Why you should use Ethical Hacking Test?

The Ethical Hacking Test makes use of scenario-based questions to test for on-the-job skills as opposed to theoretical knowledge, ensuring that candidates who do well on this screening test have the relavant skills. The questions are designed to covered following on-the-job aspects: Knowledge of different types of ethical hacking techniques and methodologies Proficiency in identifying vulnerabilities in computer systems and networks Familiarity with common cyber attacks and countermeasures Ability to perform penetration testing and vulnerability assessments Understanding of network security principles and protocols Experience with securing web applications against various security threats Knowledge of wireless security standards and best practices Proficient in using tools and techniques for ethical hacking Ability to analyze and interpret network traffic and log files Knowledge of cryptography and encryption algorithms

Ethical Hacking Test

Q: What topics are covered in the Ethical Hacking Test?

Ethical Hacking Cyber Security Network Security Web Application Security Wireless Security

About the test:

The Ethical Hacking Test evaluates a candidate's knowledge and skills in ethical hacking, focusing on topics such as cyber security, network security, web application security, and wireless security. The test assesses the candidate's ability to identify vulnerabilities, exploit security flaws, and provide effective solutions to prevent unauthorized access and protect sensitive information.

Covered skills:

Ethical Hacking
Network Security
Wireless Security

Cyber Security
Web Application Security

Try practice test

Start 14-day free trial

9 reasons why

Adaface Ethical Hacking Assessment Test is the most accurate way to shortlist Ethical Hackers

Reason #1

Tests for on-the-job skills

The Ethical Hacking Test helps recruiters and hiring managers identify qualified candidates from a pool of resumes, and helps in taking objective hiring decisions. It reduces the administrative overhead of interviewing too many candidates and saves time by filtering out unqualified candidates at the first step of the hiring process.

The test screens for the following skills that hiring managers look for in candidates:

Proficient in ethical hacking techniques and methodologies
Awareness of cyber security principles and best practices
Deep understanding of computer networks and protocols
Ability to identify and exploit vulnerabilities in web applications
Knowledge of wireless security protocols and countermeasures

Reason #2

No trick questions

Traditional assessment tools use trick questions and puzzles for the screening, which creates a lot of frustration among candidates about having to go through irrelevant screening assessments.

View sample questions

The main reason we started Adaface is that traditional pre-employment assessment platforms are not a fair way for companies to evaluate candidates. At Adaface, our mission is to help companies find great candidates by assessing on-the-job skills required for a role.

Why we started Adaface

Try practice test

Start 14-day free trial

Reason #3

Non-googleable questions

We have a very high focus on the quality of questions that test for on-the-job skills. Every question is non-googleable and we have a very high bar for the level of subject matter experts we onboard to create these questions. We have crawlers to check if any of the questions are leaked online. If/ when a question gets leaked, we get an alert. We change the question for you & let you know.

How we design questions

These are just a small sample from our library of 10,000+ questions. The actual questions on this Ethical Hacking Test will be non-googleable.

🧐 Question
Medium Cookie Security Analysis Web Application Security HTTP Cookies Cross-Domain Communication	Try practice test
You are a cybersecurity officer and a new third-party payment gateway is integrated into your company's e-commerce website. The payment gateway API is hosted on a different domain (pay-gateway.com) than your e-commerce site (my-ecommerce.com). You receive some reports that users are unable to complete their transactions intermittently. You obtain the following set of HTTP cookies from an affected user: 1. user_session=1; Domain=my-ecommerce.com; Path=/; Secure; HttpOnly 2. payment_session=xyz123; Domain=pay-gateway.com; Path=/; Secure; HttpOnly 3. cart_id=abcd1234; Domain=my-ecommerce.com; Path=/; Secure 4. csrf_token=efgh5678; Domain=my-ecommerce.com; Path=/; Secure 5. currency=USD; Domain=my-ecommerce.com; Path=/; 6. same_site_test=1; Domain=my-ecommerce.com; Path=/; Secure; SameSite=None 7. payment_verification=; Domain=my-ecommerce.com; Path=/; Secure; HttpOnly Which of the following configuration modifications would likely solve the intermittent transaction failure issue? A: Set SameSite=Strict attribute on all cookies. B: Set "SameSite=None; Secure" attribute on the payment_session cookie. C: Change the Domain attribute of payment_session cookie to my-ecommerce.com. D: Set HttpOnly attribute on cart_id and csrf_token cookies. E: Remove Secure attribute from user_session cookie.
Medium Security Incident Log Analysis	Try practice test
You are the security analyst for a company and are currently investigating a security incident. You found the following log entries in your HTTP server logs, which appear to be linked to the incident: 1. 192.0.2.4 - - [24/May/2023:13:15:30 +0000] "GET /wp-login.php HTTP/1.1" 200 167 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; yie8)" 2. 192.0.2.4 - - [24/May/2023:13:15:31 +0000] "POST /wp-login.php HTTP/1.1" 302 152 "http://www.example.com/wp-login.php" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; yie8)" 3. 192.0.2.4 - - [24/May/2023:13:15:32 +0000] "GET /wp-admin/install.php HTTP/1.1" 200 125 "http://www.example.com/wp-admin/" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; yie8)" Based on this information, which of the following statements are correct? A: The attacker was unable to compromise the Wordpress login page but was successful in accessing the installation page. B: The attacker attempted to login to a Wordpress site and, despite the login failing, was able to access the Wordpress installation page. C: The attacker was attempting a dictionary attack on the Wordpress site and accessed the Wordpress installation page. D: The logs indicate that the attacker was able to compromise the Wordpress login and directly access the installation page. E: The attacker attempted to login to a Wordpress site, succeeded, and then tried to access the Wordpress installation page.
Medium Network Traffic Anomaly Network Traffic Analysis Network Protocols	Try practice test
You are a cybersecurity engineer working on a network traffic analysis case. You have been given the following set of observations from network logs of the past 24 hours: - Observation 1: 1,000,000 DNS requests were recorded, 50% more than the usual daily traffic. - Observation 2: 85% of these DNS requests have the same subdomain but different domain names. - Observation 3: For each of these DNS requests, an HTTP POST request follows immediately. - Observation 4: No other significant anomalies were detected in the system logs. Given these observations, what would you suspect is happening? A: The network is experiencing a DNS amplification attack B: There is a misconfiguration in the DNS settings C: The system is the source of a SYN flood attack D: A fast-flux DNS network is in operation E: The system is infected with a DNS tunneling based malware
Medium SQL Log Analysis SQL Injection Log Analysis	Try practice test
You are investigating a possible SQL injection attack on your company's web application. You found the following entries in the HTTP server logs: Note that each log line contains the following information: IP Address - Timestamp - Request URI - Request Status - Response Size Based on the log entries, which of the following statements are correct? A: The attacker logged in successfully but failed to execute the SQL injection. B: The attacker failed in the SQL injection attack. C: The attacker failed to login but successfully accessed the admin page. D: The attacker performed a successful SQL injection attack that dumped all product information. E: The attacker was unsuccessful in both the SQL injection attack and the login attempt.
Medium Misappropriation Post-Migration DNS Management Infrastructure Migration Subdomain Hijacking	Try practice test
A software company decided to move some of their web services from one cloud provider (Vendor A) to another (Vendor B) for better cost optimization. Initially, their main web application "webapp.company.com" was hosted at IP 192.0.2.1 on Vendor A's infrastructure. As part of this transition, it was moved to IP 203.0.113.1 on Vendor B's setup. Subsequently, a secondary web service previously hosted on "serviceA.company.com" at IP 192.0.2.2 (Vendor A), was migrated and re-hosted at "serviceB.company.com" at IP 203.0.113.2 (Vendor B). A month post-migration, the SEO team reported an unexpected spike in organic traffic to the "company.com" domain. Upon investigating, the IT team noticed unusual activity related to "serviceA.company.com" in the server access logs, including successful HTTP 200 responses from several requests. A suspicious HTTPS GET request, `GET /explicit-content.html HTTP/1.1`, was also recorded. Running `dig +short serviceA.company.com` returned IP address 198.51.100.1. Cross-checking this information with the company's DNS records revealed: Based on the details provided, identify the probable cause for the unexpected increase in organic traffic: A: The company failed to delete the DNS "A" record for "serviceB.company.com" before migration on vendor A. B: The company failed to delete the DNS "A" record for "serviceA.company.com" after migration. C: The company did not configure DNS record for webapp.company.com properly on Vendor B's platform. D: The DNS configuration for serviceB.company.com is incorrect post migration
Medium Mac address and IP on router hop Routers Switches	Try practice test
Refer to the following exhibit: Host A is sending a packet to Host B. 1. What is the source and destination MAC address at point PA? 2. What is the source and destination IP address at point PB? // Option A PA: source MAC - Mac-A PA: destination MAC - Mac-B PB: source IP - 192.168.1.1 PB: destination IP - 192.168.3.1 // Option B PA: source MAC - Mac-A PA: destination MAC - Mac-RA PB: source IP - 192.168.3.3 PB: destination IP - 192.168.3.1 // Option C PA: source MAC - Mac-A PA: destination MAC - Mac-B PB: source IP - 192.168.3.3 PB: destination IP - 192.168.3.1 // Option D PA: source MAC - Mac-A PA: destination MAC - Mac-RA PB: source IP - 192.168.1.1 PB: destination IP - 192.168.3.1
Easy MX Record, DMARC and Email Authentication DNS MX Records DMARC SPF DKIM	Try practice test
You work as a network administrator for a company, "example.com", that recently started experiencing issues with email spoofing. To mitigate the problem, you decide to implement DMARC (Domain-based Message Authentication, Reporting & Conformance) in addition to existing SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) records. Your current DNS records for example.com include the following: - MX 10 mail.example.com (IP address 203.0.113.10) - TXT "v=spf1 ip4:203.0.113.10 -all" - TXT "v=DKIM1; k=rsa; p=public-key-here" You add the following DMARC record: - TXT "_dmarc.example.com" "v=DMARC1; p=quarantine; pct=100; rua=mailto:report@example.com" After implementing the DMARC record, an external mail server sends an email to your domain. The email passes the SPF and DKIM checks but fails the DMARC check. What will likely happen to the email? A: The email will be accepted and delivered to the recipient's inbox. B: The email will be rejected and returned to the sender as undeliverable. C: The email might be delivered to the recipient's spam or junk folder. D: The email will be accepted, but a report will be sent to the sender. E: The email will be silently discarded, and the sender will not be notified.
Medium Remote network resources Gateway Routing protocols	Try practice test
Review the following exhibit: Angelina noticed that the computers on 192.168.10.0/24 network can ping their default gateway. But they found that these computers cannot connect to any remote network resources. Which of the following is the most likely reason for this?
Medium SSL Certificate Expiry SSL/TLS Network Security	Try practice test
You are a network administrator for an e-commerce company. The company's online store allows customers to browse products and make purchases securely over the internet. The online store uses SSL/TLS for secure communication. You receive reports that some customers are seeing a security warning in their web browsers when trying to access the online store. Upon investigation, you discover the following information: - The SSL certificate used by the online store's web server is valid for one year and is due to expire in two days. - The web server is configured to automatically redirect HTTP traffic to HTTPS. - The SSL certificate was issued by a trusted certificate authority (CA), and all major web browsers have the CA's root certificate in their trusted certificate stores. - The SSL certificate includes the correct domain name for the online store. Given the above information, which of the following steps should be taken to resolve the issue and prevent customers from seeing the security warning? A: Extend the validity of the current SSL certificate by one year. B: Obtain a new SSL certificate from the same CA and install it on the web server before the current certificate expires. C: Remove the automatic redirect from HTTP to HTTPS on the web server. D: Ask customers to ignore the security warning and proceed to the online store. E: Replace the SSL certificate with a self-signed certificate.

	🧐 Question	🔧 Skill
	Medium Cookie Security Analysis Web Application Security HTTP Cookies Cross-Domain Communication	2 mins Cyber Security	Try practice test
You are a cybersecurity officer and a new third-party payment gateway is integrated into your company's e-commerce website. The payment gateway API is hosted on a different domain (pay-gateway.com) than your e-commerce site (my-ecommerce.com). You receive some reports that users are unable to complete their transactions intermittently. You obtain the following set of HTTP cookies from an affected user: 1. user_session=1; Domain=my-ecommerce.com; Path=/; Secure; HttpOnly 2. payment_session=xyz123; Domain=pay-gateway.com; Path=/; Secure; HttpOnly 3. cart_id=abcd1234; Domain=my-ecommerce.com; Path=/; Secure 4. csrf_token=efgh5678; Domain=my-ecommerce.com; Path=/; Secure 5. currency=USD; Domain=my-ecommerce.com; Path=/; 6. same_site_test=1; Domain=my-ecommerce.com; Path=/; Secure; SameSite=None 7. payment_verification=; Domain=my-ecommerce.com; Path=/; Secure; HttpOnly Which of the following configuration modifications would likely solve the intermittent transaction failure issue? A: Set SameSite=Strict attribute on all cookies. B: Set "SameSite=None; Secure" attribute on the payment_session cookie. C: Change the Domain attribute of payment_session cookie to my-ecommerce.com. D: Set HttpOnly attribute on cart_id and csrf_token cookies. E: Remove Secure attribute from user_session cookie.
	Medium Security Incident Log Analysis	2 mins Cyber Security	Try practice test
You are the security analyst for a company and are currently investigating a security incident. You found the following log entries in your HTTP server logs, which appear to be linked to the incident: 1. 192.0.2.4 - - [24/May/2023:13:15:30 +0000] "GET /wp-login.php HTTP/1.1" 200 167 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; yie8)" 2. 192.0.2.4 - - [24/May/2023:13:15:31 +0000] "POST /wp-login.php HTTP/1.1" 302 152 "http://www.example.com/wp-login.php" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; yie8)" 3. 192.0.2.4 - - [24/May/2023:13:15:32 +0000] "GET /wp-admin/install.php HTTP/1.1" 200 125 "http://www.example.com/wp-admin/" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; yie8)" Based on this information, which of the following statements are correct? A: The attacker was unable to compromise the Wordpress login page but was successful in accessing the installation page. B: The attacker attempted to login to a Wordpress site and, despite the login failing, was able to access the Wordpress installation page. C: The attacker was attempting a dictionary attack on the Wordpress site and accessed the Wordpress installation page. D: The logs indicate that the attacker was able to compromise the Wordpress login and directly access the installation page. E: The attacker attempted to login to a Wordpress site, succeeded, and then tried to access the Wordpress installation page.
	Medium Network Traffic Anomaly Network Traffic Analysis Network Protocols	2 mins Cyber Security	Try practice test
You are a cybersecurity engineer working on a network traffic analysis case. You have been given the following set of observations from network logs of the past 24 hours: - Observation 1: 1,000,000 DNS requests were recorded, 50% more than the usual daily traffic. - Observation 2: 85% of these DNS requests have the same subdomain but different domain names. - Observation 3: For each of these DNS requests, an HTTP POST request follows immediately. - Observation 4: No other significant anomalies were detected in the system logs. Given these observations, what would you suspect is happening? A: The network is experiencing a DNS amplification attack B: There is a misconfiguration in the DNS settings C: The system is the source of a SYN flood attack D: A fast-flux DNS network is in operation E: The system is infected with a DNS tunneling based malware
	Medium SQL Log Analysis SQL Injection Log Analysis	2 mins Cyber Security	Try practice test
You are investigating a possible SQL injection attack on your company's web application. You found the following entries in the HTTP server logs: Note that each log line contains the following information: IP Address - Timestamp - Request URI - Request Status - Response Size Based on the log entries, which of the following statements are correct? A: The attacker logged in successfully but failed to execute the SQL injection. B: The attacker failed in the SQL injection attack. C: The attacker failed to login but successfully accessed the admin page. D: The attacker performed a successful SQL injection attack that dumped all product information. E: The attacker was unsuccessful in both the SQL injection attack and the login attempt.
	Medium Misappropriation Post-Migration DNS Management Infrastructure Migration Subdomain Hijacking	3 mins Cyber Security	Try practice test
A software company decided to move some of their web services from one cloud provider (Vendor A) to another (Vendor B) for better cost optimization. Initially, their main web application "webapp.company.com" was hosted at IP 192.0.2.1 on Vendor A's infrastructure. As part of this transition, it was moved to IP 203.0.113.1 on Vendor B's setup. Subsequently, a secondary web service previously hosted on "serviceA.company.com" at IP 192.0.2.2 (Vendor A), was migrated and re-hosted at "serviceB.company.com" at IP 203.0.113.2 (Vendor B). A month post-migration, the SEO team reported an unexpected spike in organic traffic to the "company.com" domain. Upon investigating, the IT team noticed unusual activity related to "serviceA.company.com" in the server access logs, including successful HTTP 200 responses from several requests. A suspicious HTTPS GET request, `GET /explicit-content.html HTTP/1.1`, was also recorded. Running `dig +short serviceA.company.com` returned IP address 198.51.100.1. Cross-checking this information with the company's DNS records revealed: Based on the details provided, identify the probable cause for the unexpected increase in organic traffic: A: The company failed to delete the DNS "A" record for "serviceB.company.com" before migration on vendor A. B: The company failed to delete the DNS "A" record for "serviceA.company.com" after migration. C: The company did not configure DNS record for webapp.company.com properly on Vendor B's platform. D: The DNS configuration for serviceB.company.com is incorrect post migration
	Medium Mac address and IP on router hop Routers Switches	2 mins Computer Networks	Try practice test
Refer to the following exhibit: Host A is sending a packet to Host B. 1. What is the source and destination MAC address at point PA? 2. What is the source and destination IP address at point PB? // Option A PA: source MAC - Mac-A PA: destination MAC - Mac-B PB: source IP - 192.168.1.1 PB: destination IP - 192.168.3.1 // Option B PA: source MAC - Mac-A PA: destination MAC - Mac-RA PB: source IP - 192.168.3.3 PB: destination IP - 192.168.3.1 // Option C PA: source MAC - Mac-A PA: destination MAC - Mac-B PB: source IP - 192.168.3.3 PB: destination IP - 192.168.3.1 // Option D PA: source MAC - Mac-A PA: destination MAC - Mac-RA PB: source IP - 192.168.1.1 PB: destination IP - 192.168.3.1
	Easy MX Record, DMARC and Email Authentication DNS MX Records DMARC SPF DKIM	2 mins Computer Networks	Try practice test
You work as a network administrator for a company, "example.com", that recently started experiencing issues with email spoofing. To mitigate the problem, you decide to implement DMARC (Domain-based Message Authentication, Reporting & Conformance) in addition to existing SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) records. Your current DNS records for example.com include the following: - MX 10 mail.example.com (IP address 203.0.113.10) - TXT "v=spf1 ip4:203.0.113.10 -all" - TXT "v=DKIM1; k=rsa; p=public-key-here" You add the following DMARC record: - TXT "_dmarc.example.com" "v=DMARC1; p=quarantine; pct=100; rua=mailto:report@example.com" After implementing the DMARC record, an external mail server sends an email to your domain. The email passes the SPF and DKIM checks but fails the DMARC check. What will likely happen to the email? A: The email will be accepted and delivered to the recipient's inbox. B: The email will be rejected and returned to the sender as undeliverable. C: The email might be delivered to the recipient's spam or junk folder. D: The email will be accepted, but a report will be sent to the sender. E: The email will be silently discarded, and the sender will not be notified.
	Medium Remote network resources Gateway Routing protocols	3 mins Computer Networks	Try practice test
Review the following exhibit: Angelina noticed that the computers on 192.168.10.0/24 network can ping their default gateway. But they found that these computers cannot connect to any remote network resources. Which of the following is the most likely reason for this?
	Medium SSL Certificate Expiry SSL/TLS Network Security	2 mins Computer Networks	Try practice test
You are a network administrator for an e-commerce company. The company's online store allows customers to browse products and make purchases securely over the internet. The online store uses SSL/TLS for secure communication. You receive reports that some customers are seeing a security warning in their web browsers when trying to access the online store. Upon investigation, you discover the following information: - The SSL certificate used by the online store's web server is valid for one year and is due to expire in two days. - The web server is configured to automatically redirect HTTP traffic to HTTPS. - The SSL certificate was issued by a trusted certificate authority (CA), and all major web browsers have the CA's root certificate in their trusted certificate stores. - The SSL certificate includes the correct domain name for the online store. Given the above information, which of the following steps should be taken to resolve the issue and prevent customers from seeing the security warning? A: Extend the validity of the current SSL certificate by one year. B: Obtain a new SSL certificate from the same CA and install it on the web server before the current certificate expires. C: Remove the automatic redirect from HTTP to HTTPS on the web server. D: Ask customers to ignore the security warning and proceed to the online store. E: Replace the SSL certificate with a self-signed certificate.

	🧐 Question	🔧 Skill	💪 Difficulty	⌛ Time
	Cookie Security Analysis Web Application Security HTTP Cookies Cross-Domain Communication	Cyber Security	Medium	2 mins	Try practice test
You are a cybersecurity officer and a new third-party payment gateway is integrated into your company's e-commerce website. The payment gateway API is hosted on a different domain (pay-gateway.com) than your e-commerce site (my-ecommerce.com). You receive some reports that users are unable to complete their transactions intermittently. You obtain the following set of HTTP cookies from an affected user: 1. user_session=1; Domain=my-ecommerce.com; Path=/; Secure; HttpOnly 2. payment_session=xyz123; Domain=pay-gateway.com; Path=/; Secure; HttpOnly 3. cart_id=abcd1234; Domain=my-ecommerce.com; Path=/; Secure 4. csrf_token=efgh5678; Domain=my-ecommerce.com; Path=/; Secure 5. currency=USD; Domain=my-ecommerce.com; Path=/; 6. same_site_test=1; Domain=my-ecommerce.com; Path=/; Secure; SameSite=None 7. payment_verification=; Domain=my-ecommerce.com; Path=/; Secure; HttpOnly Which of the following configuration modifications would likely solve the intermittent transaction failure issue? A: Set SameSite=Strict attribute on all cookies. B: Set "SameSite=None; Secure" attribute on the payment_session cookie. C: Change the Domain attribute of payment_session cookie to my-ecommerce.com. D: Set HttpOnly attribute on cart_id and csrf_token cookies. E: Remove Secure attribute from user_session cookie.
	Security Incident Log Analysis	Cyber Security	Medium	2 mins	Try practice test
You are the security analyst for a company and are currently investigating a security incident. You found the following log entries in your HTTP server logs, which appear to be linked to the incident: 1. 192.0.2.4 - - [24/May/2023:13:15:30 +0000] "GET /wp-login.php HTTP/1.1" 200 167 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; yie8)" 2. 192.0.2.4 - - [24/May/2023:13:15:31 +0000] "POST /wp-login.php HTTP/1.1" 302 152 "http://www.example.com/wp-login.php" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; yie8)" 3. 192.0.2.4 - - [24/May/2023:13:15:32 +0000] "GET /wp-admin/install.php HTTP/1.1" 200 125 "http://www.example.com/wp-admin/" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; yie8)" Based on this information, which of the following statements are correct? A: The attacker was unable to compromise the Wordpress login page but was successful in accessing the installation page. B: The attacker attempted to login to a Wordpress site and, despite the login failing, was able to access the Wordpress installation page. C: The attacker was attempting a dictionary attack on the Wordpress site and accessed the Wordpress installation page. D: The logs indicate that the attacker was able to compromise the Wordpress login and directly access the installation page. E: The attacker attempted to login to a Wordpress site, succeeded, and then tried to access the Wordpress installation page.
	Network Traffic Anomaly Network Traffic Analysis Network Protocols	Cyber Security	Medium	2 mins	Try practice test
You are a cybersecurity engineer working on a network traffic analysis case. You have been given the following set of observations from network logs of the past 24 hours: - Observation 1: 1,000,000 DNS requests were recorded, 50% more than the usual daily traffic. - Observation 2: 85% of these DNS requests have the same subdomain but different domain names. - Observation 3: For each of these DNS requests, an HTTP POST request follows immediately. - Observation 4: No other significant anomalies were detected in the system logs. Given these observations, what would you suspect is happening? A: The network is experiencing a DNS amplification attack B: There is a misconfiguration in the DNS settings C: The system is the source of a SYN flood attack D: A fast-flux DNS network is in operation E: The system is infected with a DNS tunneling based malware
	SQL Log Analysis SQL Injection Log Analysis	Cyber Security	Medium	2 mins	Try practice test
You are investigating a possible SQL injection attack on your company's web application. You found the following entries in the HTTP server logs: Note that each log line contains the following information: IP Address - Timestamp - Request URI - Request Status - Response Size Based on the log entries, which of the following statements are correct? A: The attacker logged in successfully but failed to execute the SQL injection. B: The attacker failed in the SQL injection attack. C: The attacker failed to login but successfully accessed the admin page. D: The attacker performed a successful SQL injection attack that dumped all product information. E: The attacker was unsuccessful in both the SQL injection attack and the login attempt.
	Misappropriation Post-Migration DNS Management Infrastructure Migration Subdomain Hijacking	Cyber Security	Medium	3 mins	Try practice test
A software company decided to move some of their web services from one cloud provider (Vendor A) to another (Vendor B) for better cost optimization. Initially, their main web application "webapp.company.com" was hosted at IP 192.0.2.1 on Vendor A's infrastructure. As part of this transition, it was moved to IP 203.0.113.1 on Vendor B's setup. Subsequently, a secondary web service previously hosted on "serviceA.company.com" at IP 192.0.2.2 (Vendor A), was migrated and re-hosted at "serviceB.company.com" at IP 203.0.113.2 (Vendor B). A month post-migration, the SEO team reported an unexpected spike in organic traffic to the "company.com" domain. Upon investigating, the IT team noticed unusual activity related to "serviceA.company.com" in the server access logs, including successful HTTP 200 responses from several requests. A suspicious HTTPS GET request, `GET /explicit-content.html HTTP/1.1`, was also recorded. Running `dig +short serviceA.company.com` returned IP address 198.51.100.1. Cross-checking this information with the company's DNS records revealed: Based on the details provided, identify the probable cause for the unexpected increase in organic traffic: A: The company failed to delete the DNS "A" record for "serviceB.company.com" before migration on vendor A. B: The company failed to delete the DNS "A" record for "serviceA.company.com" after migration. C: The company did not configure DNS record for webapp.company.com properly on Vendor B's platform. D: The DNS configuration for serviceB.company.com is incorrect post migration
	Mac address and IP on router hop Routers Switches	Computer Networks	Medium	2 mins	Try practice test
Refer to the following exhibit: Host A is sending a packet to Host B. 1. What is the source and destination MAC address at point PA? 2. What is the source and destination IP address at point PB? // Option A PA: source MAC - Mac-A PA: destination MAC - Mac-B PB: source IP - 192.168.1.1 PB: destination IP - 192.168.3.1 // Option B PA: source MAC - Mac-A PA: destination MAC - Mac-RA PB: source IP - 192.168.3.3 PB: destination IP - 192.168.3.1 // Option C PA: source MAC - Mac-A PA: destination MAC - Mac-B PB: source IP - 192.168.3.3 PB: destination IP - 192.168.3.1 // Option D PA: source MAC - Mac-A PA: destination MAC - Mac-RA PB: source IP - 192.168.1.1 PB: destination IP - 192.168.3.1
	MX Record, DMARC and Email Authentication DNS MX Records DMARC SPF DKIM	Computer Networks	Easy	2 mins	Try practice test
You work as a network administrator for a company, "example.com", that recently started experiencing issues with email spoofing. To mitigate the problem, you decide to implement DMARC (Domain-based Message Authentication, Reporting & Conformance) in addition to existing SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) records. Your current DNS records for example.com include the following: - MX 10 mail.example.com (IP address 203.0.113.10) - TXT "v=spf1 ip4:203.0.113.10 -all" - TXT "v=DKIM1; k=rsa; p=public-key-here" You add the following DMARC record: - TXT "_dmarc.example.com" "v=DMARC1; p=quarantine; pct=100; rua=mailto:report@example.com" After implementing the DMARC record, an external mail server sends an email to your domain. The email passes the SPF and DKIM checks but fails the DMARC check. What will likely happen to the email? A: The email will be accepted and delivered to the recipient's inbox. B: The email will be rejected and returned to the sender as undeliverable. C: The email might be delivered to the recipient's spam or junk folder. D: The email will be accepted, but a report will be sent to the sender. E: The email will be silently discarded, and the sender will not be notified.
	Remote network resources Gateway Routing protocols	Computer Networks	Medium	3 mins	Try practice test
Review the following exhibit: Angelina noticed that the computers on 192.168.10.0/24 network can ping their default gateway. But they found that these computers cannot connect to any remote network resources. Which of the following is the most likely reason for this?
	SSL Certificate Expiry SSL/TLS Network Security	Computer Networks	Medium	2 mins	Try practice test
You are a network administrator for an e-commerce company. The company's online store allows customers to browse products and make purchases securely over the internet. The online store uses SSL/TLS for secure communication. You receive reports that some customers are seeing a security warning in their web browsers when trying to access the online store. Upon investigation, you discover the following information: - The SSL certificate used by the online store's web server is valid for one year and is due to expire in two days. - The web server is configured to automatically redirect HTTP traffic to HTTPS. - The SSL certificate was issued by a trusted certificate authority (CA), and all major web browsers have the CA's root certificate in their trusted certificate stores. - The SSL certificate includes the correct domain name for the online store. Given the above information, which of the following steps should be taken to resolve the issue and prevent customers from seeing the security warning? A: Extend the validity of the current SSL certificate by one year. B: Obtain a new SSL certificate from the same CA and install it on the web server before the current certificate expires. C: Remove the automatic redirect from HTTP to HTTPS on the web server. D: Ask customers to ignore the security warning and proceed to the online store. E: Replace the SSL certificate with a self-signed certificate.

Reason #4

1200+ customers in 75 countries

With Adaface, we were able to optimise our initial screening process by upwards of 75%, freeing up precious time for both hiring managers and our talent acquisition team alike!

Brandon Lee, Head of People, Love, Bonito

Try practice test

Start 14-day free trial

Reason #5

Designed for elimination, not selection

The most important thing while implementing the pre-employment Ethical Hacking Test in your hiring process is that it is an elimination tool, not a selection tool. In other words: you want to use the test to eliminate the candidates who do poorly on the test, not to select the candidates who come out at the top. While they are super valuable, pre-employment tests do not paint the entire picture of a candidate’s abilities, knowledge, and motivations. Multiple easy questions are more predictive of a candidate's ability than fewer hard questions. Harder questions are often "trick" based questions, which do not provide any meaningful signal about the candidate's skillset.

Science behind Adaface tests

Reason #6

1 click candidate invites

Email invites: You can send candidates an email invite to the Ethical Hacking Test from your dashboard by entering their email address.

Public link: You can create a public link for each test that you can share with candidates.

API or integrations: You can invite candidates directly from your ATS by using our pre-built integrations with popular ATS systems or building a custom integration with your in-house ATS.

Reason #7

Detailed scorecards & benchmarks

View sample scorecard

Try practice test

Start 14-day free trial

Reason #8

High completion rate

Adaface tests are conversational, low-stress, and take just 25-40 mins to complete.

This is why Adaface has the highest test-completion rate (86%), which is more than 2x better than traditional assessments.

Reason #9

Advanced Proctoring

Learn more

Preview this test

View sample scorecard

About the Ethical Hacking Online Test

Why you should use Pre-employment Ethical Hacking Test?

The Ethical Hacking Test makes use of scenario-based questions to test for on-the-job skills as opposed to theoretical knowledge, ensuring that candidates who do well on this screening test have the relavant skills. The questions are designed to covered following on-the-job aspects:

Knowledge of different types of ethical hacking techniques and methodologies
Proficiency in identifying vulnerabilities in computer systems and networks
Familiarity with common cyber attacks and countermeasures
Ability to perform penetration testing and vulnerability assessments
Understanding of network security principles and protocols
Experience with securing web applications against various security threats
Knowledge of wireless security standards and best practices
Proficient in using tools and techniques for ethical hacking
Ability to analyze and interpret network traffic and log files
Knowledge of cryptography and encryption algorithms

Once the test is sent to a candidate, the candidate receives a link in email to take the test. For each candidate, you will receive a detailed report with skills breakdown and benchmarks to shortlist the top candidates from your pool.

What topics are covered in the Ethical Hacking Test?

Ethical Hacking
Ethical hacking involves testing a system's vulnerabilities to identify weaknesses and evaluate the effectiveness of security measures. This skill should be measured in the test to assess the candidate's ability to think like a malicious hacker and identify potential security threats.
Cyber Security
Cyber security focuses on protecting computer systems, networks, and data from unauthorized access or attacks. Measuring this skill in the test allows recruiters to evaluate the candidate's knowledge and understanding of essential security principles and practices.
Network Security
Network security involves implementing measures to protect a network infrastructure from unauthorized access, misuse, or modification. Including this skill in the test helps recruiters assess the candidate's ability to identify and mitigate network vulnerabilities and protect sensitive information.
Web Application Security
Web application security is about safeguarding websites and online applications from potential threats such as unauthorized access, data breaches, and code injection attacks. Assessing this skill in the test allows recruiters to evaluate the candidate's knowledge and proficiency in developing and maintaining secure web applications.
Wireless Security
Wireless security focuses on securing wireless networks and devices from unauthorized access and potential data breaches. Measuring this skill in the test helps recruiters assess the candidate's ability to identify and mitigate security risks related to wireless networks and implement appropriate security measures.
Full list of covered topics
The actual topics of the questions in the final test will depend on your job description and requirements. However, here's a list of topics you can expect the questions for Ethical Hacking Test to be based on.
Social Engineering
Password Cracking
Network Scanning
Firewalls
Intrusion Detection System
Web Application Penetration Testing
Secure Coding Practices
Encryption
Wireless Network Attacks
Vulnerability Assessment
Phishing
Malware Analysis
Wireshark
SQL Injection
Cross-Site Scripting (XSS)
Access Control
Cyber Threat Intelligence
Buffer Overflow
DNS Spoofing
Operating System Security
IoT Security
Steganography
Incident Response
Cloud Security
Social Media Privacy
Network Traffic Analysis
Wireless Security Protocols
OWASP Top 10
Exploit Development
Log Analysis
Physical Security
Data Exfiltration
Virtual Private Networks (VPNs)
Biometrics
Cryptography
Identity and Access Management (IAM)
File Integrity Monitoring
Risk Assessment
Security Information and Event Management (SIEM)
Web Server Security
Penetration Testing Tools
Mobile Security
Cyber Threat Hunting
Intrusion Prevention System
Web Application Firewalls
Software Vulnerability Analysis
Wireless Authentication
Reverse Engineering
Incident Handling
Wireless Network Monitoring
Buffer Overrun
Web Application Security Standards
Virtualization Security
Endpoint Security
Security Awareness Training
Social Engineering Awareness
Secure Coding Standards

Try practice test

Start 14-day free trial

What roles can I use the Ethical Hacking Test for?

Ethical Hacker
Cyber Security Analyst
Penetration Tester
Network Security Engineer
Security Consultant

How is the Ethical Hacking Test customized for senior candidates?

For intermediate/ experienced candidates, we customize the assessment questions to include advanced topics and increase the difficulty level of the questions. This might include adding questions on topics like

Experience in incident response and handling security incidents
Understanding of social engineering techniques and countermeasures
Knowledge of secure coding practices and techniques
Familiarity with security assessment and auditing processes
Proficient in testing and securing network infrastructure
Ability to perform a risk assessment and develop mitigation strategies
Experience with security compliance standards and regulations
Understanding of emerging threats and vulnerabilities in the field
Knowledge of cloud security and virtualization technologies
Proficiency in conducting security awareness training programs
Ability to create and maintain effective security policies and procedures

Preview this test

View sample scorecard

The hiring managers felt that through the technical questions that they asked during the panel interviews, they were able to tell which candidates had better scores, and differentiated with those who did not score as well. They are highly satisfied with the quality of candidates shortlisted with the Adaface screening.

85%

reduction in screening time

View Full Case Study

Ethical Hacking Hiring Test FAQs

Can I combine multiple skills into one custom assessment?

Yes, absolutely. Custom assessments are set up based on your job description, and will include questions on all must-have skills you specify. Here's a quick guide on how you can request a custom test.

Do you have any anti-cheating or proctoring features in place?

We have the following anti-cheating features in place:

Non-googleable questions
IP proctoring
Screen proctoring
Web proctoring
Webcam proctoring
Plagiarism detection
Secure browser
Copy paste protection

Read more about the proctoring features.

How do I interpret test scores?

The primary thing to keep in mind is that an assessment is an elimination tool, not a selection tool. A skills assessment is optimized to help you eliminate candidates who are not technically qualified for the role, it is not optimized to help you find the best candidate for the role. So the ideal way to use an assessment is to decide a threshold score (typically 55%, we help you benchmark) and invite all candidates who score above the threshold for the next rounds of interview.

What experience level can I use this test for?

Each Adaface assessment is customized to your job description/ ideal candidate persona (our subject matter experts will pick the right questions for your assessment from our library of 10000+ questions). This assessment can be customized for any experience level.

Does every candidate get the same questions?

Yes, it makes it much easier for you to compare candidates. Options for MCQ questions and the order of questions are randomized. We have anti-cheating/ proctoring features in place. In our enterprise plan, we also have the option to create multiple versions of the same assessment with questions of similar difficulty levels.