Chapter 3: Quiz — Setting Up Your Hacking Lab

Test your understanding of virtualization, Kali Linux, lab network configuration, and safe practices. Many of these questions are practical — you should be able to verify your answers in your own lab.

Multiple Choice Questions

Question 1

Which VirtualBox network mode provides communication between VMs and the host but NO Internet access?

a) NAT b) NAT Network c) Host-Only d) Bridged Adapter

Question 2

What is the default username and password for the pre-built Kali Linux VM image?

a) root / toor b) kali / kali c) admin / admin d) user / password

Question 3

Which VirtualBox network mode is MOST dangerous for a hacking lab because it places VMs directly on your physical network?

a) NAT b) Internal Network c) Host-Only d) Bridged Adapter

Question 4

What is the primary purpose of VirtualBox Guest Additions?

a) To add additional security tools to the VM b) To improve display performance, enable shared folders, and clipboard integration c) To enable Internet access for the VM d) To create encrypted virtual disks

Question 5

Metasploitable 2 is:

a) A penetration testing distribution like Kali Linux b) An intentionally vulnerable Linux VM designed for security practice c) A commercial vulnerability scanner d) A network monitoring tool

Question 6

What Nmap flag performs service version detection?

a) -O b) -sC c) -sV d) -A

Question 7

Which of the following is NOT a valid reason for maintaining an isolated hacking lab?

a) Legal protection — testing only authorized systems b) Safe experimentation — ability to crash systems without consequences c) Anonymity — hiding your identity while conducting attacks d) Reproducibility — ability to save and restore VM states

Question 8

What is a Type 2 hypervisor?

a) A hypervisor that runs directly on bare metal hardware b) A hypervisor that runs as an application on top of a host operating system c) A hypervisor that supports only two virtual machines d) A hypervisor that requires a cloud subscription

Question 9

In the recommended lab architecture, how many network adapters should the Kali VM have?

a) One — Host-Only only b) Two — Host-Only for lab communication plus NAT for Internet access c) One — Bridged Adapter for full network access d) Three — Host-Only, NAT, and Bridged

Question 10

What is the purpose of taking VM snapshots before starting exercises?

a) To improve VM performance b) To back up the VM to the cloud c) To save the VM's state so it can be restored if something goes wrong d) To share the VM with other students

Short Answer Questions

Question 11

Explain why target VMs (like Metasploitable 2) should NEVER have Internet access in your lab. Describe at least two specific risks if this rule is violated. (3-5 sentences)

Question 12

You are setting up your lab and a classmate suggests using "Bridged Adapter" mode for all VMs "so they can all communicate easily." Explain why this is a bad idea and what network mode(s) you should use instead. (3-5 sentences)

Question 13

Describe three benefits of Docker-based vulnerable targets compared to full virtual machine targets. Also describe one situation where a full VM is preferable to a Docker container. (4-6 sentences)

Question 14

Explain the difference between DVWA security levels (Low, Medium, High, Impossible). How should a beginner approach these different levels? (3-5 sentences)

Question 15

List five essential tools that come pre-installed with Kali Linux and briefly describe what each tool is used for. (5 sentences, one per tool)

Practical Questions

Question 16

Write the exact Nmap command you would use to perform each of the following scans against a target at 192.168.56.102:

a) Scan the top 1000 TCP ports b) Scan all 65535 TCP ports c) Detect service versions on open ports d) Run default Nmap scripts against the target e) Perform an OS detection scan

Question 17

You have just completed your Kali Linux installation and Metasploitable 2 deployment. Describe the exact steps you would take to verify that:

a) Your lab network is properly configured b) Kali can reach Metasploitable 2 c) Metasploitable 2 is isolated from the Internet d) Your Kali VM can access the Internet for updates

Include specific commands for each verification step.

Question 18

Compare and contrast HackTheBox and TryHackMe. Identify two strengths and one weakness of each platform. Recommend which platform a complete beginner should start with and justify your choice. (5-7 sentences)

Answer Key

  1. c) Host-Only. Host-Only networking creates an isolated network between VMs and the host with no external Internet connectivity.

  2. b) kali / kali. The pre-built VM images use kali/kali as the default credentials (earlier versions of Kali used root/toor).

  3. d) Bridged Adapter. This mode places VMs directly on your physical network, making vulnerable targets accessible to other devices and potentially to the Internet.

  4. b) To improve display performance, enable shared folders, and clipboard integration between host and guest.

  5. b) An intentionally vulnerable Linux VM designed for security practice. Created by Rapid7, it contains dozens of deliberately introduced vulnerabilities.

  6. c) -sV. The -O flag is for OS detection, -sC runs default scripts, and -A enables aggressive mode (which includes -sV, -sC, -O, and traceroute).

  7. c) Anonymity. A hacking lab is not about hiding your identity — it is about creating a safe, legal environment for practice. Ethical hackers operate transparently within authorized boundaries.

  8. b) A hypervisor that runs as an application on top of a host operating system. Examples include VirtualBox and VMware Workstation.

  9. b) Two — Host-Only for lab communication plus NAT for Internet access. The Host-Only adapter connects to the lab network, and the NAT adapter provides Internet access for updates.

  10. c) To save the VM's state so it can be restored if something goes wrong. Snapshots provide instant rollback capability.

  11. Target VMs like Metasploitable 2 are intentionally vulnerable and contain services with known exploits, default credentials, and misconfigurations. If a target VM has Internet access, anyone on the Internet could potentially discover and exploit those vulnerabilities, compromising your host system or network. Additionally, if you accidentally misconfigure your lab, malicious traffic from your testing could reach external systems, potentially causing legal issues. A vulnerable VM with Internet access is essentially an open invitation for real attackers to compromise your lab environment.

  12. Bridged Adapter mode places VMs directly on your physical network, meaning your intentionally vulnerable Metasploitable 2 would be visible to every device on your network — including roommates' computers, smart devices, and potentially your ISP. Any scanning or exploitation traffic would also traverse your physical network, potentially triggering alerts or affecting real systems. Instead, use Host-Only networking for lab communication (creating an isolated network only between your VMs and host) and a separate NAT adapter on your Kali VM only for Internet access when needed for updates.

  13. Docker containers start in seconds versus minutes for full VMs, use significantly less disk space and RAM, and can be deployed with a single command. This makes it easy to spin up multiple vulnerable web applications simultaneously for focused practice. Containers are also easy to reset — just stop and restart the container to return to the original state. However, a full VM is preferable when you need to practice OS-level attacks (privilege escalation, kernel exploits), simulate realistic network environments with multiple services, or test scenarios that require a full operating system stack (like Active Directory attacks).

  14. DVWA's security levels progressively increase the difficulty of exploitation. "Low" has no security controls — inputs are not sanitized and the application is trivially exploitable. "Medium" adds basic security measures (like simple input filtering) that can be bypassed with slightly more advanced techniques. "High" implements more robust defenses that require creative bypass techniques. "Impossible" shows the correct, secure implementation of each feature. Beginners should start at "Low" to understand how each vulnerability class works, then progress to "Medium" once comfortable, and use "Impossible" to understand how to code securely.

  15. Nmap is a network scanner used for host discovery, port scanning, and service enumeration. Burp Suite is a web application proxy used for intercepting and modifying HTTP traffic during web application testing. Metasploit Framework is an exploitation framework that provides a library of exploits, payloads, and auxiliary modules for penetration testing. Hydra is a fast network login cracker used for brute-forcing authentication on services like SSH, FTP, and HTTP. Wireshark is a network protocol analyzer used for capturing and inspecting network traffic at the packet level.

  16. a) nmap 192.168.56.102 b) nmap -p- 192.168.56.102 c) nmap -sV 192.168.56.102 d) nmap -sC 192.168.56.102 e) nmap -O 192.168.56.102

  17. a) Run ip addr show on both Kali and Metasploitable 2 to verify they have IP addresses in the same subnet (192.168.56.x). b) From Kali, run ping -c 4 192.168.56.102 (using Metasploitable 2's IP) — successful replies confirm connectivity. c) From Metasploitable 2, run ping -c 4 8.8.8.8 — this should timeout or return "Network is unreachable," confirming isolation. d) From Kali, run ping -c 4 8.8.8.8 via the NAT adapter — successful replies confirm Internet access for updates.

  18. HackTheBox strengths include its large library of realistic machines and its competitive ranking system that motivates continuous improvement. It also offers Pro Labs that simulate entire enterprise environments. A weakness is that it can be overwhelming for complete beginners due to minimal guidance. TryHackMe strengths include its guided, step-by-step learning approach and its in-browser attack boxes that eliminate setup friction. A weakness is that advanced users may find the guided format too hand-holding. A complete beginner should start with TryHackMe because its structured learning paths provide the foundational knowledge needed before tackling HackTheBox's more open-ended challenges.