🔐 Cyber Security
100 Ethical Hacking Quiz Questions & Answers 2026
Kali Linux, Metasploit, penetration testing, OWASP, SQL injection and hacking tools
Ready to test your knowledge?
Take the Quiz →
Ethical Hacking Fundamentals — 25 Questions
- What is ethical hacking? (Authorized testing of systems to find vulnerabilities before malicious actors)
- What are the three types of hackers? (White hat — ethical; Black hat — malicious; Gray hat — between)
- What is penetration testing? (Simulated attack with permission to identify security weaknesses)
- What are the 5 phases of ethical hacking? (Reconnaissance, Scanning, Gaining Access, Maintaining Access, Covering Tracks)
- What is reconnaissance? (Information gathering about target — passive and active)
- What is passive reconnaissance? (Gathering info without interacting with target — OSINT)
- What is active reconnaissance? (Directly interacting with target — port scanning, ping sweeps)
- What is OSINT? (Open Source Intelligence — using publicly available information)
- What is a vulnerability assessment? (Identifying and quantifying security vulnerabilities)
- What is threat modeling? (Identifying and prioritizing potential threats to a system)
- What is a scope of engagement? (Agreed boundaries of what a pentester is authorized to test)
- What is a report in pentesting? (Documentation of findings, risks, and recommendations)
- What is CVSS? (Common Vulnerability Scoring System — rates vulnerability severity 0-10)
- What is CVE? (Common Vulnerabilities and Exposures — unique IDs for known vulnerabilities)
- What is a payload? (Code that executes on a target system after exploitation)
Hacking Tools & Techniques — 25 Questions
- What is Kali Linux? (Penetration testing Linux distribution with pre-installed security tools)
- What is Metasploit? (Framework for developing, testing, and executing exploits)
- What is Nmap? (Network scanner for port scanning and host discovery)
- What is Wireshark? (Network protocol analyzer for capturing and analyzing traffic)
- What is Burp Suite? (Web security testing platform for finding web app vulnerabilities)
- What is John the Ripper? (Password cracking tool)
- What is Hashcat? (Advanced password recovery tool)
- What is Hydra? (Network login cracker for brute force attacks)
- What is Aircrack-ng? (WiFi security auditing tools)
- What is SQLmap? (Automated tool for detecting and exploiting SQL injection)
- What is a port scan? (Checking which ports are open on a target host)
- What is a reverse shell? (Compromised system connects back to attacker)
- What is privilege escalation? (Gaining higher permissions than initially obtained)
- What is lateral movement? (Moving through a network after initial compromise)
- What is pivoting? (Using compromised host as gateway to attack internal network)
- What is Netcat used for? (A versatile networking utility for reading/writing data over network connections)
- What is Nikto? (A web server scanner that checks for vulnerabilities and misconfigurations)
- What is OWASP ZAP? (An open-source web application security scanner)
- What is Cobalt Strike used for? (A commercial penetration testing tool for adversary simulation)
- What is a fuzzer used for in security testing? (Sending random or malformed input to find software vulnerabilities)
- What is Shodan? (A search engine for internet-connected devices, often used for reconnaissance)
- What is Maltego used for? (Visualizing relationships in OSINT investigations)
- What is BeEF (Browser Exploitation Framework)? (A tool focused on exploiting web browser vulnerabilities)
- What is the purpose of a wordlist in password attacks? (Providing a list of likely passwords to try during cracking attempts)
OWASP & Web Vulnerabilities — 25 Questions
- What does OWASP stand for? (Open Worldwide Application Security Project)
- What is the OWASP Top 10? (A regularly updated list of the most critical web application security risks)
- What is broken access control, an OWASP Top 10 risk? (When users can access resources or perform actions beyond their permissions)
- What is a security misconfiguration? (Incorrectly configured security settings that create vulnerabilities)
- What is insecure deserialization? (A vulnerability where untrusted data is used to manipulate application logic)
- What is a cryptographic failure, per OWASP? (Weak or missing encryption that exposes sensitive data)
- What is SSRF (Server-Side Request Forgery)? (An attack tricking a server into making unintended requests)
- What is a path traversal attack? (Manipulating file paths to access files outside an intended directory)
- What is command injection? (Executing arbitrary system commands through a vulnerable application)
- What is a buffer overflow vulnerability? (Writing more data to a buffer than it can hold, potentially corrupting memory)
- What is CSRF (Cross-Site Request Forgery)? (Tricking a user's browser into performing unwanted actions on a site they're logged into)
- What is clickjacking? (Tricking users into clicking something different from what they perceive)
- What is session hijacking? (Taking over a valid user session to gain unauthorized access)
- What is an insecure direct object reference (IDOR)? (A vulnerability allowing access to objects by manipulating reference values)
- What is input validation used to prevent? (Many injection-based attacks by checking and sanitizing user input)
- What is a WAF (Web Application Firewall)? (A firewall specifically designed to protect web applications from attacks)
- What is the purpose of parameterized queries in preventing SQL injection? (Separating SQL code from data to prevent malicious input from being executed)
- What is a "race condition" vulnerability? (A flaw arising from the timing of concurrent operations)
- What is an XML External Entity (XXE) attack? (Exploiting XML parsers to access internal files or systems)
- What is security misconfiguration's most common cause? (Default settings or unnecessary features left enabled)
- What is the purpose of Content Security Policy (CSP) headers? (Restricting what resources a web page is allowed to load, mitigating XSS)
- What is a supply chain attack in software security? (Compromising software through vulnerabilities in third-party components)
- What is API security primarily concerned with? (Protecting application programming interfaces from abuse and exploitation)
- What is broken authentication, an OWASP risk category? (Flaws in login mechanisms that allow attackers to compromise credentials)
- What is the purpose of rate limiting in web security? (Preventing abuse by limiting how many requests a user can make in a time period)
Cybersecurity Certifications & Careers — 25 Questions
- What does CEH stand for? (Certified Ethical Hacker)
- What does OSCP stand for? (Offensive Security Certified Professional)
- What is considered the gold standard practical certification for penetration testers? (OSCP)
- What does eJPT stand for? (eLearnSecurity Junior Penetration Tester)
- What organization offers the CEH certification? (EC-Council)
- What does CompTIA Security+ certify at a foundational level? (Core cybersecurity skills and knowledge)
- What is a "bug bounty hunter"? (An independent researcher who finds and reports vulnerabilities for rewards)
- What platform is well known for hosting bug bounty programs? (HackerOne or Bugcrowd)
- What is the role of a penetration tester in a company? (Simulating attacks to find and report security weaknesses)
- What is the role of a security consultant? (Advising organizations on how to improve their security posture)
- What is a "red team exercise"? (A simulated attack to test an organization's detection and response capabilities)
- What does OSWE stand for, an advanced Offensive Security certification? (Offensive Security Web Expert)
- What is a CTF (Capture the Flag) competition used for in training? (Practicing hacking skills in a legal, gamified environment)
- What is the purpose of a "rules of engagement" document in a pentest? (Defining the scope, methods, and boundaries authorized for testing)
- What is a "Get Out of Jail Free" letter in penetration testing? (Written authorization proving a tester has permission to perform the test)
- What is the difference between a vulnerability assessment and a penetration test? (A vulnerability assessment identifies weaknesses; a pentest actively exploits them)
- What is a "black box" penetration test? (Testing without prior knowledge of the target system's internals)
- What is a "white box" penetration test? (Testing with full knowledge of the target system's internals)
- What is a "gray box" penetration test? (Testing with partial knowledge of the target system)
- What government-recognized body provides cybersecurity guidance in the US? (NIST — National Institute of Standards and Technology)
- What is the NIST Cybersecurity Framework used for? (Providing guidelines for managing and reducing cybersecurity risk)
- What is the typical career progression from a junior penetration tester? (Senior pentester, security consultant, or security architect roles)
- What programming/scripting skill is most valuable for ethical hackers? (Python, due to its versatility for scripting exploits and automation)
- What is a "responsible disclosure" policy? (A process for reporting vulnerabilities privately before public release)
- What is the purpose of legal contracts before any penetration test begins? (Protecting both the tester and client by clearly defining authorized scope)
- What is "social engineering" testing in a pentest engagement? (Assessing human vulnerability to manipulation tactics like phishing)
- What does a "scope creep" risk mean during a penetration test? (Testing expanding beyond the originally agreed boundaries, which can be legally risky)
- What is "post-exploitation" in penetration testing? (Activities performed after successfully gaining access, like data collection)
- What is the purpose of cleanup after a penetration test? (Removing any tools, backdoors, or changes made during testing)
- What is a "kill chain" model used to describe in cybersecurity? (The stages of a cyberattack from reconnaissance to objectives)
- What is MITRE ATT&CK used for? (A framework cataloging known adversary tactics and techniques)
- What is the purpose of a "tabletop exercise" in security testing? (A discussion-based simulation of a security incident response)
- What does "C2" stand for in the context of hacking tools? (Command and Control — infrastructure used to manage compromised systems)
- What is an "attack surface"? (All the possible points where an unauthorized user could try to enter a system)
- What is "privilege creep" in a corporate security context? (Users gradually accumulating more access rights than they need over time)
- What is the purpose of regular access reviews in an organization? (Ensuring users only retain the permissions they currently need)
❓ Frequently Asked Questions
What is the difference between ethical and malicious hacking?
Ethical (white hat) hacking is authorized — performed with permission to find and fix vulnerabilities. Malicious (black hat) hacking is unauthorized and illegal. Gray hat hackers fall in between.
What certifications do ethical hackers pursue?
Top certifications: CEH (Certified Ethical Hacker), OSCP (Offensive Security Certified Professional), CompTIA Security+, CISSP, and eJPT. OSCP is considered the gold standard for practical hacking skills.
🎯 Practice Quizzes — Cyber Security
Ready to test what you learned? Pick a quiz below and challenge yourself:
Easy
🔥 4
Types of Cyber Threats
🚀 Play Now →
Easy
🔥 2
Password and Account Security
🚀 Play Now →
Easy
🔥 2
Cybersecurity Fundamentals
🚀 Play Now →
Medium
🔥 2
Network Security
🚀 Play Now →
Hard
🔥 1
Penetration Testing and Ethical Hacking
🚀 Play Now →
Hard
🔥 0
Advanced Network Security and Defense
🚀 Play Now →
Medium
🔥 0
Malware and Virus Protection
🚀 Play Now →
Hard
🔥 0
Advanced Penetration Testing and Threat Hunting
🚀 Play Now →
Hard
🔥 0
Advanced Cryptography and Encryption
🚀 Play Now →
Easy
🔥 0
Online Scams and Phishing Basics
🚀 Play Now →
Ready to Test Your Cyber Security Knowledge?
Take our Cyber Security quiz and see how you rank against players worldwide!