How Much You Really Know About Hacking? Trivia Quiz

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Alexandrupetroai
A
Alexandrupetroai
Community Contributor
Quizzes Created: 1 | Total Attempts: 3,005
Questions: 10 | Attempts: 3,005

SettingsSettingsSettings
How Much You Really Know About Hacking? Trivia Quiz - Quiz

How much you know about hacking? There are different ways that people can get access to other people’s personal information through the internet, and if caught, the offenders may spend years in jail. This is a short educational questionnaire that aims to reveal to you a few techniques used by hackers and help you protect your code from being hacked. Check it out!


Questions and Answers
  • 1. 

    What is a security exploit?

    • A.

      A prepared application that takes advantage of a known weakness

    • B.

      A way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication

    • C.

      A module studied by most Computer Science students

    • D.

      A mobile internet solution

    Correct Answer
    A. A prepared application that takes advantage of a known weakness
    Explanation
    A security exploit is a prepared application that takes advantage of a known weakness. Common examples of security exploits are SQL injection, Cross-Site Scripting and Cross-Site Request Forgery which abuse security holes that may result from substandard programming practice. Other exploits would be able to be used through FTP, HTTP, PHP, SSH, Telnet and some web-pages. These are very common in website/domain hacking.

    Rate this question:

  • 2. 

    What is SQL Injection?

    • A.

      A general purpose programming language

    • B.

      A type of security exploits in which the attacker adds Structured Query Language (SQL) code to a Web form input box to gain access to resources or make changes to data.

    • C.

      A prototype-based scripting language that is primarily used in the form of client-side JavaScript, implemented as part of a Web browser in order to provide enhanced user interfaces and dynamic websites.

    • D.

      An American quiz show featuring trivia in history, literature, the arts, pop culture, science, sports, geography, wordplay, and more.

    Correct Answer
    B. A type of security exploits in which the attacker adds Structured Query Language (SQL) code to a Web form input box to gain access to resources or make changes to data.
    Explanation
    An SQL query is a request for some action to be performed on a database. Typically, on a Web form for user authentication, when a user enters their name and password into the text boxes provided for them, those values are inserted into a SELECT query. If the values entered are found as expected, the user is allowed access; if they aren't found, access is denied. However, most Web forms have no mechanisms in place to block input other than names and passwords. Unless such precautions are taken, an attacker can use the input boxes to send their own request to the database, which could allow them to download the entire database or interact with it in other illicit ways.

    Rate this question:

  • 3. 

    How can SQL Injection be prevented?

    • A.

      By sanitizing user input ( making sure that the user can't type anything else than what they are supposed to).

    • B.

      By not using SQL anymore

    • C.

      By making your code public

    • D.

      All of the above

    Correct Answer
    A. By sanitizing user input ( making sure that the user can't type anything else than what they are supposed to).
    Explanation
    The best way is to carefully sanitize user input. Any data received from a user should be considered unsafe.

    Rate this question:

  • 4. 

    What is Password cracking?

    • A.

      A secret word or string of characters that is used for authentication, to prove identity or gain access to a resource.

    • B.

      A term used to describe the penetration of a network, system, or resource with or without the use of tools to unlock a resource that has been secured with a password

    • C.

      A cryptographic protocol that provides communication security over the Internet.

    • D.

      A markup language

    Correct Answer
    B. A term used to describe the penetration of a network, system, or resource with or without the use of tools to unlock a resource that has been secured with a password
    Explanation
    Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password. Another common approach is to say that you have "forgotten" the password and then changing it. The purpose of password cracking might be to help a user recover a forgotten password (though installing an entirely new password is less of a security risk, but involves system administration privileges), to gain unauthorized access to a system, or as a preventive measure by system administrators to check for easily crackable passwords.

    Rate this question:

  • 5. 

    What is a "white hat" hacker?

    • A.

      Someone who specializes in penetration testing and in other testing methodologies to ensure the security of an organization's information systems

    • B.

      Someone who breaks into a computer system or network with malicious intent.

    • C.

      A hacker wearing a white hat

    • D.

      All of the above

    Correct Answer
    A. Someone who specializes in penetration testing and in other testing methodologies to ensure the security of an organization's information systems
    Explanation
    The term "white hat" in Internet slang refers to an ethical hacker, or a computer security expert, who specializes in penetration testing and in other testing methodologies to ensure the security of an organization's information systems.[1] Ethical hacking is a term coined by IBM meant to imply a broader category than just penetration testing.

    Rate this question:

  • 6. 

    What is a packet sniffer?

    • A.

      A general-purpose server-side scripting language originally designed for web development to produce dynamic web pages.

    • B.

      A set of rules for encoding documents in machine-readable form.

    • C.

      An application that captures data packets, which can be used to capture passwords and other data in transit over the network

    • D.

      All of the above

    Correct Answer
    C. An application that captures data packets, which can be used to capture passwords and other data in transit over the network
    Explanation
    A packet analyzer (also known as a network analyzer, protocol analyzer, or sniffer, or for particular types of networks, an Ethernet sniffer or wireless sniffer) is a computer program or a piece of computer hardware that can intercept and log traffic passing over a digital network or part of a network.[1] As data streams flow across the network, the sniffer captures each packet and, if needed, decodes the packet's raw data, showing the values of various fields in the packet, and analyzes its content according to the appropriate RFC or other specifications.

    Rate this question:

  • 7. 

    What is Cross-site scripting?

    • A.

      A programming language that allows control of one or more applications

    • B.

      A type of computer security vulnerability typically found in Web applications that enables attackers to inject client-side script into Web pages viewed by other users

    • C.

      A specialized kind of scripting language used for controlling a computer

    • D.

      A document or information resource that is suitable for the World Wide Web and can be accessed through a web browser and displayed on a monitor or mobile device.

    Correct Answer
    B. A type of computer security vulnerability typically found in Web applications that enables attackers to inject client-side script into Web pages viewed by other users
    Explanation
    Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications that enables attackers to inject client-side script into Web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same origin policy. Cross-site scripting carried out on websites accounted for roughly 80.5% of all security vulnerabilities documented by Symantec as of 2007.

    Rate this question:

  • 8. 

    What is Social Engineering?

    • A.

      The art of manipulating people into performing actions or divulging confidential information

    • B.

      A professional engineering discipline that deals with the design, construction, and maintenance of the physical and naturally built environment, including works like roads, bridges, canals, dams, and buildings.

    • C.

      A discipline of engineering that applies the principles of physics and materials science for analysis, design, manufacturing, and maintenance of mechanical systems.

    • D.

      The direct human manipulation of an organism's genome using modern DNA technology.

    Correct Answer
    A. The art of manipulating people into performing actions or divulging confidential information
    Explanation
    Social engineering is commonly understood to mean the art of manipulating people into performing actions or divulging confidential information.[1] The people who need to hide their crimes say it is similar to a confidence trick or simple fraud, the term typically applies to trickery or deception for the purpose of information gathering, fraud, or computer system access; in most cases the attacker never comes face-to-face with the global criminals/victims.

    Rate this question:

  • 9. 

    What is a rootkit?

    • A.

      A kit used by biologists when working with plants

    • B.

      The pre-defined name of a UNIX directory

    • C.

      A rootkit is designed to conceal the compromise of a computer's security.

    • D.

      A name server for the Domain Name System's root zone. It directly answers requests for records in the root zone and answers other requests returning a list of the designated authoritative name servers for the appropriate top-level domain (TLD).

    Correct Answer
    C. A rootkit is designed to conceal the compromise of a computer's security.
    Explanation
    A rootkit is designed to conceal the compromise of a computer's security, and can represent any of a set of programs which work to subvert control of an operating system from its legitimate operators. Usually, a rootkit will obscure its installation and attempt to prevent its removal through a subversion of standard system security. Rootkits may include replacements for system binaries so that it becomes impossible for the legitimate user to detect the presence of the intruder on the system by looking at process tables.

    Rate this question:

  • 10. 

    What is a spoofing attack?

    • A.

      A japanese sumo technique.

    • B.

      A spoofing attack involves one program, system, or website successfully masquerading as another by falsifying data and thereby being treated as a trusted system by a user or another program. The purpose of this is usually to fool programs, systems, or users into revealing confidential information, such as user names and passwords, to the attacker.

    • C.

      Both

    Correct Answer
    B. A spoofing attack involves one program, system, or website successfully masquerading as another by falsifying data and thereby being treated as a trusted system by a user or another program. The purpose of this is usually to fool programs, systems, or users into revealing confidential information, such as user names and passwords, to the attacker.
    Explanation
    In the context of network security, a spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage.

    Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 21, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Dec 07, 2011
    Quiz Created by
    Alexandrupetroai
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.