. 100,000
c) 2 years of imprisonment and a fine of Rs. 250,000
d) 3 years of imprisonment and a fine of Rs. 500,000
Answer: d
Explanation: The punishment in India for stealing computer documents, assets or any software‟s source code from
any organization, individual, or from any other means is 3 years of imprisonment and a fine of Rs. 500,
000.
72. What is the updated version of the IT Act, 2000?
a) IT Act, 2007
b) Advanced IT Act, 2007
c) IT Act, 2008
d) Advanced IT Act, 2008
Answer: c
Explanation: In the year 2008, the IT Act, 2000 was updated and came up with a much broader and precise law on
different computer-related crimes and cyber offenses.
73. In which year the Indian IT Act, 2000 got updated?
a) 2006
b) 2008
c) 2010
d) 2012
Answer: b
Explanation: In the year 2008, the IT Act, 2000 was updated and came up with a much broader and precise law on
different computer-related crimes and cyber offenses.
74. What type of cyber-crime, its laws and punishments does section 66 of the Indian IT Act holds?
a) Cracking or illegally hack into any system
b) Putting antivirus into the victim
c) Stealing data
d) Stealing hardware components
Answer: a
Explanation: Under section 66 of IT Act, 2000 which later came up with a much broader and precise law says that
cracking or illegally hacking into any victim‟s computer is a crime. It covers a wide range of cyber-crimes under this section of the IT Act.
75. What is the ethics behind training how to hack a system?
a) To think like hackers and know how to defend such attacks
b) To hack a system without the permission
c) To hack a network that is vulnerable
d) To corrupt software or service using malware
Answer: a
Explanation: It is important for ethical hackers and security professional to know how the cyber-criminals think and
proceed to target any system or network. This is why ethical hackers and penetration testers are trained with proper ethics to simulate such a scenario as how the real cyber-attack takes place.
76. Performing a shoulder surfing in order to check other’s password is ethical practice.
a) a good
b) not so good
c) very good social engineering practice
d) a bad
Answer: d
Explanation: Overlooking or peeping into someone‟s system when he/she is entering his/her password is a bad
practice and is against the ethics of conduct for every individual. Shoulder surfing is a social engineering attack approach used by some cyber-criminals to know your password and gain access to your system later.
77. has now evolved to be one of the most popular automated tools for unethical hacking.
a) Automated apps
b) Database software
c) Malware
d) Worms
Answer: c
Explanation: Malware is one of the biggest culprits that harm companies because they are programmed to do the
malicious task automatically and help hackers do illicit activities with sophistication.
78. Leaking your company data to the outside network without prior permission of senior authority is a crime.
a) True
b) False
Answer: a
Explanation: Without prior permission of the senior authority or any senior member, if you‟re leaking or taking our
your company‟s data outside (and which is confidentia
l), then it‟s against the code of corporate ethics.
79. is the technique used in business organizations and firms to protect IT assets.
a) Ethical hacking
b) Unethical hacking
c) Fixing bugs
d) Internal data-breach
Answer: a
Explanation: Ethical hacking is that used by business organizations and firms for exploiting vulnerabilities to secure
the firm. Ethical hackers help in increasing the capabilities of any organization or firm in protecting their IT and information assets.
80. The legal risks of ethical hacking include lawsuits due to of personal data.
a) stealing
b) disclosure
c) deleting
d) hacking
Answer: b
Explanation: The legal risks of ethical hacking contains lawsuits due to disclosure of personal data during the
penetration testing phase. Such disclosure of confidential data may lead to a legal fight between the ethical hacker and the organization.
81. Before performing any penetration test, through legal procedure, which key points listed below is not mandatory?
a) Know the nature of the organization
b) Characteristics of work done in the firm
c) System and network
d) Type of broadband company used by the firm
Answer: d
Explanation: Before performing any penetration test, through the legal procedure the key points that the penetration
tester must keep in mind are –
i) Know the nature of the organization i
i) what type of work the organization do and ii
i) the system and networks used in various departments and their confidential data that are sent and received over the network. Page 16 of 16
82. An ethical hacker must ensure that proprietary information of the firm does not get leaked.
a) True
b) False
Answer: a
Explanation: Yes, it is very important for an ethical hacker to make sure that while doing penetration tests, the
confidential data and proprietary information are preserved properly and not get leaked to the external network.
83. After performing the ethical hacker should never disclose client information to other parties.
a) hacking
b) cracking
c) penetration testing
d) exploiting
Answer: c
Explanation: It is against the laws and ethics of ethical hackers that after doing penetration tests, the ethical hacker
should never disclose client information to other parties. The protection of client data is in the hands of the ethical hacker who performed the tests.
84. is the branch of cyber security that deals with morality and provides different theories and a principle regarding the view-points about what is right and wrong.
a) Social ethics
b) Ethics in cyber-security
c) Corporate ethics
d) Ethics in black hat hacking
Answer: d
Explanation: Ethics in cyber-security is the branch of cyber security that deals with morality and provides different
theories and principles‟ regarding the view-points about what is right and what need not to be done.
By practising the ETI MCQs, you can enhance your computer and information technology knowledge and skills. The questions cover various topics, from basic computer concepts to advanced technologies like artificial intelligence and cybersecurity.
Plus, by identifying your strengths and weaknesses, you can prepare better for exams and stay up-to-date with the latest developments in the field.
Don't worry if you're new to the subject; we'll use easy-to-understand language throughout this post to make it accessible to everyone. So, what are you waiting for? Start practising the ETI MCQs and take your knowledge to the next level!