package com.SyP.learnethicalhacking.Utils;

import com.SyP.learnethicalhacking.Model.QuizCollectionModel;
import com.SyP.learnethicalhacking.Model.QuizModel;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Random;

/* loaded from: classes.dex */
public class QuizUtils {
    public static List<QuizCollectionModel> getPracticeQuizCollection(int i) {
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        ArrayList arrayList3 = new ArrayList();
        ArrayList arrayList4 = new ArrayList();
        ArrayList arrayList5 = new ArrayList();
        ArrayList arrayList6 = new ArrayList();
        ArrayList arrayList7 = new ArrayList();
        ArrayList arrayList8 = new ArrayList();
        ArrayList arrayList9 = new ArrayList();
        ArrayList arrayList10 = new ArrayList();
        ArrayList arrayList11 = new ArrayList();
        ArrayList arrayList12 = new ArrayList();
        ArrayList arrayList13 = new ArrayList();
        ArrayList arrayList14 = new ArrayList();
        ArrayList arrayList15 = new ArrayList();
        ArrayList arrayList16 = new ArrayList();
        ArrayList arrayList17 = new ArrayList();
        ArrayList arrayList18 = new ArrayList();
        ArrayList arrayList19 = new ArrayList();
        ArrayList arrayList20 = new ArrayList();
        arrayList2.add(new QuizModel("What is the primary goal of ethical hacking?", "To identify and fix security vulnerabilities before they are exploited", "To harm the organization's network", "To steal sensitive information from systems", "To test the performance of software", "Ethical hacking focuses on identifying vulnerabilities in systems and networks to fix them before malicious hackers can exploit them, ensuring better security for organizations."));
        arrayList2.add(new QuizModel("What does hacking involve?", "Gaining unauthorized access to a system or network", "Protecting systems from unauthorized access", "Gaining authorized access to systems", "Testing a system’s security measures", "Hacking typically involves unauthorized access to systems or networks, often with malicious intent or without the system owner’s consent."));
        arrayList2.add(new QuizModel("Which of the following distinguishes ethical hacking from traditional hacking?", "Ethical hackers are paid to find vulnerabilities, while traditional hackers seek to exploit them for personal gain", "Ethical hackers aim to harm systems, while traditional hackers work to protect systems", "Ethical hackers use different tools compared to traditional hackers", "Ethical hacking is performed without authorization, while traditional hacking is legal", "Ethical hackers are hired to find and fix vulnerabilities to improve system security, while traditional hackers exploit vulnerabilities for personal gain or to cause harm."));
        arrayList2.add(new QuizModel("Which of the following categories includes hackers who use their skills for malicious purposes and without authorization?", "Black Hat Hackers", "White Hat Hackers", "Blue Hat Hackers", "Green Hat Hackers", "Black hat hackers use their skills for malicious purposes, such as stealing data or causing harm to systems, and do so without authorization or consent from the system owners."));
        arrayList2.add(new QuizModel("Which of the following is a characteristic of black hat hackers?", "They engage in illegal activities for financial gain or malicious purposes", "They help organizations by identifying and fixing vulnerabilities", "They always work with the consent of the system owner", "Their primary goal is to improve system security ", "Black hat hackers engage in illegal activities and typically exploit vulnerabilities for financial gain, personal advantage, or to cause harm. Unlike white hat hackers, they do not have the consent of the system owner and aim to breach security rather than improve it."));
        arrayList2.add(new QuizModel("What is the main difference between gray hat hackers and black hat hackers?", "Gray hat hackers uncover vulnerabilities without the intent to exploit them for personal gain, unlike black hat hackers", "Gray hat hackers work with explicit permission from system owners, while black hat hackers do not", "There is no difference between gray hat hackers and black hat hackers", "Gray hat hackers have malicious intent, while black hat hackers aim to improve security", "Gray hat hackers often uncover vulnerabilities without malicious intent or personal gain, whereas black hat hackers exploit vulnerabilities for malicious purposes and personal advantage."));
        arrayList2.add(new QuizModel("What distinguishes white hat hackers from black hat hackers?", "White hat hackers use their skills to improve system security with permission, while black hat hackers exploit vulnerabilities for malicious purposes", "White hat hackers work without authorization, while black hat hackers work with permission from system owners", "White hat hackers engage in illegal activities for personal gain, while black hat hackers help protect systems", "There is no significant difference between white hat and black hat hackers", "White hat hackers are authorized to find and fix vulnerabilities to improve system security, while black hat hackers exploit those vulnerabilities for malicious and illegal purposes."));
        arrayList2.add(new QuizModel("What is a key characteristic of green hat hackers?", "They are beginners motivated to learn but may unintentionally cause harm due to their inexperience", "They are experienced and skilled professionals who help improve system security", "They have malicious intent and aim to exploit vulnerabilities for financial gain", "They work only with explicit permission to fix vulnerabilities", "Green hat hackers are typically newcomers to the hacking community, eager to learn and gain experience, but their lack of experience can sometimes lead to unintentional harm."));
        arrayList2.add(new QuizModel("What is the primary role of blue hat hackers?", "They are hired to test new software or systems for vulnerabilities before launch", "They exclusively protect systems from cyberattacks", "They aim to exploit systems for financial gain", "They work as internal security experts to protect systems within an organization", "Blue hat hackers are often hired to test software or systems for vulnerabilities before they are officially launched, ensuring they are secure from attacks."));
        arrayList2.add(new QuizModel("What distinguishes red hat hackers from ethical hackers?", "Red hat hackers use more aggressive and sometimes illegal methods to fight cybercriminals", "Red hat hackers work only with the authorization of the system owner, like ethical hackers", "Red hat hackers focus on protecting data and preventing attacks by external sources", "Red hat hackers aim to improve system security without using aggressive tactics", "Red hat hackers are known for using more aggressive, sometimes illegal methods to fight back against cybercriminals, while ethical hackers work with authorization and follow legal practices to improve security."));
        arrayList2.add(new QuizModel("Which of the following is an advantage of ethical hacking?", "It helps combat cyber terrorism and safeguard national security", "It allows hackers to steal sensitive data for financial gain", "It enables hackers to bypass security systems for personal benefit", "It promotes the spread of malware for disruption", "Ethical hacking helps in combating cyber terrorism by identifying and fixing security vulnerabilities, which strengthens systems and contributes to national security and protection from malicious threats."));
        arrayList2.add(new QuizModel("What is a potential disadvantage of ethical hacking?", "It can disrupt the normal operation of systems", "It ensures no privacy compromises occur", "It guarantees the complete prevention of cyber attacks", "It always leads to cost savings for a company", "A potential disadvantage of ethical hacking is that it may disrupt the normal operation of systems, especially when testing vulnerabilities that could cause temporary system outages or slowdowns."));
        arrayList2.add(new QuizModel("Why is ethical hacking considered crucial in the context of cyber threats?", "It ensures that systems are secure by identifying and fixing vulnerabilities before they can be exploited", "It encourages the development of new malicious hacking tools", "It focuses on stealing sensitive data for personal gain", "It helps to increase the number of hackers in the industry", "Ethical hacking is essential because it identifies and fixes vulnerabilities before they are exploited, strengthening security and preventing potential cyber attacks."));
        arrayList2.add(new QuizModel("Which of the following is a key responsibility of an ethical hacker before conducting an assessment?", "To obtain full authorization from the system owner", "To bypass the organization’s security measures without consent", "To expose vulnerabilities to the public to raise awareness", "To secretly exploit vulnerabilities for personal gain", "An ethical hacker must obtain full authorization from the system owner before conducting any assessment to ensure that all activities are legal and consensual."));
        arrayList2.add(new QuizModel("Which of the following is a limitation of ethical hacking?", "Ethical hackers may encounter false positives or false negatives during testing", "Ethical hackers are responsible for fixing vulnerabilities discovered during testing", "Ethical hackers can test every potential vulnerability in a system", "Ethical hackers always replicate the unpredictability of real-world attacks", "A limitation of ethical hacking is that ethical hackers may encounter false positives (incorrectly identifying issues) or false negatives (missing vulnerabilities) during testing, leading to inaccuracies."));
        arrayList2.add(new QuizModel("Which of the following is the first phase in the ethical hacking process?", "Reconnaissance", "Clearing tracks", "Access", "Scanning", "The first phase in ethical hacking is reconnaissance, where information is gathered about the target system or network, such as IP addresses and network architecture."));
        arrayList2.add(new QuizModel("What is the primary goal of the reconnaissance phase in ethical hacking?", "To collect detailed information about the target’s assets, such as IP addresses and network topology", "To directly exploit vulnerabilities in the target system", "To maintain access to the target system for long periods", "To clear any traces of the hacker’s activities", "The goal of the reconnaissance phase is to collect as much information as possible about the target system, such as IP addresses, domain names, and network topology, to prepare for further testing."));
        arrayList2.add(new QuizModel("What is the main purpose of the scanning phase in ethical hacking?", "To identify open ports, active devices, and services, and detect vulnerabilities in the system", "To remove traces of the hacker's activities from the target system", "To gather information about a target system using social engineering techniques", "To simulate a cyber attack and exploit vulnerabilities", "In the scanning phase, ethical hackers identify open ports, active devices, services, and vulnerabilities that can be exploited, allowing them to further assess the security of the system."));
        arrayList2.add(new QuizModel("What is the main objective of the 'Gaining Access' phase in ethical hacking?", "To exploit system vulnerabilities and gain unauthorized entry at different privilege levels", "To gather information using social engineering techniques", "To simulate an attack by flooding the target with excessive traffic", "To scan the target system for open ports and vulnerabilities", "The objective of the 'Gaining Access' phase is to exploit discovered vulnerabilities to gain unauthorized access to the target system, often using different privilege levels for deeper penetration."));
        arrayList2.add(new QuizModel("What is the primary goal of the 'Maintaining Access' phase in ethical hacking?", "To install backdoors or tools that allow continued access to the system", "To gain unauthorized access to the system", "To remove traces of the hacker's activities from the target system", "To identify vulnerabilities in the system", "The goal of the 'Maintaining Access' phase is to install backdoors or other methods that allow continued access to the system, enabling further testing or exploitation if needed."));
        arrayList2.add(new QuizModel("What is the primary goal of the 'Clearing Track' phase in ethical hacking?", "To erase evidence of the hacking activities and prevent detection", "To report findings to the target organization", "To fix vulnerabilities discovered during the attack", "To modify system settings and increase security", "The primary goal of the 'Clearing Track' phase is to erase any traces of the hacking activities to prevent detection by the target and to maintain the confidentiality of the ethical hacking process."));
        arrayList2.add(new QuizModel("What was the key cause of the Home Depot data breach?", "Using stolen third-party vendor credentials to infiltrate the network", "Gaining access through compromised employee credentials", "Installing malware through malicious apps on the website", "Exploiting vulnerabilities in the company's website", "The Home Depot data breach was caused by cybercriminals using stolen third-party vendor credentials to infiltrate the network and gain access to sensitive customer data."));
        arrayList2.add(new QuizModel("What is the primary function of a Botnet in cybersecurity?", "To control a network of infected computers for malicious activities", "To prevent unauthorized access to a system", "To detect and remove malware from a system", "To collect personal data from a victim's device", "A botnet is a network of infected computers that are controlled by cybercriminals to carry out large-scale malicious activities, such as launching distributed denial-of-service (DDoS) attacks."));
        arrayList2.add(new QuizModel("Which of the following is NOT a key element of information security?", "Usability", "Confidentiality", "Availability", "Integrity", "Usability is not considered a key element of information security. The primary elements of information security are confidentiality, integrity, and availability (the CIA triad)."));
        arrayList2.add(new QuizModel("Which of the following is NOT a common motive behind information security attacks?", "Preventing Operational Efficiency", "Disrupting Business Continuity", "Creating Fear and Chaos", "Information Theft", "Preventing operational efficiency is not a typical motive behind information security attacks. Common motives include disrupting business continuity, creating fear, and stealing information for financial gain or competitive advantage."));
        arrayList2.add(new QuizModel("Which of the following best describes the threat category 'Botnets' in information security?", "A network of compromised devices controlled by cybercriminals to execute large-scale attacks", "A form of malware that encrypts files and demands a ransom for decryption", "An attack where a trusted individual misuses their access to harm an organization", "A vulnerability in cloud environments that allows unauthorized access to other customers' data", "Botnets refer to networks of compromised devices controlled by cybercriminals to carry out large-scale attacks, such as DDoS or sending spam emails."));
        arrayList3.add(new QuizModel("What is the primary purpose of footprinting in ethical hacking?", "To collect publicly available information about a target to identify potential security risks", "To launch an attack directly on the target system", "To exploit vulnerabilities within a network to steal sensitive information", "To gain unauthorized access to a system", "Footprinting in ethical hacking is the process of gathering publicly available information about a target to identify potential vulnerabilities or security risks without direct interaction with the target system."));
        arrayList3.add(new QuizModel("Which of the following is an advantage of Passive Footprinting?", "It carries no risk of detection since it only uses publicly available data", "It requires direct interaction with the target system to gather data", "It can alert the target about the footprinting activities", "It provides more detailed information than active footprinting", "The advantage of passive footprinting is that it carries no risk of detection, as it only uses publicly available data, such as domain names, IP addresses, and publicly shared files."));
        arrayList3.add(new QuizModel("Why is footprinting important in the ethical hacking process?", "It provides insights into vulnerabilities, minimizing the risk of causing damage", "It eliminates the need for additional security testing", "It ensures that the target system will be completely secure", "It helps ethical hackers avoid detection during an attack", "Footprinting is important because it helps ethical hackers gather information about potential vulnerabilities, enabling them to conduct more focused and less damaging security testing."));
        arrayList3.add(new QuizModel("Which of the following is a primary advantage of Open Source Intelligence (OSINT)?", "It involves minimal risk of detection, as it only gathers publicly available information", "It relies heavily on paid tools and services to collect data", "It provides real-time access to private and confidential data", "OSINT requires direct interaction with the target system to gather useful data", "A primary advantage of OSINT is that it involves minimal risk of detection because it only uses publicly available data, such as information from social media, websites, and other online sources."));
        arrayList3.add(new QuizModel("What is a key disadvantage of using Social Engineering as an intelligence-gathering technique?", "It is difficult to execute without understanding the target's environment and personnel", "It is an entirely automated process that does not require human interaction", "It often results in immediate access to all systems and confidential information", "It is highly dependent on technical vulnerabilities like firewalls and encryption", "A key disadvantage of social engineering is that it is difficult to execute successfully without a deep understanding of the target's environment and personnel, as it often involves manipulating human behavior to gain access to sensitive information."));
        arrayList3.add(new QuizModel("What is a potential disadvantage of using DNS Interrogation to gather intelligence?", "Misconfigured DNS servers can expose sensitive information, potentially alerting the target to security vulnerabilities", "It is impossible to conduct without specific access to the target's internal network", "It requires advanced technical skills that most hackers do not possess", "It always provides comprehensive and complete data, regardless of the target's security measures", "One potential disadvantage of DNS interrogation is that misconfigured DNS servers can expose sensitive information, which might alert the target to security vulnerabilities, making them aware of potential risks."));
        arrayList3.add(new QuizModel("What is a key disadvantage of using WHOIS Information Gathering for reconnaissance?", "WHOIS privacy services can obscure domain registration details, limiting the amount of available information", "The data gathered from WHOIS is always inaccurate and unreliable", "Frequent use of WHOIS lookup tools can provide more detailed information over time", "WHOIS data is not publicly available and requires special permissions to access", "WHOIS privacy services are often used to obscure domain registration details, which limits the amount of available information for ethical hackers during reconnaissance."));
        arrayList3.add(new QuizModel("What is a key characteristic of Passive Footprinting in ethical hacking?", "It gathers publicly available information without directly interacting with the target system, reducing the risk of detection", "It provides real-time access to a target's network and systems", "It requires interaction with the target to obtain sensitive data", "It involves scanning and probing the target system directly", "Passive footprinting is characterized by gathering publicly available information without directly interacting with the target system, which helps reduce the risk of detection."));
        arrayList3.add(new QuizModel("What is the primary advantage of gathering information through passive footprinting in ethical hacking?", "It avoids direct interaction with the target's system, reducing the risk of triggering defensive mechanisms", "It allows direct access to the target's network and systems for immediate action", "It requires probing the target's internal network to gather detailed intelligence", "It offers real-time data from the target's infrastructure for immediate use", "The main advantage of passive footprinting is that it avoids direct interaction with the target's system, reducing the risk of triggering any defensive mechanisms like firewalls or intrusion detection systems."));
        arrayList3.add(new QuizModel("Which of the following is a common source of publicly available information for ethical hackers during passive footprinting?", "Scraping website content, analyzing metadata, and reviewing public blogs and forums", "Exploiting technical vulnerabilities in the target’s software", "Directly accessing the target’s internal network and systems", "Using phishing techniques to gather sensitive information", "During passive footprinting, ethical hackers often gather publicly available information by scraping website content, analyzing metadata, and reviewing public blogs and forums."));
        arrayList3.add(new QuizModel("Which of the following techniques is commonly used in passive footprinting to analyze a target’s network infrastructure?", "Using tools like Shodan and Censys to search for exposed devices and services on the internet", "Directly probing the target’s servers for detailed information", "Performing social engineering attacks to gain network-related details", "Scanning the target’s internal network for vulnerabilities", "In passive footprinting, tools like Shodan and Censys are commonly used to search for exposed devices and services on the internet, revealing valuable network infrastructure details without direct interaction with the target system."));
        arrayList3.add(new QuizModel("What type of information can be uncovered through a DNS Zone Transfer?", "Subdomains, IP addresses, and service-related information for the domain", "The password-protected files stored on a target's server", "Detailed logs of the target’s employee activity", "Real-time network traffic from the target’s infrastructure", "A DNS Zone Transfer can uncover information such as subdomains, IP addresses, and service-related data about a domain, which can provide valuable insights for further reconnaissance."));
        arrayList3.add(new QuizModel("Which of the following is an important aspect to analyze when performing domain name analysis?", "The historical data of the domain, including old website content or previous owners", "The real-time behavior of the target’s internal employees", "The strength of the target’s firewall configurations", "The content of private files stored on the target’s network", "When performing domain name analysis, it is important to analyze the historical data of the domain, including old website content or previous owners, to uncover valuable insights about its structure and possible vulnerabilities."));
        arrayList3.add(new QuizModel("What distinguishes Active Footprinting from Passive Footprinting?", "Active Footprinting involves directly interacting with the target system, while Passive Footprinting uses publicly available data without direct interaction", "Active Footprinting relies on public data sources, while Passive Footprinting directly interacts with the target system", "Active Footprinting is less likely to be detected compared to Passive Footprinting", "Active Footprinting can only be used after the target system has been breached", "Active Footprinting differs from Passive Footprinting because it involves directly interacting with the target system to gather information, whereas Passive Footprinting relies on publicly available data and does not involve direct interaction."));
        arrayList3.add(new QuizModel("Which of the following is a potential disadvantage of using active footprinting techniques like pinging and port scanning?", "They may trigger alerts or be blocked by firewalls or intrusion detection systems (IDS)", "They provide less detailed information than passive techniques", "They are always undetectable and do not raise any security alarms", "They cannot be used to identify open ports or running services", "A potential disadvantage of active footprinting techniques like pinging and port scanning is that they may trigger alerts or be blocked by firewalls or intrusion detection systems (IDS), which could alert the target to the footprinting activity."));
        arrayList3.add(new QuizModel("What is a potential disadvantage of IP address scanning techniques like ping sweeps or subnet scanning?", "They can be easily detected by intrusion detection/prevention systems and may generate suspicious network traffic", "They do not provide any insight into the target network's layout or segmentation", "They are always undetectable by security systems and do not raise suspicion", "They help in identifying open ports but do not reveal any information about live systems", "IP address scanning techniques like ping sweeps and subnet scanning often generate detectable network traffic, making it possible for intrusion detection/prevention systems to identify them as suspicious activity."));
        arrayList3.add(new QuizModel("What is a disadvantage of banner grabbing during ethical hacking?", "The information gathered from banners may sometimes be misleading or intentionally obfuscated for security reasons", "It always provides accurate and up-to-date information about the target's services and software versions", "Banner grabbing can only be performed on HTTP services and does not work on other types of services", "Banner grabbing is a passive technique that cannot be detected by the target system", "Banner grabbing can be misleading because some services intentionally obfuscate or falsify banner information to mislead attackers, preventing accurate service and software version detection."));
        arrayList3.add(new QuizModel("What is a disadvantage of performing Traceroute Analysis during ethical hacking?", "Firewalls and intrusion prevention systems may block traceroute probes, preventing full visibility into the network topology", "Traceroute always reveals the complete network topology without any restrictions", "Traceroute cannot be used on systems with multiple intermediate routers", "Traceroute is always undetectable by the target system", "Firewalls or intrusion prevention systems may block or limit traceroute probes, leading to incomplete or inaccurate network topology information."));
        arrayList3.add(new QuizModel("Which of the following methods can be used to identify the network topology and structure during ethical hacking?", "Traceroute Analysis", "Social Media Scraping", "WHOIS Information Gathering", "DNS Zone Transfer", "Traceroute analysis helps ethical hackers identify the network structure by revealing the path and the intermediate routers between the source and destination systems."));
        arrayList3.add(new QuizModel("What is the primary purpose of Network Mapping (IP Range Scanning) in ethical hacking?", "To identify which devices are active on the network", "To analyze the content of publicly available websites", "To gather WHOIS information about a domain", "To discover vulnerabilities in web applications", "The primary purpose of IP range scanning in network mapping is to identify active devices on the network and their respective IP addresses."));
        arrayList3.add(new QuizModel("What is the main purpose of identifying active hosts and services in ethical hacking?", "To identify services running on hosts, allowing for vulnerability assessment", "To gather WHOIS data for domain names", "To determine the physical location of network devices", "To encrypt network traffic between devices", "The goal is to identify services running on hosts, which helps in assessing potential vulnerabilities and weaknesses."));
        arrayList3.add(new QuizModel("What is the primary purpose of port scanning in ethical hacking?", "To identify open ports and the services running on them", "To encrypt communications between devices", "To find the physical location of network devices", "To map out the network topology", "Port scanning is used to identify open ports and determine which services are running on those ports, which can highlight potential vulnerabilities."));
        arrayList3.add(new QuizModel("Which of the following is a key ethical guideline during the reconnaissance phase of ethical hacking?", "Respecting privacy and avoiding the collection of irrelevant personal information", "Gathering as much information as possible from internal systems", "Causing disruptions to test the security of target systems", "Using aggressive scanning methods to speed up the process", "During reconnaissance, it is important to respect privacy and avoid collecting irrelevant personal data, in order to maintain ethical standards."));
        arrayList3.add(new QuizModel("Why is obtaining permission essential in penetration testing?", "It minimizes the risk of legal consequences and ensures actions are within the defined scope", "It provides the opportunity to access sensitive data without restrictions", "It allows ethical hackers to access all systems and data freely", "It ensures that ethical hackers can bypass security mechanisms", "Obtaining permission ensures that penetration testing is conducted legally, within the agreed scope, and minimizes the risk of unintended consequences."));
        arrayList3.add(new QuizModel("Which of the following is a potential legal consequence of unauthorized footprinting?", "Civil lawsuits for damages caused by hacking activities", "Guaranteed job offers in cybersecurity", "Public recognition in the hacking community", "Automatic immunity from computer crime laws", "Unauthorized footprinting can lead to legal consequences such as civil lawsuits for damages caused by hacking activities, as it violates laws regarding unauthorized access."));
        arrayList3.add(new QuizModel("What is the primary purpose of interpreting the information collected during the footprinting phase of ethical hacking?", "To understand the target system's structure and security implications", "To report any discovered weaknesses immediately to the target organization", "To create a visual representation of the network", "To make the collected data available to the public", "The main purpose of interpreting the information from the footprinting phase is to understand the structure and security implications of the target system, allowing ethical hackers to plan effective attacks or security improvements."));
        arrayList3.add(new QuizModel("What is the primary goal of identifying attack vectors during the footprinting phase of ethical hacking?", "To identify potential paths an attacker could take to exploit vulnerabilities", "To prevent all security breaches within the network", "To develop a report on all open ports in the system", "To create a detailed map of the network infrastructure", "The goal is to identify potential attack vectors, or paths, an attacker could use to exploit weaknesses, enabling the ethical hacker to focus on securing those entry points."));
        arrayList3.add(new QuizModel("What is the main purpose of the executive summary in a footprinting report?", "To offer a high-level overview of the findings in a way that non-technical stakeholders can understand", "To assess the severity of the vulnerabilities found", "To provide detailed technical data for security experts", "To describe the methodology used during the testing phase", "The executive summary provides a non-technical overview of the findings, ensuring that even stakeholders without technical expertise can understand the risks and implications."));
        arrayList3.add(new QuizModel("Which of the following is a recommended measure to prevent information leakage regarding sensitive data on public-facing systems?", "Regularly auditing public resources and removing sensitive data like employee names and internal configurations", "Allowing WHOIS data to be publicly available for transparency", "Making DNS records publicly available to provide additional system details", "Exposing employee email addresses for easier communication with clients", "To prevent information leakage, organizations should regularly audit public resources and remove sensitive data, such as employee details and internal configurations, to minimize the risk of exploitation."));
        arrayList3.add(new QuizModel("Which of the following practices can help secure DNS infrastructure and prevent attackers from gathering sensitive information?", "Implementing DNSSEC to protect the integrity of DNS records", "Publishing all internal DNS records for transparency", "Disabling DNS audits to reduce administrative workload", "Allowing DNS zone transfers to all external IP addresses", "DNSSEC (Domain Name System Security Extensions) ensures the integrity and authenticity of DNS records, protecting the DNS infrastructure from attackers."));
        arrayList3.add(new QuizModel("Which of the following is a key privacy protection measure to prevent the exposure of sensitive personal information?", "Using encryption for sensitive data in transit and at rest", "Encouraging employees to share their internal job titles on social media for networking purposes", "Posting detailed employee job titles and contact information on public websites", "Allowing employees to use personal email addresses for all business communications", "Using encryption for sensitive data both in transit and at rest ensures that even if the data is intercepted, it cannot be read or misused."));
        arrayList4.add(new QuizModel("What is the primary goal of network scanning in ethical hacking?", "To identify active devices, open ports, services, and security weaknesses in a network", "To perform a complete backup of a network's data", "To monitor network traffic for unauthorized activities", "To find and exploit vulnerabilities for malicious purposes", "Network scanning is done to identify active devices, open ports, services, and security weaknesses, which helps in identifying vulnerabilities that can be patched."));
        arrayList4.add(new QuizModel("Which of the following is a key benefit of network scanning in ethical hacking?", "It helps prevent data breaches by identifying vulnerabilities early", "It is only useful for compliance purposes and not for security improvement.", "It automates the process of hacking a network for malicious purposes.", "It allows attackers to exploit vulnerabilities in a network.", "The key benefit of network scanning is that it helps prevent data breaches by identifying vulnerabilities early, allowing security teams to fix them before they can be exploited."));
        arrayList4.add(new QuizModel("What is the main difference between passive and active reconnaissance in network security?", "Passive reconnaissance collects publicly available information without interacting with the target network, while active reconnaissance involves directly interacting with the network to gather data", "Active reconnaissance is done without any interaction with the target network, while passive reconnaissance involves direct interaction.", "Passive reconnaissance involves scanning the network directly, while active reconnaissance does not.", "Passive reconnaissance uses tools like Nmap, while active reconnaissance relies on social media and domain name registries.", "The primary difference is that passive reconnaissance collects publicly available information (like WHOIS data) without directly interacting with the target, while active reconnaissance involves actively interacting with the target network."));
        arrayList4.add(new QuizModel("Which of the following best describes Active Scanning in network scanning?", "It involves sending probes or requests to a network to gather information and detect vulnerabilities", "It is a scanning technique that remains undetected by the target network", "It primarily focuses on analyzing publicly available data like WHOIS and DNS records", "It collects information about a network without directly interacting with it", "Active scanning involves sending requests or probes to gather data and detect vulnerabilities, which is a more direct and potentially detectable method of scanning."));
        arrayList4.add(new QuizModel("Which of the following is not a disadvantage of Active Scanning?", "It provides less detailed information compared to passive scanning", "It can trigger alerts or defensive measures from security tools", "It directly interacts with the target network, potentially making the system vulnerable to detection", "Active scanning can be detected by intrusion detection/prevention systems (IDS/IPS)", "The correct answer is that active scanning provides more detailed information compared to passive scanning, not less. Active scanning is intrusive and can trigger defensive alerts, whereas passive scanning is typically less detectable."));
        arrayList4.add(new QuizModel("Which of the following is a disadvantage of Passive Scanning?", "It may not identify all vulnerabilities or services running on the target", "It does not interact directly with the target system, making it less intrusive", "It can be easily detected by intrusion detection/prevention systems (IDS/IPS)", "It provides more detailed information than active scanning", "The disadvantage of passive scanning is that it may not identify all vulnerabilities or services because it relies on collecting information passively without actively probing the target system."));
        arrayList4.add(new QuizModel("Which of the following is a disadvantage of Stealth Scanning?", "It requires advanced tools or techniques to implement", "It provides more detailed information than passive scanning", "It is more likely to be detected by IDS/IPS systems", "It is faster than active scanning", "Stealth scanning may require advanced techniques or tools and can be harder to implement, as it seeks to avoid detection, making it more likely to be detected by IDS/IPS systems."));
        arrayList4.add(new QuizModel("Which of the following statements is true about filtered ports?", "Filtered ports do not respond to direct scans, often due to firewall rules", "Filtered ports are always closed and not accessible.", "Filtered ports are always open and allow all incoming traffic.", "Filtered ports are only blocked if the associated service is inactive.", "Filtered ports do not respond to direct scans because they are typically blocked by firewalls or other security devices, which prevents any response from the target system."));
        arrayList4.add(new QuizModel("Which of the following ports is commonly used for secure command-line access to remote servers?", "Port 22", "Port 80", "Port 21", "Port 443", "Port 22 is commonly used for SSH (Secure Shell), which is a protocol used for secure command-line access to remote servers."));
        arrayList4.add(new QuizModel("Which of the following statements is true about UDP scanning compared to TCP scanning?", "TCP scanning requires a handshake to establish a connection, while UDP scanning does not", "UDP scanning is more reliable because it ensures packet delivery and error correction", "TCP scanning does not require any response from the target, while UDP scanning always waits for a response", "UDP scanning is easier to detect because it uses a connection-oriented process", "UDP scanning does not require a handshake like TCP scanning does, making it a connectionless protocol, while TCP requires a connection to be established before scanning."));
        arrayList4.add(new QuizModel("What is the primary goal of vulnerability scanning in ethical hacking?", "To identify and assess potential security weaknesses before attackers can exploit them", "To monitor network traffic for unusual activity.", "To repair vulnerabilities after they are discovered.", "To encrypt sensitive data in a network.", "The primary goal of vulnerability scanning is to identify and assess potential security weaknesses that could be exploited by attackers before they become a serious threat."));
        arrayList4.add(new QuizModel("Which of the following is the first step in vulnerability scanning?", "Discovering systems and services in the network", "Automated vulnerability matching against known databases", "Assigning severity levels to identified vulnerabilities", "Identifying misconfigurations in the system", "The first step in vulnerability scanning is to discover systems and services in the network to ensure the scan targets the correct systems for identifying vulnerabilities."));
        arrayList4.add(new QuizModel("Which of the following vulnerability databases is maintained by MITRE and provides a unique identifier for known cybersecurity vulnerabilities?", "Common Vulnerability and Exposure (CVE)", "Threat Intelligence Feeds", "Vendor Security Advisories", "National Vulnerability Database (NVD)", "The CVE (Common Vulnerabilities and Exposures) database is maintained by MITRE and provides unique identifiers for known cybersecurity vulnerabilities."));
        arrayList4.add(new QuizModel("Which of the following is a key consideration when performing network scanning or penetration testing?", "Scanning without consent", "Social media scraping", "Bypassing Firewalls and IDS/IPS", "Using only HTTP requests", "A key consideration is always obtaining consent before performing any network scanning or penetration testing to avoid legal consequences and ensure that the testing is ethical and authorized."));
        arrayList4.add(new QuizModel("What is the main purpose of packet fragmentation in network scanning?", "Bypassing firewalls and IDS/IPS systems", "Improving scan speed", "Encrypting scan data", "Reducing packet size for faster transmission", "Packet fragmentation is used to bypass firewalls and IDS/IPS systems by breaking large packets into smaller pieces, making it harder for security systems to detect malicious traffic."));
        arrayList4.add(new QuizModel("What is the primary goal of using decoy scans in network scanning?", "To obfuscate the real source of the scan", "To encrypt scan traffic", "To increase scan speed", "To perform a distributed denial-of-service (DDoS) attack", "The primary goal of decoy scans is to hide the real source of the scan by using multiple decoy addresses, making it more difficult for the target to identify the actual origin of the scan."));
        arrayList4.add(new QuizModel("What is the primary purpose of source port manipulation in network scanning?", "To bypass firewall filters that block traffic from non-standard ports", "To encrypt scan traffic", "To increase scan speed", "To hide the destination port being scanned", "Source port manipulation helps bypass firewalls that may block traffic from non-standard ports by sending traffic from a port that is more likely to be allowed by the firewall."));
        arrayList4.add(new QuizModel("What is the main purpose of slow scanning in network scanning?", "To avoid detection by time-based IDS/IPS systems", "To increase scan speed", "To reduce the number of scan packets", "To encrypt scan traffic", "Slow scanning is used to avoid detection by time-based IDS/IPS systems, which may flag rapid scans as suspicious or malicious."));
        arrayList4.add(new QuizModel("What is the primary purpose of idle scanning in network scanning?", "To perform a scan without revealing the source of the scan", "To bypass firewalls", "To increase the speed of the scan", "To encrypt scan traffic", "Idle scanning allows a penetration tester to perform a scan without revealing the source IP of the scan, making it a stealthy technique."));
        arrayList4.add(new QuizModel("What is the primary advantage of SYN scanning in network scanning?", "It is stealthier because it doesn't complete the TCP handshake", "It increases scan speed by sending multiple packets at once", "It encrypts the scan traffic", "It bypasses firewalls by using random ports", "SYN scanning is stealthier because it only sends the initial SYN packet of the TCP handshake without completing it, making it harder to detect."));
        arrayList5.add(new QuizModel("What is the main purpose of enumeration in penetration testing?", "To actively gather detailed information about a target system", "To hide the identity of the penetration tester", "To identify the vulnerabilities in the target's firewall", "To perform passive information-gathering", "Enumeration's main purpose is to actively gather detailed information about the target system to identify users, groups, services, and other data that may aid in exploiting vulnerabilities."));
        arrayList5.add(new QuizModel("Which of the following is NOT a technique used in enumeration during penetration testing?", "Brute-forcing passwords with a dictionary attack", "Nmap Scanning", "SMB Enumeration", "LDAP Queries", " Brute-forcing passwords is a type of attack aimed at gaining access, not a technique used for enumeration. Enumeration focuses on gathering information about a target, while brute-forcing is used to crack credentials after information has been gathered."));
        arrayList5.add(new QuizModel("Which of the following is a key difference between active and passive scanning in enumeration?", "Active scanning sends requests to detect hosts, while passive scanning listens to network traffic without sending requests", "Passive scanning identifies more hosts than active scanning", "Active scanning is less intrusive than passive scanning", "Active scanning requires more tools than passive scanning", "The key difference is that active scanning sends requests to detect hosts, while passive scanning listens to network traffic without actively interacting with the network."));
        arrayList5.add(new QuizModel("Which of the following is NOT a type of information typically enumerated during a penetration test?", "Sensitive passwords", "Network Resources and Shares", "Users and Groups", "Applications and Banners", "Sensitive passwords are not typically enumerated directly during the penetration testing phase, as they are not easily discoverable through enumeration techniques. However, users, groups, network resources, and banners are common enumeration targets."));
        arrayList5.add(new QuizModel("Why is enumerating network resources and shares important in a penetration test?", "To identify misconfigured file shares that may allow unauthorized access to critical data", "To assess the physical security of shared resources", "To gather information on network speed and bandwidth usage", "To track the number of network printers in the organization", "Enumerating network resources and shares helps identify misconfigured file shares that may provide unauthorized access to sensitive data, a potential security risk."));
        arrayList5.add(new QuizModel("Why is enumerating users and groups critical in a penetration test?", "To identify users with excessive privileges or weak passwords that could be exploited for unauthorized access", "To monitor the number of users accessing the system at any given time", "To track user login times and activity levels", "To gather information about the types of software used by users", "Enumerating users and groups helps identify accounts with excessive privileges or weak passwords that could be exploited for unauthorized access."));
        arrayList5.add(new QuizModel("Why is enumerating routing tables important in a penetration test?", "To identify misconfigured routes that could allow attackers to traverse between subnets and access sensitive systems", "To monitor real-time traffic flow and device communications", "To determine the bandwidth usage between devices in the network", "To analyze the number of devices connected to the network", "Enumerating routing tables helps identify misconfigurations that may allow attackers to bypass security measures and access sensitive systems."));
        arrayList5.add(new QuizModel("Why is auditing and service settings enumeration important during a penetration test?", "To identify potential gaps in monitoring and misconfigured services that could be exploited by attackers", "To determine the network bandwidth consumption of active services", "To analyze the number of users accessing system services", "To identify the physical location of network devices", "Auditing and service settings enumeration helps find misconfigurations or gaps in monitoring that could be exploited by attackers to gain access to systems or sensitive data."));
        arrayList5.add(new QuizModel("Why is enumerating machine names important during a penetration test?", "To identify systems with critical functions or known vulnerabilities based on naming conventions", "To monitor network traffic patterns between machines", "To assess the performance of machines on the network", "To determine the geographical location of network devices", "Enumerating machine names can reveal systems with critical functions or known vulnerabilities that attackers can exploit, often based on naming conventions."));
        arrayList5.add(new QuizModel("Why is banner grabbing an important technique during a penetration test?", "It helps identify the applications, versions, and underlying operating systems running on a system", "It is used to bypass firewalls and intrusion detection systems", "It allows for the identification of network traffic patterns", "It is used to detect malware within applications", "Banner grabbing is important because it allows attackers to identify applications, versions, and operating systems running on a system, which helps them find vulnerabilities."));
        arrayList5.add(new QuizModel("Why is SNMP and DNS enumeration important during a penetration test?", "They can provide attackers with detailed information about the network, including device configurations and internal domain names", "They are used to monitor network traffic patterns", "They prevent unauthorized access to network devices", "They allow attackers to disable network services", "SNMP and DNS enumeration can provide valuable information about network devices, configurations, and internal domain names, which can be exploited by attackers."));
        arrayList5.add(new QuizModel("What is the role of enumeration in network security?", "To identify potential vulnerabilities that could lead to unauthorized access", "To gather general information about the network infrastructure", "To prevent unauthorized access to sensitive information", "To encrypt network traffic for security", "The role of enumeration in network security is to identify potential vulnerabilities that could be exploited by attackers to gain unauthorized access or compromise the network."));
        arrayList5.add(new QuizModel("Which of the following is a method of enumeration that involves exploiting default credentials?", "Enumeration Using Default Password", "None of the above", "Brute Force Attack on Active Directory", "Enumeration Using Email ID", "Enumeration using default passwords involves exploiting default credentials on systems or applications to gain access, which is a common attack method during enumeration."));
        arrayList5.add(new QuizModel("What information can be extracted during DNS Zone Transfer?", "Hostnames, IP addresses, and usernames", "Encryption keys", "Network performance data", "Operating system details", "A DNS Zone Transfer can reveal hostnames, IP addresses, and usernames associated with the domain, providing critical information about the network's internal structure."));
        arrayList5.add(new QuizModel("What service is associated with port 135?", "Microsoft RPC Endpoint Mapper", "Global Catalog Service", "LDAP", "DNS Zone Transfer", "Port 135 is used for the Microsoft RPC Endpoint Mapper, which helps in locating other RPC services running on a machine."));
        arrayList5.add(new QuizModel("What is the service associated with port 445?", "SMB over TCP (Direct Host)", "NetBIOS Session Service", "SMTP", "SNMP", "Port 445 is used for SMB (Server Message Block) over TCP, allowing file sharing, printing services, and other network communication without needing NetBIOS."));
        arrayList5.add(new QuizModel("What does the 16th character in a NetBIOS name specify?", "Type of service running or name record type", "Device name", "Network protocol", "Operating system version", "The 16th character in a NetBIOS name specifies the type of service or the name record type, which indicates the specific service running on the machine."));
        arrayList5.add(new QuizModel("What is the role of an SNMP agent?", "Collects and organizes data from the managed device", "Secures network devices", "Manages user accounts", "Monitors network traffic", "An SNMP agent is responsible for gathering and organizing data from the device it is managing, which can then be used by an SNMP manager for monitoring and management purposes."));
        arrayList5.add(new QuizModel("What information can be enumerated using LDAP?", "Usernames, group memberships, email addresses", "File system permissions", "Network routing details", "Shared network resources", "LDAP (Lightweight Directory Access Protocol) is used for querying and modifying directory services like Active Directory, which stores information such as usernames, group memberships, and email addresses."));
        arrayList5.add(new QuizModel("What is a common use of NTP Enumeration in a network attack?", "To find unprotected NTP servers for DDoS amplification attacks", "To identify internal users and their passwords", "To map network topology for routing purposes", "To gain access to file shares on remote machines", "NTP enumeration is used to find vulnerable NTP servers that can be exploited for DDoS (Distributed Denial-of-Service) amplification attacks."));
        arrayList5.add(new QuizModel("What is the purpose of SMTP Enumeration?", "To identify valid email addresses on an SMTP server", "To enumerate user privileges on a system", "To find open ports on a target machine", "To discover shared folders on a network", "SMTP enumeration is used to identify valid email addresses on a mail server, often during reconnaissance to gather target information."));
        arrayList5.add(new QuizModel("What is DNS Enumeration used for?", "To gather DNS records, hostnames, and IP addresses during reconnaissance", "To discover misconfigured file shares", "To find open ports on a network", "To identify active users on a network", "DNS enumeration is used to gather DNS records, such as hostnames and IP addresses, which are valuable for network mapping and reconnaissance."));
        arrayList6.add(new QuizModel("Why is vulnerability analysis important?", "To identify weaknesses that could be exploited by attackers and mitigate risks", "To test the functionality of a new system", "To provide users with security training", "To increase the performance of a network", "Vulnerability analysis is crucial to identify system weaknesses and vulnerabilities, allowing organizations to mitigate potential risks before attackers exploit them."));
        arrayList6.add(new QuizModel("What is the primary difference between vulnerability, threat, and risk?", "Vulnerability is a weakness, threat is a potential danger, and risk is the probability and impact of a threat exploiting a vulnerability.", "Vulnerability is an attack method, threat is a risk factor, and risk is the likelihood of data breach.", "Vulnerability is a potential attack, threat is a weakness, and risk is the damage caused by an attack.", "Vulnerability is the risk, threat is the weakness, and risk is the potential attacker.", "Vulnerability refers to weaknesses in a system, a threat is a potential danger that could exploit these vulnerabilities, and risk is the likelihood and impact of a threat exploiting a vulnerability."));
        arrayList6.add(new QuizModel("Which of the following best describes the difference between Penetration Testing and Vulnerability Assessments?", "Penetration Testing focuses on critical systems and simulates attacks, while Vulnerability Assessments focus on non-critical systems and aim to identify and mitigate vulnerabilities.", "Penetration Testing is a comprehensive review of system assets, while Vulnerability Assessments only provide documentation of assets.", "Penetration Testing only gathers information, while Vulnerability Assessments provide detailed reports of attack scope.", "Penetration Testing is less intrusive than Vulnerability Assessments and doesn't focus on system vulnerabilities.", "Penetration Testing simulates real-world attacks to assess vulnerabilities, whereas Vulnerability Assessments involve identifying and cataloging potential weaknesses without simulating attacks."));
        arrayList6.add(new QuizModel("Which of the following statements best describes the difference between Penetration Testing and Vulnerability Assessments?", "Penetration Testing involves a simulated cyberattack carried out by ethical hackers, while Vulnerability Assessments are automated assessments that identify and categorize known software vulnerabilities.", "Penetration Testing identifies vulnerabilities in network architecture, while Vulnerability Assessments focus on business process weaknesses.", "Penetration Testing is ideal for lab environments, while Vulnerability Assessments are best suited for physical environments.", "Penetration Testing is solely focused on identifying known vulnerabilities, while Vulnerability Assessments simulate attacks on the system.", "Penetration Testing is conducted by ethical hackers simulating attacks, while Vulnerability Assessments rely on automated tools to scan for known weaknesses."));
        arrayList6.add(new QuizModel("What is the main risk of a software vulnerability in an application?", "Attackers can exploit the flaw to introduce malware or backdoors into the system, potentially allowing long-term access to sensitive systems.", "It leads to a complete system shutdown, rendering the system inoperable.", "It only affects the user interface, causing the application to be hard to navigate.", "It causes the software to crash, making it unusable.", "The main risk of a software vulnerability is that attackers can exploit it to introduce malicious software, gain unauthorized access, or compromise sensitive data."));
        arrayList6.add(new QuizModel("Which of the following is a primary cause of network vulnerabilities?", "Misconfigurations in firewalls or traffic routing.", "Inadequate encryption protocols in the network traffic.", "Outdated network cables or hardware.", "Overuse of software resources in the network.", "Misconfigurations, such as incorrect firewall rules or improper routing, are common causes of network vulnerabilities that can lead to unauthorized access or attacks."));
        arrayList6.add(new QuizModel("What is a significant risk arising from misconfigurations in system processes and configurations?", "Unauthorized modifications, trade secret leaks, and intellectual property theft.", "Enhanced network speed and data throughput.", "Improved user authentication protocols.", "Increased system uptime and network reliability.", "Misconfigurations in system processes can lead to vulnerabilities such as unauthorized access, data breaches, or theft of sensitive intellectual property."));
        arrayList6.add(new QuizModel("What are the two main factors that determine the potential risk of an insider threat?", "The level of access privileges granted to the employee and their ability to exploit vulnerabilities.", "The physical security of the organization's offices and data centers.", "The organization's use of encryption protocols and network firewalls.", "The external actors' attempts to breach the system and the organization's security budget.", "The risk of insider threats is primarily influenced by the access level and ability of insiders to exploit system vulnerabilities."));
        arrayList6.add(new QuizModel("Which of the following is a physical vulnerability that could pose a risk to an organization?", "Unauthorized access to server rooms.", "Lack of regular software updates for devices.", "Inadequate password management systems.", "Weak encryption protocols for network traffic.", "Physical vulnerabilities, such as unauthorized access to restricted areas like server rooms, can lead to serious security risks."));
        arrayList6.add(new QuizModel("What is the main consequence of a buffer overflow vulnerability?", "It may lead to system instability, crashes, or unauthorized access to system resources.", "It automatically closes the application to prevent further data manipulation.", "It strengthens the system’s ability to handle memory allocations.", "It causes data corruption due to buffer overflows in dynamic memory structures.", "A buffer overflow vulnerability can allow attackers to manipulate memory allocations, causing crashes or gaining unauthorized access to system resources."));
        arrayList6.add(new QuizModel("What is the primary focus of network-based scanning?", "Discovering vulnerabilities in network infrastructure such as routers, switches, and firewalls.", "Scanning the entire system for software vulnerabilities.", "Protecting the network from DDoS attacks.", "Scanning only the operating system for security flaws.", "Network-based scanning primarily targets vulnerabilities in network infrastructure like routers, switches, and firewalls, which could be exploited by attackers."));
        arrayList6.add(new QuizModel("What does host-based scanning primarily focus on?", "Vulnerabilities within individual devices or hosts like servers and workstations.", "Protecting the network from external attacks such as DDoS.", "Scanning the entire network for open ports and misconfigurations.", "Securing network devices like routers and firewalls.", "Host-based scanning focuses on identifying vulnerabilities within individual devices, such as servers, workstations, and other endpoints."));
        arrayList6.add(new QuizModel("What does application-level scanning primarily focus on?", "Vulnerabilities in software applications like web, mobile, and desktop applications.", "Flaws in network infrastructure such as routers and switches.", "Detecting physical security vulnerabilities like unauthorized access to server rooms.", "Security misconfigurations in servers and workstations.", "Application-level scanning identifies vulnerabilities within software applications, including web, mobile, and desktop applications, to prevent security breaches."));
        arrayList6.add(new QuizModel("What is the primary focus of database scanning?", "Identifying vulnerabilities in database configurations and access controls.", "Searching for vulnerabilities in network devices and services.", "Detecting issues in application software like web and mobile apps.", "Finding misconfigurations in server hardware and physical devices.", "Database scanning focuses on finding weaknesses in database configurations, access controls, and security settings."));
        arrayList7.add(new QuizModel("What is the primary goal of system hacking?", "Gaining unauthorized access or control over electronic systems.", "Improving system performance through updates.", "Providing technical support for system users.", "Securing systems against potential threats.", "The primary goal of system hacking is to gain unauthorized access or control over systems for malicious purposes."));
        arrayList7.add(new QuizModel("What is one of the primary purposes of system hacking?", "Gain access to personal data or sensitive organizational information.", "Provide technical support to users.", "Create backups of critical system files.", "Maintain system performance and stability.", "System hacking often aims to steal sensitive data or cause damage to systems and infrastructure."));
        arrayList7.add(new QuizModel("Which of the following is a password cracking tool?", "L0phtCrack", "Firewall", "Antivirus", "Cloud Storage Service", "L0phtCrack is a password cracking tool used to perform dictionary-based attacks against password hashes."));
        arrayList7.add(new QuizModel("Which of the following is a recommended practice to defend against password cracking?", "Create strong passwords by using 8-12 alphanumeric characters, combining uppercase and lowercase letters, numbers, and symbols.", "Avoid password expiration policies.", "Reuse old passwords for convenience.", "Store passwords in plain text for easy access.", "Creating strong and complex passwords is a key practice to defend against password cracking tools."));
        arrayList7.add(new QuizModel("Which of the following is an example of a Passive Online Attack?", "Wire Sniffing", "Phishing", "Dictionary Attack", "Shoulder Surfing", "Wire Sniffing is a passive attack where an attacker intercepts network traffic to capture sensitive data, such as passwords or account details."));
        arrayList7.add(new QuizModel("Which of the following is an example of a non-technical password attack?", "Dumpster Diving", "SQL Injection", "Brute Force Attack", "Phishing", "Dumpster Diving is a non-technical method of obtaining sensitive information, such as passwords, by searching through discarded documents or hardware."));
        arrayList7.add(new QuizModel("Which technique involves using precomputed tables to compare captured password hashes for cracking?", "Rainbow Table", "Brute Force Attack", "Man-in-the-Middle", "Phishing", "Rainbow Tables use precomputed hashes to quickly compare and crack password hashes, significantly speeding up the process."));
        arrayList7.add(new QuizModel("Which attack technique involves systematically trying every possible combination of characters to crack a password?", "Brute Force Attack", "Rule-based Attack", "Hash Injection Attack", "Dictionary Attack", "A Brute Force Attack tries every possible combination of characters until the correct password is found."));
        arrayList7.add(new QuizModel("Which attack technique involves the attacker intercepting and gaining access to the communication channels between the victim and the server?", "Man-in-the-Middle Attack", "Wire Sniffing", "Replay Attack", "Brute Force Attack", "A Man-in-the-Middle attack involves intercepting and manipulating communication between the victim and the server, often to steal sensitive information."));
        arrayList7.add(new QuizModel("What is the main goal of a privilege escalation attack?", "To gain administrative access by exploiting vulnerabilities", "To install malicious software without detection", "To steal sensitive data from the network", "To perform a denial-of-service attack", "Privilege escalation attacks aim to exploit system vulnerabilities to gain higher levels of access, often with administrative privileges."));
        arrayList7.add(new QuizModel("What is the difference between vertical and horizontal privilege escalation?", "Vertical privilege escalation involves gaining higher-level access, while horizontal involves impersonating users with the same access level.", "There is no difference between vertical and horizontal privilege escalation.", "Horizontal privilege escalation involves gaining higher-level access, while vertical involves impersonating users.", "Vertical privilege escalation involves impersonating users, while horizontal involves gaining administrative access.", "Vertical privilege escalation allows an attacker to gain higher access, while horizontal privilege escalation allows attackers to impersonate users with equal privileges."));
        arrayList7.add(new QuizModel("Which of the following is a recommended defense against privilege escalation?", "Use encryption techniques to protect sensitive data.", "Allow unrestricted logon privileges to enhance system convenience.", "Grant users administrative access when possible.", "Run applications with full access rights to ensure functionality.", "To defend against privilege escalation, it's important to limit user privileges and regularly monitor access control settings."));
        arrayList7.add(new QuizModel("What is the primary goal of attackers executing malicious applications?", "To gather sensitive information and potentially compromise the system.", "To ensure software updates are successfully deployed across the network.", "To protect the system from potential external threats.", "To enhance system performance and remove unwanted applications.", "Malicious applications often aim to steal sensitive data or compromise system security by exploiting vulnerabilities."));
        arrayList7.add(new QuizModel("Which of the following is NOT a legitimate use of keyloggers?", "Gathering sensitive information like passwords and banking details.", "Tracking and supervising children’s computer activity in a home environment.", "Monitoring employee activity in office settings.", "Allowing administrators to monitor keystrokes on authorized devices.", "While keyloggers can be used for monitoring, their main purpose is often to steal sensitive data like passwords."));
        arrayList7.add(new QuizModel("Which of the following is an effective way to defend against hardware keyloggers?", "Perform regular checks on all computers to ensure no unauthorized hardware devices are connected.", "Use keystroke interference software to insert randomized characters.", "Install and maintain up-to-date anti-spyware/antivirus software.", "Use a pop-up blocker to prevent malicious pop-ups.", "Regularly checking for unauthorized devices and using anti-spyware/antivirus software can help defend against hardware keyloggers."));
        arrayList7.add(new QuizModel("Which of the following is a common method of spyware propagation?", "Drive-by download", "Phishing emails", "Ransomware attachments", "Malicious USB drives", "Spyware is often spread through methods such as phishing emails or drive-by downloads, which trick users into installing malicious software."));
        arrayList7.add(new QuizModel("Which of the following is an effective way to defend against spyware?", "Download files only from trusted sources", "Avoid installing anti-spyware software", "Disable your firewall", "Use public Wi-Fi for online banking", "Downloading files only from trusted sources and using anti-spyware software can help protect against spyware attacks."));
        arrayList7.add(new QuizModel("Which of the following is NOT a typical type of rootkit?", "Memory Encryption Rootkit", "Hardware/Firmware Rootkit", "Application Level Rootkit", "Hypervisor Level Rootkit", "Memory Encryption Rootkits are not commonly classified among standard rootkit types like hardware, application, or hypervisor-level rootkits."));
        arrayList7.add(new QuizModel("Which of the following is a recommended defense strategy against rootkits?", "All of the above", "Ensure antivirus software includes rootkit detection capabilities", "Regularly update and patch operating systems and applications", "Limit the installation of unnecessary applications and disable unused features", "Using antivirus software with rootkit detection and regularly updating systems are key strategies to prevent rootkit attacks."));
        arrayList7.add(new QuizModel("Which of the following is a defense strategy against NTFS Alternate Data Streams (ADS)?", "All of the above", "Utilize tools like LADS and ADSSpy to detect hidden streams", "Use third-party file integrity checkers like Tripwire", "Transfer suspected files to a FAT partition", "Detecting ADS requires using tools like LADS and checking file integrity regularly with third-party tools."));
        arrayList7.add(new QuizModel("Which of the following is NOT a method of Steganography mentioned in the text?", "Folder Steganography", "Image Steganography", "Network Steganography", "Audio Steganography", "Folder Steganography is not typically classified as a standard method of Steganography, unlike image or audio-based techniques."));
        arrayList7.add(new QuizModel("Which of the following is NOT a method mentioned for covering tracks after gaining administrator access?", "Encrypting files", "Clearing logs", "Disabling auditing", "Modifying logs", "Encrypting files is typically not part of track-covering techniques; clearing or modifying logs and disabling auditing are more common methods."));
        arrayList7.add(new QuizModel("Which of the following tools is designed to clean the most recently used (MRU) lists on a computer?", "MRU-Blaster", "CCleaner", "Disk Cleanup", "Recuva", "MRU-Blaster is specifically designed to clean most recently used (MRU) lists, improving privacy and security."));
        arrayList8.add(new QuizModel("Which of the following is NOT a common way malware can enter a system?", "Firewalls", "IRC (Internet Relay Chat)", "Attachments", "Instant Messenger applications", "Firewalls are designed to block malware from entering the system; IRC, attachments, and instant messaging can all be ways for malware to spread."));
        arrayList8.add(new QuizModel("Which of the following types of malware is known for encrypting files and demanding a ransom for their release?", "Ransomware", "Worms", "Viruses", "Trojans", "Ransomware encrypts files and demands payment to decrypt them, making it one of the most financially driven types of malware."));
        arrayList8.add(new QuizModel("Which of the following is a common purpose of a Trojan?", "To disable antivirus software and create backdoors for remote access", "To steal login credentials through phishing", "To encrypt files and demand a ransom", "To spread automatically through networks without user interaction", "Trojans are designed to create backdoors for attackers to access systems remotely while often disabling security defenses."));
        arrayList8.add(new QuizModel("What is the primary purpose of a wrapper in malware?", "To combine a dropper, malicious code, and legitimate code into a single executable package", "To disguise the true nature of a Trojan", "To spread automatically through email attachments", "To encrypt files and demand a ransom", "A wrapper hides the true intent of malware by packaging it with legitimate programs or files, making it harder to detect."));
        arrayList8.add(new QuizModel("Which of the following types of Trojans allows attackers to control a victim's computer via a proxy server?", "Proxy Server Trojans", "FTP Trojans", "Botnet Trojans", "VNC Trojans", "Proxy Server Trojans allow attackers to control a victim’s system while using a proxy server to obscure their identity."));
        arrayList8.add(new QuizModel("What is the primary method through which viruses typically spread?", "File downloads and email attachments", "Direct user actions on the operating system", "Social media links", "Physical media only", "Viruses typically spread through file downloads and email attachments, where users unknowingly run the infected files."));
        arrayList8.add(new QuizModel("What is the main difference between a virus and a worm?", "A virus requires human intervention to spread, while a worm spreads autonomously", "A worm cannot replicate itself, but a virus can", "Viruses spread faster than worms", "A virus infects system resources, while a worm infects files", "The main difference is that worms spread autonomously, while viruses require some user action to spread."));
        arrayList8.add(new QuizModel("Which of the following types of viruses infects both the system boot sector and executable files?", "Multipartite Virus", "Stealth/Tunneling Viruses", "Encryption Viruses", "System or Boot Sector Viruses", "Multipartite viruses can infect both the system boot sector and executable files, making them more versatile and dangerous."));
        arrayList8.add(new QuizModel("What is a 'sheep dip' computer used for in malware analysis?", "Analyzing suspicious files and messages for malware in a controlled environment", "Creating malware samples for testing", "Building anti-virus software", "Running malware to track its behavior", "A sheep dip computer is used to analyze suspicious files in a controlled, isolated environment to avoid spreading malware."));
        arrayList8.add(new QuizModel("What is the primary function of the Neverquest Trojan?", "To steal sensitive information, such as banking login credentials and social networking account details", "To control a victim’s computer remotely for malicious purposes", "To send spam emails from the victim’s computer", "To create a backdoor for installing other malware", "Neverquest is designed to steal sensitive data such as banking credentials and social networking login details."));
        arrayList8.add(new QuizModel("What is the primary method used by Ransom Cryptolocker to encrypt files on the victim's system?", "It uses AES encryption with a randomly generated 256-bit key", "It uses RSA encryption with a fixed key", "It encrypts files using a user-provided password", "It locks files using an algorithm based on the system’s architecture", "Ransom Cryptolocker uses AES encryption with a randomly generated 256-bit key to encrypt the victim's files."));
        arrayList8.add(new QuizModel("What is the primary goal of the Darlloz worm?", "To create a botnet for distributed denial-of-service attacks", "To steal sensitive data from IoT devices", "To mine cryptocurrencies", "To encrypt files and demand ransom", "The Darlloz worm primarily targets IoT (Internet of Things) devices and turns them into part of a botnet, which can be used to conduct large-scale DDoS attacks."));
        arrayList8.add(new QuizModel("Which command can you use to display active connections and listening ports?", "netstat -an", "netstat -s", "netstat -l", "netstat -p", "The 'netstat -an' command displays active connections and listening ports on a system."));
        arrayList8.add(new QuizModel("Which process monitoring tool can help detect suspicious behavior from Trojans or backdoors?", "Process Monitor", "Task Manager", "Process Explorer", "Resource Monitor", "Process Monitor can provide detailed logs and help detect suspicious behavior by monitoring real-time system activity."));
        arrayList8.add(new QuizModel("Which tool allows you to scan the Windows Registry and search for specific registry values?", "RegScanner", "Regedit", "Registry Editor", "CCleaner", "RegScanner is a tool that enables you to scan and search the Windows Registry for specific registry values."));
        arrayList8.add(new QuizModel("What is the purpose of the tool DriverView?", "It displays a list of all device drivers currently loaded on the system", "It monitors system processes for suspicious activities", "It scans for malware in external storage devices", "It scans for Trojan infections in device drivers", "DriverView provides a list of all device drivers loaded on the system, making it easier to detect potential threats."));
        arrayList8.add(new QuizModel("What is the function of the Windows Service Manager (SrvMan)?", "It allows users to create, delete, and modify Windows services without restarting the system", "It scans for malware in Windows service processes", "It monitors suspicious activities in Windows services", "It provides detailed logs of Windows service activity", "Windows Service Manager allows users to manage Windows services without requiring a restart."));
        arrayList8.add(new QuizModel("Which of the following tools helps monitor and control programs that load at startup in Windows?", "Security AutoRun", "RegScanner", "Process Monitor", "DriverView", "Security AutoRun helps manage and monitor programs that automatically load at startup in Windows."));
        arrayList8.add(new QuizModel("Which tool is used to verify the integrity of critical system files that have been digitally signed by Microsoft?", "SIGVERIF", "Tripwire", "FCIV", "FastSum", "SIGVERIF is used to verify the integrity of critical system files and check for digitally signed files by Microsoft."));
        arrayList8.add(new QuizModel("Which tool can be used to monitor network traffic and identify suspicious activities transmitted over the web?", "Wireshark", "Capsa", "TCPView", "NetFlow", "Wireshark is a network protocol analyzer that can capture and analyze network traffic to detect suspicious activities."));
        arrayList8.add(new QuizModel("Which of the following actions can help reduce the risk of malware infections?", "Avoid opening email attachments from unknown senders", "Install software from untrusted sources", "Disable antivirus software", "Use weak, default configurations", "Avoiding email attachments from unknown senders is an important step to reduce the risk of malware infections."));
        arrayList8.add(new QuizModel("Which of the following actions is recommended to prevent backdoor infections?", "Educate users to avoid downloading from untrusted sites", "Install applications from untrusted sources", "Disable antivirus software", "Ignore software updates", "Educating users to avoid downloading from untrusted sites helps prevent backdoor infections."));
        arrayList8.add(new QuizModel("Which of the following is a recommended countermeasure for backdoor infections?", "Install and regularly update anti-virus software", "Avoid scanning disks before use", "Ignore pop-up blockers and firewalls", "Open attachments from unknown senders", "Regularly updating anti-virus software is a key countermeasure against backdoor infections."));
        arrayList9.add(new QuizModel("Which protocol is vulnerable to sniffing because it transmits data in plaintext?", "SMTP", "HTTPS", "SSH", "SFTP", "SMTP transmits email data in plaintext, making it vulnerable to sniffing attacks."));
        arrayList9.add(new QuizModel("Which type of sniffing involves injecting ARP packets into the network to overload a switch's CAM table?", "Active Sniffing", "Passive Sniffing", "Man-in-the-Middle Attacks", "DNS Spoofing", "Active sniffing involves injecting ARP packets into the network to intercept communications and potentially overload switches."));
        arrayList9.add(new QuizModel("Which type of wiretapping involves altering the communication as it flows between two parties?", "Active Wiretapping", "Lawful Interception", "PRISM Program", "Passive Wiretapping", "Active wiretapping involves altering the communication as it passes between two parties, often used for spying or attack purposes."));
        arrayList9.add(new QuizModel("Which of the following is a recommended defense against sniffing attacks?", "Use switches instead of hubs", "Allow network identification broadcasts", "Use HTTP for secure communications", "Disable encryption protocols", "Using switches instead of hubs can help minimize the chances of sniffing by ensuring that traffic is not broadcast to all network devices."));
        arrayList9.add(new QuizModel("Which of the following methods can help detect sniffing activities on a network?", "Using ARP probes to identify mismatched MAC addresses", "Checking for sniffing using a firewall", "Sending DNS requests to detect sniffers", "Monitoring for unusual traffic using HTTP", "ARP probes can help detect sniffing activities by identifying any mismatched MAC addresses in the network."));
        arrayList9.add(new QuizModel("Which of the following is a common method used in MAC-based network attacks?", "MAC Spoofing", "MAC Address Resolution", "MAC Address Filtering", "MAC Flooding", "MAC spoofing is a method where attackers change their MAC address to impersonate another device on the network."));
        arrayList9.add(new QuizModel("What happens when a switch’s CAM table is overflowed during a MAC Flooding attack?", "The switch broadcasts all incoming traffic to all its ports.", "The switch automatically reboots.", "The switch blocks all incoming traffic.", "The switch becomes unable to forward traffic.", "When the CAM table is full, the switch broadcasts all traffic to all ports, allowing attackers to intercept data."));
        arrayList9.add(new QuizModel("What is the primary goal of a MAC Spoofing attack?", "To change the MAC address of a device to impersonate another device on the network.", "To block the network traffic of other devices.", "To flood the network with random MAC addresses.", "To gain access to the network by guessing the network's password.", "The goal of MAC spoofing is to impersonate another device by changing the MAC address, potentially allowing unauthorized access."));
        arrayList9.add(new QuizModel("What is the primary function of the DHCP process?", "To assign IP addresses to DHCP-enabled clients on a network.", "To encrypt the communication between a client and a server.", "To block unauthorized access to network devices.", "To monitor network traffic for malicious activity.", "The DHCP process is responsible for dynamically assigning IP addresses to devices on a network."));
        arrayList9.add(new QuizModel("What is the goal of a DHCP Starvation Attack?", "To exhaust the available IP addresses in the DHCP server’s scope, preventing legitimate users from obtaining IP addresses.", "To encrypt all communications between network devices.", "To redirect all network traffic through a rogue device.", "To block access to the network by legitimate users.", "A DHCP starvation attack aims to exhaust the available IP addresses, preventing legitimate clients from obtaining one."));
        arrayList9.add(new QuizModel("What happens when a switch’s CAM table is full during an ARP request?", "The switch will flood the frame to all ports, except the one from which the frame was received.", "The switch will drop the ARP request and fail to process it.", "The switch will store the MAC address in a temporary buffer.", "The switch will broadcast a request to all nodes to learn the MAC address.", "When the CAM table is full, the switch floods the ARP request to all ports, making it susceptible to sniffing attacks."));
        arrayList9.add(new QuizModel("What is one of the potential consequences of an ARP Spoofing Attack?", "Session Hijacking", "Disabling all network devices", "Decreasing network performance", "Encrypting network traffic", "ARP spoofing can lead to session hijacking, where attackers intercept and potentially manipulate an active session."));
        arrayList9.add(new QuizModel("Which of the following is a tool used for ARP Poisoning?", "Cain & Abel", "Metasploit", "Nessus", "Wireshark", "Cain & Abel is a tool commonly used to conduct ARP poisoning attacks on a network."));
        arrayList9.add(new QuizModel("Which of the following best describes DNS Poisoning?", "DNS Poisoning involves sending fake DNS packets to the server, causing the injection of false entries into the DNS table, redirecting users to malicious websites.", "DNS Poisoning occurs when an attacker sends fake DNS packets to a target server, redirecting traffic to harmful sites.", "DNS Poisoning refers to the act of enhancing DNS server performance by removing entries from the cache.", "DNS Poisoning happens when DNS servers query multiple external servers for domain resolution without caching.", "DNS Poisoning is a technique used to inject false DNS entries into the DNS table, redirecting users to malicious websites."));
        arrayList9.add(new QuizModel("What is DNS poisoning, and how does it affect network security?", "It is an attack where attackers insert false DNS entries to redirect traffic to malicious servers.", "It is a method of encrypting DNS queries to improve security.", "It is the process of updating DNS caches with legitimate entries for faster access.", "It occurs when DNS servers are configured to prevent unauthorized access.", "DNS poisoning involves inserting false entries into the DNS database, causing DNS servers to redirect traffic to malicious servers controlled by attackers. This manipulation compromises the security and integrity of the DNS system, potentially leading to malicious activities like data theft or the spread of malware."));
        arrayList9.add(new QuizModel("Which of the following best describes Intranet DNS Spoofing?", "Intranet DNS Spoofing occurs over a Local Area Network (LAN), where an attacker uses ARP poisoning to intercept and redirect traffic by injecting fake DNS responses.", "Intranet DNS Spoofing is when the attacker uses DNS cache poisoning on a public DNS server to redirect traffic to harmful websites.", "Intranet DNS Spoofing is a technique where the attacker changes the DNS settings of a remote server to redirect its traffic to malicious sites.", "Intranet DNS Spoofing occurs when an attacker infects the DNS server directly to alter the DNS configurations for all machines in the network.", "Intranet DNS Spoofing occurs in a LAN environment, using ARP poisoning to redirect network traffic by injecting fake DNS responses."));
        arrayList10.add(new QuizModel("Which of the following is a key characteristic of Social Engineering?", "Social Engineering involves manipulating people into revealing valuable information without using technical attacks on systems or networks.", "Social Engineering is a method of using software tools to break into a network and extract confidential information.", "Social Engineering relies on physically tampering with computer hardware to gain access to information.", "Social Engineering involves hacking into a system to steal information from the network.", "Social Engineering manipulates people to reveal sensitive information, bypassing technical defenses and relying on human trust."));
        arrayList10.add(new QuizModel("Which of the following is a key vulnerability that makes organizations susceptible to social engineering attacks?", "Lack of employee training and awareness about social engineering tactics, combined with insufficient security policies, increases vulnerability to these attacks.", "Excessive reliance on automated security systems to detect and prevent social engineering attacks.", "Providing employees with unrestricted access to sensitive areas and data reduces the risk of social engineering attacks.", "Organizations that enforce strict physical access restrictions and monitor employee activities are more vulnerable to social engineering.", "The primary vulnerability to social engineering is the lack of employee awareness and training regarding these types of attacks."));
        arrayList10.add(new QuizModel("Which of the following is the correct order of phases in a Social Engineering attack?", "Research, Select Target, Relationship, Exploit", "Select Target, Research, Exploit, Relationship", "Relationship, Research, Exploit, Select Target", "Exploit, Relationship, Select Target, Research", "The typical order is: Research, Select Target, Relationship, Exploit, where the attacker prepares before exploiting the target."));
        arrayList10.add(new QuizModel("Which of the following is a common tactic used in Human-based Social Engineering?", "Impersonation, where attackers pose as legitimate individuals to deceive targets into disclosing sensitive information.", "Remote hacking into networks using brute-force attack methods to steal passwords and confidential data.", "Using technical malware to bypass system security and gain unauthorized access to sensitive information.", "Physical theft of company devices to access sensitive data stored on those devices.", "Impersonation is commonly used in social engineering to deceive targets into giving away sensitive information by pretending to be someone they trust."));
        arrayList10.add(new QuizModel("Which of the following is an example of a Human-based Social Engineering technique?", "Eavesdropping, where attackers secretly listen to conversations or monitor communications to gather information.", "Exploiting technical vulnerabilities in a system to gain unauthorized access to sensitive data.", "Brute-force attacks to break encryption and access protected files.", "Using advanced hacking tools to bypass security measures and steal credentials.", "Eavesdropping is an example of social engineering, where attackers listen in on conversations to gather sensitive information."));
        arrayList10.add(new QuizModel("Which of the following is a key characteristic of Spear Phishing?", "It is a targeted form of phishing aimed at a specific individual or group, often personalized based on research.", "It is a random phishing attempt, where attackers target a large group of individuals without any specific focus.", "It relies on brute-force attacks to crack passwords and gain access to private accounts.", "It involves using malware to gain access to systems by exploiting vulnerabilities.", "Spear phishing is highly targeted, often personalized based on specific information about the victim."));
        arrayList10.add(new QuizModel("What is a common tactic used in Mobile-based Social Engineering to steal sensitive information?", "Using SMS phishing to trick users into clicking on fake links to steal credentials.", "Exploiting operating system vulnerabilities to gain unauthorized access to users' devices.", "Installing malware via unsolicited phone calls that trick users into downloading malicious software.", "Publishing malicious apps that resemble popular, legitimate applications, causing users to unknowingly provide login credentials.", "Mobile-based social engineering often involves SMS phishing or publishing malicious apps that trick users into giving up sensitive data or login credentials."));
        arrayList10.add(new QuizModel("What can be a motivation for an Insider Attack within an organization?", "A disgruntled employee seeking revenge against the organization, or an employee supporting a competitor by leaking sensitive information.", "An external attacker attempting to exploit vulnerabilities in the organization’s network infrastructure.", "A government agency trying to gather intelligence on the organization for national security purposes.", "A hacker attempting to manipulate data for financial gain.", "Insider attacks are often motivated by personal revenge, financial gain, or collaboration with external threats, with employees misusing access to leak or manipulate sensitive information."));
        arrayList10.add(new QuizModel("What is a key component of identity theft?", "Stealing personal identification information to commit fraud, such as creating a fake ID or impersonating the victim.", "Tampering with public records to alter someone's personal details.", "Gaining unauthorized access to a company's confidential files for financial gain.", "Using malware to steal login credentials from a user’s device.", "Identity theft typically involves stealing personal information to commit fraud, such as creating fake IDs or impersonating the victim for financial or personal gain."));
        arrayList10.add(new QuizModel("What is the primary purpose of identity theft?", "To commit fraud by using stolen personal identification information.", "To gain access to someone's social media account.", "To sell stolen data to third parties.", "To steal someone's credit card information for online shopping.", "The primary purpose of identity theft is to commit fraud using stolen personal information, which can include opening bank accounts, taking loans, or making fraudulent purchases."));
        arrayList10.add(new QuizModel("Which of the following is a sign of a phishing email?", "The email uses a generic greeting and creates a sense of urgency.", "The email includes a detailed attachment explaining the deal.", "The email is personalized and asks for personal details in a secure manner.", "The email is sent from a known email address with no urgency or errors.", "Phishing emails typically use generic greetings and create a sense of urgency to trick recipients into revealing sensitive information."));
        arrayList10.add(new QuizModel("Which of the following is a key element of an organization's password policy?", "Implement periodic password changes, enforce complexity requirements, and lock accounts after failed login attempts.", "Allow employees to use their personal passwords as long as they remember them.", "Password secrecy isn't important as long as the password is long.", "Enforce password sharing across team members to maintain accessibility.", "A strong password policy includes complexity requirements, periodic changes, and account lockout mechanisms to prevent unauthorized access."));
        arrayList11.add(new QuizModel("What is the primary goal of a Denial-of-Service (DoS) attack?", "To disrupt or deny access to a system or network’s services.", "To install malware on a target machine.", "To gain unauthorized access to a network.", "To steal sensitive data from a system.", "A DoS attack aims to overwhelm or disrupt a system or network's ability to provide its services to legitimate users, typically by flooding the target with traffic."));
        arrayList11.add(new QuizModel("What is a key difference between a DoS and a DDoS attack?", "A DoS attack uses a single system, while a DDoS attack uses multiple compromised systems.", "A DoS attack uses botnets, while a DDoS attack does not.", "A DoS attack is illegal, but a DDoS attack is not.", "A DoS attack targets only mobile devices, while a DDoS attack targets desktops.", "A key difference is that a DoS attack comes from a single system, whereas a DDoS attack uses multiple compromised systems (botnets) to amplify the attack."));
        arrayList11.add(new QuizModel("What is the primary goal of Volumetric DoS/DDoS attacks?", "To overwhelm the target’s bandwidth capacity and reduce performance.", "To target the application layer of the OSI model to degrade services.", "To crash a target's firewall by consuming its connection state tables.", "To break down IP datagrams into smaller packets to exhaust resources.", "Volumetric attacks flood a network with massive amounts of traffic, consuming available bandwidth and causing a denial of service for legitimate users. These attacks aim to saturate the target's network link, making it unable to handle legitimate traffic."));
        arrayList11.add(new QuizModel("Which of the following is a characteristic of a Permanent Denial-of-Service (PDoS) attack?", "It targets hardware and aims to cause physical damage to the system.", "It uses multiple sources to send requests to overwhelm the target.", "It exploits vulnerabilities in peer-to-peer networks to launch the attack.", "It floods the application layer of a system with malicious requests.", "A PDoS attack targets hardware and can cause physical damage to the system, making it permanently unavailable."));
        arrayList11.add(new QuizModel("How are botnets typically established on a victim's system?", "By installing a bot through a Trojan Horse.", "By exploiting vulnerabilities in the operating system.", "By sending a phishing email with a malicious link.", "By manually infecting the system using a USB drive.", "Botnets are typically established on a victim's system by using malicious software like a Trojan Horse, which disguises itself as legitimate software or files. Once the Trojan is executed, it allows attackers to control the infected system and add it to the botnet."));
        arrayList11.add(new QuizModel("What is the primary characteristic of the Random Scanning Technique?", "It randomly selects IP addresses within the address space and scans them for vulnerabilities.", "It scans machines within the same local network for vulnerabilities.", "It targets a specific subnet to find vulnerable machines.", "It uses a predefined list of IP addresses to scan for vulnerabilities.", "The Random Scanning Technique involves randomly selecting IP addresses across a broad address space to scan for vulnerabilities."));
        arrayList11.add(new QuizModel("What is the key characteristic of Autonomous Propagation?", "The attacker sends malicious code to a compromised system, which then autonomously searches for other vulnerable systems.", "It requires the attacker’s system to host the toolkit that is transferred to the infected machine.", "It relies on a central source from where the toolkit is transferred to infected machines.", "It only targets systems within the same local network for infection.", "Autonomous Propagation refers to malicious code spreading itself by seeking out and infecting other vulnerable systems without requiring the attacker's direct intervention."));
        arrayList11.add(new QuizModel("Which of the following features is common to the tools Pandora DDoS Bot Toolkit, Dereil, and HOIC?", "They all launch DDoS attacks using multiple protocols such as TCP, UDP, and HTTP.", "They only target specific ports without the ability to customize attack parameters.", "They are only capable of launching HTTP-based attacks.", "They focus solely on TCP protocol-based attacks.", "These tools can launch DDoS attacks using multiple protocols, including TCP, UDP, and HTTP, providing flexibility in attacking various targets."));
        arrayList11.add(new QuizModel("Which mobile app is used to simulate both DoS and DDoS attacks, specifically an HTTP POST flood?", "AnDOSid", "LOIC", "Wireshark", "Termux", "AnDOSid is a mobile app designed to simulate DoS and DDoS attacks, specifically using HTTP POST flood techniques."));
        arrayList11.add(new QuizModel("Which of the following is NOT a countermeasure against DoS/DDoS attacks?", "Enabling Unnecessary Services", "Shutting Down the Services", "Absorbing the Attack", "Degrading Services", "Enabling unnecessary services makes the system more vulnerable to attacks, while countermeasures like absorbing the attack or degrading services help mitigate the impact of DoS/DDoS."));
        arrayList11.add(new QuizModel("Which technique is used to detect anomalies in both time and frequency components of network traffic?", "Wavelet-based Signal Analysis", "Detection Techniques", "Sequential Change-Point Detection", "Activity Profiling", "Wavelet-based Signal Analysis is used to detect anomalies in network traffic by analyzing both time and frequency components."));
        arrayList11.add(new QuizModel("Which of the following is a technique used to prevent malicious traffic from leaving a network?", "Egress Filtering", "Deflect Attacks", "Ingress Filtering", "TCP Intercept", "Egress Filtering prevents malicious traffic from leaving the network by controlling outbound traffic."));
        arrayList12.add(new QuizModel("Which of the following is a primary reason why session hijacking is successful?", "Weak session ID generation algorithms", "Secure handling of session IDs", "Account lockout mechanisms", "Complex session IDs", "Weak session ID generation algorithms are often a primary reason for successful session hijacking, as attackers can easily guess or predict the session IDs."));
        arrayList12.add(new QuizModel("Which of the following techniques is most associated with predicting session IDs?", "Brute-Forcing", "Guessing", "Network Sniffing", "Stealing", "Brute-forcing is commonly used to predict session IDs, where attackers attempt to guess valid session IDs through various methods."));
        arrayList12.add(new QuizModel("What is the primary purpose of predicting the sequence number during a session hijacking attack?", "To synchronize the connection between the attacker and the server", "To retrieve the session ID", "To take one of the parties offline", "To prevent the server from sending reset packets", "Predicting the sequence number helps synchronize the attacker's connection with the server's session, enabling them to hijack the session without disruption."));
        arrayList12.add(new QuizModel("Which of the following is NOT a method of compromising a session token in application-level session hijacking?", "Password guessing", "Session sniffing", "Cross-site request forgery attack", "Session replay attack", "Password guessing is not typically associated with application-level session hijacking, which generally involves session sniffing, session replay, and other techniques to steal session tokens."));
        arrayList12.add(new QuizModel("Which of the following is NOT a method used in application-level session hijacking?", "Brute-force password attack", "Session sniffing", "Predicting session tokens", "Man-in-the-middle attack", "Brute-force password attacks are unrelated to session hijacking; the methods listed in the other options focus on stealing or predicting session tokens."));
        arrayList12.add(new QuizModel("Which of the following is an attack where an attacker tricks the victim into authenticating with a known session ID?", "Session Fixation", "Session Replay Attack", "Cross-site Request Forgery (CSRF)", "Man-in-the-Middle Attack", "Session fixation occurs when an attacker forces a victim to use a known session ID, allowing the attacker to hijack the session once the victim authenticates."));
        arrayList12.add(new QuizModel("Which of the following is a network-level hijacking technique where the attacker intercepts and manipulates network traffic without the victim's knowledge?", "TCP/IP Hijacking", "Session Fixation", "DNS Spoofing", "Cross-Site Scripting (XSS)", "TCP/IP hijacking allows attackers to intercept and manipulate network traffic, taking control of communication between a client and server."));
        arrayList12.add(new QuizModel("Which of the following is a method used in TCP/IP hijacking to disrupt a victim's connection?", "Spoofing source IPs and sequence numbers", "Stealing session cookies", "Intercepting DNS requests", "Injecting RST packets", "TCP/IP hijacking involves taking control of an active communication session between two parties. One method used in this attack is spoofing source IPs and sequence numbers. This allows the attacker to impersonate one of the communicating parties, essentially gaining control of the session. The attacker sends fake packets with the correct sequence numbers and source IP addresses, tricking the victim's machine into believing it is communicating with the legitimate party."));
        arrayList12.add(new QuizModel("Which of the following tools is designed to intercept and modify traffic between a browser and a target application?", "Burp Suite", "JHijack", "Wireshark", "Zaproxy", "Burp Suite is a widely used tool for intercepting and modifying HTTP traffic, allowing attackers to analyze and manipulate communications between a client and server."));
        arrayList12.add(new QuizModel("Which of the following mobile tools is specifically designed to monitor HTTP packets and extract session IDs over a wireless network?", "DroidSheep", "Wireshark", "Burp Suite", "DroidSniff", "DroidSheep is a mobile tool designed to monitor wireless networks and extract session IDs, allowing attackers to hijack sessions over the network."));
        arrayList12.add(new QuizModel("Which of the following methods is recommended for protecting against session hijacking?", "Using short session keys", "Using Secure Shell (SSH)", "Disabling Intrusion Detection Systems (IDS)", "Allowing session IDs in URL query strings", "Using short session keys is an effective measure to minimize the impact of session hijacking by reducing the time window during which a session ID is valid."));
        arrayList12.add(new QuizModel("Which of the following is recommended to be followed by web developers to prevent session hijacking?", "Regenerate the session ID upon successful login", "Limit the lifespan of sessions or cookies", "Allow session IDs in URLs for easier access", "Avoid using HTTPS for secure transmission", "To prevent session hijacking, web developers should limit session lifespan, regenerate session IDs upon login, and always use HTTPS to protect sensitive data."));
        arrayList12.add(new QuizModel("Which of the following solutions should be used to prevent session hijacking in remote connections?", "VPN", "OpenSSH", "SSL", "SMB signing", "A VPN (Virtual Private Network) is an effective solution for securing remote connections and preventing session hijacking by encrypting traffic."));
        arrayList13.add(new QuizModel("Which of the following is a common reason for a web server to be compromised?", "Incorrect file and folder permissions", "Use of HTTPS", "Encryption configurations", "Limited user access to files", "Incorrect file and folder permissions are a common vulnerability that allows attackers to gain unauthorized access to sensitive data on web servers."));
        arrayList13.add(new QuizModel("Which of the following is NOT a common vulnerability that can compromise a web server?", "Secure network configurations", "Misconfigured SSL certificates", "Debugging features left enabled", "Incorrect file and directory permissions", "Secure network configurations typically prevent compromise; misconfigurations and debugging features left enabled can lead to vulnerabilities."));
        arrayList13.add(new QuizModel("Which of the following attacks exploits DNS server configurations to redirect traffic to a malicious server?", "DNS Server Hijacking", "DNS Amplification Attack", "Directory Traversal Attack", "DoS/DDoS Attack", "DNS server hijacking manipulates DNS server configurations to redirect traffic to a malicious server, often enabling phishing or malware attacks."));
        arrayList13.add(new QuizModel("Which of the following is a type of attack where the attacker tricks users into providing login credentials on a fake website?", "Phishing Attack", "Website Defacement", "Web Server Misconfiguration", "Man-in-the-Middle/Sniffing Attack", "Phishing attacks involve creating fake websites to trick users into entering their login credentials, often leading to identity theft or account compromise."));
        arrayList13.add(new QuizModel("What type of attack occurs when an attacker sends a request that splits the server's response, allowing the user to be redirected to a malicious website?", "HTTP Response Splitting Attack", "SSH Brute-force Attack", "Web Cache Poisoning Attack", "Web Application Attacks", "HTTP response splitting attacks exploit the server's response splitting vulnerability to redirect users to malicious websites."));
        arrayList13.add(new QuizModel("Which phase in web server attacks involves using tools like Whois, Traceroute, and Active Whois to gather information about the targeted organization?", "Information Gathering", "Vulnerability Scanning", "Session Hijacking", "Network Traffic Analysis", "The information gathering phase uses tools like Whois and Traceroute to gather intelligence on a target, helping attackers identify weaknesses in the organization's infrastructure."));
        arrayList13.add(new QuizModel("Which tool is specifically mentioned for mirroring a website in the Webserver Attack Methodology?", "HTTrack", "Metasploit", "Burp Suite", "Wireshark", "HTTrack is a tool used to mirror websites, which can be useful for attackers to replicate and analyze a website during reconnaissance in webserver attacks."));
        arrayList13.add(new QuizModel("What is the primary function of the Metasploit Payload Module?", "To create a communication channel between Metasploit and the compromised host", "To launch denial of service attacks", "To identify and scan for open ports", "To exploit vulnerabilities in operating systems", "The Metasploit Payload Module is used to create a communication channel between Metasploit and the compromised host, enabling attackers to execute commands remotely."));
        arrayList13.add(new QuizModel("Which of the following tools is used to fully customize HTTP requests and view raw HTTP data?", "Wfetch", "Nmap", "THC-Hydra", "Brutus", "Wfetch is a tool used to fully customize HTTP requests and view raw HTTP data, making it useful for testing web servers and analyzing web application vulnerabilities."));
        arrayList13.add(new QuizModel("Which of the following tools is used to automate web application security testing and detect threats such as SQL injection and XSS?", "Acunetix Web Vulnerability Scanner", "Syhunt Dynamic", "N-Stalker Web Application Security Scanner", "Wikto", "Acunetix Web Vulnerability Scanner is a widely used tool for automating web application security testing, specifically for detecting common vulnerabilities like SQL injection and XSS."));
        arrayList13.add(new QuizModel("Where should a web server be placed to ensure its security within a network?", "In the demilitarized zone (DMZ)", "In the internal network", "In a private cloud segment", "In the Internet segment", "Placing a web server in a DMZ (Demilitarized Zone) isolates it from internal systems, providing an additional layer of security against external attacks."));
        arrayList13.add(new QuizModel("What should be done before deploying service packs and security patches?", "Review all relevant documentation thoroughly", "Only apply patches if the system is heavily attacked", "Skip testing and deploy directly", "Apply the patches immediately", "Before deploying patches, it's essential to review all relevant documentation to ensure compatibility and avoid unforeseen issues."));
        arrayList13.add(new QuizModel("What should be done to defend against web server attacks related to ports?", "Regularly audit the server’s ports and limit inbound traffic to only essential ports", "Ignore port settings once the server is configured", "Leave all ports open for flexibility", "Only allow outbound traffic through port 80", "Regularly auditing and limiting open ports to only necessary ones is key to reducing the risk of attacks targeting unnecessary ports."));
        arrayList14.add(new QuizModel("Which of the following is NOT a common vulnerability in web applications?", "Strong password enforcement", "Cross-site scripting (XSS)", "Session hijacking", "SQL injection", "Strong password enforcement is a security measure, not a vulnerability, while XSS, session hijacking, and SQL injection are common web application vulnerabilities."));
        arrayList14.add(new QuizModel("Which of the following is NOT a feature of Web 2.0 applications?", "Static web pages", "Cloud computing services", "Dynamic, interactive content", "Social networking platforms", "Web 2.0 applications are known for dynamic, interactive content, social networking, and cloud computing services, whereas static web pages are more characteristic of older web applications."));
        arrayList14.add(new QuizModel("Which of the following levels represents the security mechanisms in the vulnerability stack?", "Level 7", "Level 4", "Level 1", "Level 6", "Security mechanisms are typically placed in the lower layers of the vulnerability stack to protect against threats."));
        arrayList14.add(new QuizModel("Which of the following web application threats involves injecting malicious scripts into web pages to target vulnerabilities in dynamically generated content?", "Cross-Site Scripting (XSS)", "Broken Access Control", "Cookie/Session Poisoning", "Improper Error Handling", "XSS involves injecting malicious scripts into web pages, targeting vulnerabilities in dynamic content."));
        arrayList14.add(new QuizModel("Which of the following web application threats involves attackers using security misconfigurations to gain unauthorized access, such as by using default accounts or unpatched flaws?", "Security Misconfiguration", "Unvalidated Input", "Unvalidated Redirects and Forwards", "Buffer Overflow", "Security misconfiguration occurs when attackers exploit flaws like default accounts or unpatched vulnerabilities to gain unauthorized access."));
        arrayList14.add(new QuizModel("Which web application threat involves an attacker manipulating hidden fields in a form to alter prices, product quantities, or other critical data?", "Hidden Field Manipulation Attack", "Authentication Hijacking", "Session Fixation Attack", "Web Services Attacks", "Hidden field manipulation involves modifying hidden fields in a form to alter critical data like prices or quantities."));
        arrayList14.add(new QuizModel("What is the main goal of a Denial-of-Service (DoS) attack?", "To overwhelm a website or server, making it unavailable to legitimate users", "To install malicious code on a target server", "To steal sensitive information from a server", "To exploit a server’s authentication mechanism", "The primary goal of a DoS attack is to overload a server or website, making it inaccessible to legitimate users."));
        arrayList14.add(new QuizModel("What is the primary risk associated with SQL injection attacks?", "Exposing sensitive data and manipulating the database", "Disabling the web server by overwhelming its resources", "Exposing users' personal information through phishing", "Injecting malicious HTML into a webpage", "SQL injection attacks can expose sensitive data and allow attackers to manipulate the database, leading to potential data breaches."));
        arrayList14.add(new QuizModel("Which of the following methods is used to identify hidden content on a web application?", "Web Spidering", "Whois Lookup", "Port Scanning", "DNS Interrogation", "Web spidering is a technique used to identify hidden content on web applications by systematically crawling the website."));
        arrayList14.add(new QuizModel("Which of the following is a web server attack tool used to detect vulnerabilities?", "Nikto", "Request Forgery Attack", "Hping", "WebInspect", "Nikto is a popular web server scanning tool that detects vulnerabilities such as outdated software and security misconfigurations."));
        arrayList14.add(new QuizModel("What type of injection attack allows attackers to manipulate an XPath query to interfere with the application's logic and retrieve sensitive data?", "XPath Injection", "Buffer Overflow", "OS Commands Injection", "SQL Injection", "XPath injection allows attackers to manipulate XPath queries, which can lead to unauthorized data access."));
        arrayList14.add(new QuizModel("What is one common technique used to determine the technologies running on a web server during web application analysis?", "HTTP Fingerprinting", "SQL Injection", "Brute Force", "XSS", "HTTP fingerprinting is a technique used to identify the technologies running on a web server by analyzing HTTP responses."));
        arrayList14.add(new QuizModel("Which attack involves exploiting predictable session ID generation to gain unauthorized access?", "Session ID Prediction", "Cross-Site Scripting", "Brute Force", "SQL Injection", "Session ID prediction attacks exploit weak or predictable session ID generation to gain unauthorized access to users' sessions."));
        arrayList14.add(new QuizModel("What is the primary risk when session tokens are transmitted over HTTP without the secure flag enabled?", "Session hijacking", "Denial of Service", "Cross-Site Scripting", "SQL Injection", "Transmitting session tokens without the secure flag over HTTP increases the risk of session hijacking, as attackers can intercept the tokens."));
        arrayList14.add(new QuizModel("What is the risk of using dynamic string concatenation to build database connection strings based on user input?", "SQL Injection", "Connection String Injection", "Session Hijacking", "Cross-Site Scripting", "Using dynamic string concatenation based on user input to build database connection strings can lead to SQL injection vulnerabilities."));
        arrayList14.add(new QuizModel("Which of the following tools can attackers use to conduct web service probing and attacks, such as SOAP injection and XML injection?", "SoapUI", "Metasploit", "Burp Suite", "Wireshark", "SoapUI is a tool that can be used for testing and probing web services, including SOAP and XML injections."));
        arrayList14.add(new QuizModel("Which of the following web application security tools allows attackers to intercept and modify both requests and responses in HTTP and HTTPS communication?", "Burp Suite Professional", "Nessus", "WebScarab", "Wireshark", "Burp Suite Professional is widely used for intercepting and modifying HTTP and HTTPS requests and responses, making it a powerful tool for web application security testing."));
        arrayList14.add(new QuizModel("What is the main function of CookieDigger in web application security?", "To analyze cookie generation and session management practices", "To encrypt sensitive cookies", "To intercept HTTP requests", "To scan for SQL injection vulnerabilities", "CookieDigger is used for analyzing cookie generation and session management practices to detect potential vulnerabilities in cookie handling."));
        arrayList14.add(new QuizModel("What is the primary purpose of URL Encoding in web applications?", "To convert data into a valid ASCII format for safe transmission over HTTP", "To convert binary data into ASCII characters", "To encode email attachments", "To represent special HTML characters", "URL encoding ensures that special characters in URLs are transmitted safely by converting them into a valid ASCII format."));
        arrayList14.add(new QuizModel("Which of the following is a recommended defense against SQL injection attacks?", "Validate and sanitize user input before passing it to the database", "Use public APIs for database connections", "Disable HTTP methods", "Avoid using databases in web applications", "Validating and sanitizing user input before passing it to the database is essential in preventing SQL injection attacks."));
        arrayList14.add(new QuizModel("Which of the following is a countermeasure against Cross-Site Request Forgery (CSRF) attacks?", "Log off immediately after using a web application and clear your browser’s history", "Use non-encrypted sessions for user authentication", "Always use insecure protocols for communication", "Disable JavaScript in browsers", "A recommended countermeasure against CSRF is the use of anti-CSRF tokens to verify requests, ensuring they originate from legitimate users."));
        arrayList15.add(new QuizModel("Which of the following is NOT a method to detect SQL Injection vulnerabilities?", "Hacking the Backend Database", "SQLMap Usage", "Penetration Testing", "Source Code Review", "SQL injection vulnerabilities are typically detected through methods like SQLMap, penetration testing, or source code review, but hacking the backend database is not a recommended detection method."));
        arrayList15.add(new QuizModel("Which of the following is a consequence of a successful SQL Injection attack?", "Information Disclosure", "Lack of Input Validation", "Compromised Availability of Data", "Authentication Bypass", "Successful SQL injection attacks can lead to information disclosure, where sensitive data from the database is exposed."));
        arrayList15.add(new QuizModel("Which of the following is a common SQL injection methodology?", "Union-based Attacks", "Brute Force Attacks", "Cross-site Scripting (XSS)", "Denial of Service (DoS) Attacks", "Union-based SQL injection attacks are commonly used to extract data from databases by combining multiple queries."));
        arrayList15.add(new QuizModel("Which of the following tools is specifically designed for attacking SQL Server?", "SQLDict", "None of the Above", "SQLExec", "SQL2.exe", "SQLDict is a tool specifically designed for attacking SQL Server by testing and exploiting weak passwords."));
        arrayList15.add(new QuizModel("Which of the following tools is used for auditing the strength of Microsoft SQL Server passwords?", "SQLDict", "SQLSmack", "SQL2.exe", "Sqlbf", "SQLDict is used for auditing the strength of Microsoft SQL Server passwords by testing a list of potential passwords."));
        arrayList15.add(new QuizModel("Which type of SQL Injection involves using a different communication channel, like DNS or HTTP requests, to exfiltrate data?", "Out-of-band SQL Injection", "Time-based Blind SQL Injection", "Error-based SQL Injection", "In-band SQL Injection", "Out-of-band SQL injection involves using a different channel, like DNS or HTTP requests, to exfiltrate data from the target system."));
        arrayList15.add(new QuizModel("Which type of SQL Injection uses database error messages to gain information about the database structure?", "Error-based SQL Injection", "Time-based Blind SQL Injection", "Out-of-band SQL Injection", "Blind SQL Injection", "Error-based SQL injection involves using database error messages to gather information about the structure of the database."));
        arrayList15.add(new QuizModel("What is the main benefit of using Stored Procedures to prevent SQL injection?", "They don't build SQL queries dynamically", "They allow for more complex SQL queries", "They improve database performance", "They automatically validate user inputs", "Stored procedures help prevent SQL injection by not dynamically constructing SQL queries, reducing the risk of malicious code execution."));
        arrayList15.add(new QuizModel("How do ORM frameworks help in preventing SQL injection?", "By automatically generating secure queries", "By restricting user access to the database", "By logging errors internally", "By displaying generic error messages to users", "ORM frameworks prevent SQL injection by automatically generating secure queries that avoid user input being directly inserted into SQL statements."));
        arrayList16.add(new QuizModel("What is a major disadvantage of Cloud Computing?", "Security Concerns", "Cost Efficiency", "Automatic Maintenance and Updates", "Scalability", "One of the major disadvantages of cloud computing is security concerns, as organizations rely on external providers to protect sensitive data."));
        arrayList16.add(new QuizModel("Which of the following is NOT one of the top languages for Cloud Computing?", "C Programming", "Python Programming", "SQL", "R Programming", "C Programming is not commonly used for cloud computing; Python, SQL, and R are more popular in the cloud computing environment."));
        arrayList16.add(new QuizModel("Which of the following is NOT a cloud service model?", "CaaS (Cloud as a Service)", "PaaS (Platform as a Service)", "SaaS (Software as a Service)", "IaaS (Infrastructure as a Service)", "CaaS (Cloud as a Service) is not a recognized cloud service model, whereas PaaS, SaaS, and IaaS are well-established models."));
        arrayList16.add(new QuizModel("Which cloud deployment model combines elements of both public and private clouds?", "Hybrid Cloud", "Public Cloud", "Community Cloud", "Private Cloud", "The hybrid cloud deployment model combines elements of both public and private clouds, offering flexibility in resource management."));
        arrayList16.add(new QuizModel("Which cloud service model focuses on providing infrastructure such as servers, storage, and network resources?", "Infrastructure as a Service (IaaS)", "Function as a Service (FaaS)", "Software as a Service (SaaS)", "Platform as a Service (PaaS)", "Infrastructure as a Service (IaaS) provides the necessary infrastructure such as servers, storage, and networking resources for cloud applications."));
        arrayList16.add(new QuizModel("Which of the following is recommended to secure the cloud architecture?", "A defense-in-depth strategy", "Only using a web application firewall", "Single Layer Defense", "Using no security measures", "A defense-in-depth strategy, which uses multiple layers of security controls, is essential for securing cloud architecture."));
        arrayList16.add(new QuizModel("Which of the following is a potential security issue in cloud computing?", "Data loss", "Lack of skilled personnel", "Data encryption", "None of the above", "Data loss is a potential security issue in cloud computing, as sensitive data might be lost due to system failures or improper management."));
        arrayList16.add(new QuizModel("Which of the following is NOT an operational benefit of cloud computing?", "Higher infrastructure costs", "Flexibility", "Efficiency", "Resilience", "Higher infrastructure costs are not a benefit of cloud computing, as the model is designed to lower infrastructure costs by leveraging shared resources."));
        arrayList16.add(new QuizModel("Which of the following is a threat to cloud computing where attackers try to manipulate or deceive individuals into revealing sensitive information?", "Social Engineering Attacks", "Denial-of-Service (DoS) Attacks", "SQL Injection Attacks", "Man-in-the-Middle (MITM) Attacks", "Social Engineering Attacks involve manipulating individuals to reveal confidential information, which is a significant threat to cloud environments."));
        arrayList16.add(new QuizModel("What does the frontend of cloud computing architecture refer to?", "The frontend refers to the client-side part of the cloud computing system.", "It is managed by the service provider and enforces security measures.", "It holds large-scale storage and virtual machines.", "It involves resource management and traffic control mechanisms.", "The frontend of cloud computing architecture typically refers to the user interface or client-side aspects of the system."));
        arrayList16.add(new QuizModel("Which of the following components in cloud computing refers to the hardware and software components like servers, storage, and networking devices?", "Infrastructure", "Runtime Cloud", "Security", "Client Infrastructure", "Infrastructure refers to the foundational hardware and software components of the cloud, including servers, storage, and networking."));
        arrayList17.add(new QuizModel("Which of the following is a common method attackers use to compromise mobile devices?", "Phishing or spam messages sent via SMS", "Using Bluetooth vulnerabilities", "Malware installed through mobile operating systems", "Exploiting untrusted apps", "Exploiting untrusted apps is a common method for attackers to compromise mobile devices, as malicious apps can bypass security controls."));
        arrayList17.add(new QuizModel("Which of the following is a key component of Android that manages various system resources and services?", "Linux Kernel", "Android Runtime", "Application Framework", "Libraries", "The Linux Kernel is a key component in Android, as it manages hardware resources and controls essential system services."));
        arrayList17.add(new QuizModel("Which of the following describes untethered jailbreaking for iOS?", "The device loses the patched kernel and requires re-jailbreaking after each restart.", "The device is partially nonfunctional after jailbreaking and requires re-jailbreaking with the same computer.", "Once jailbroken, the device remains jailbroken even after a reboot, with the kernel fully patched.", "The device can still be used normally until re-jailbroken after a restart.", "Untethered jailbreaking refers to a method where the device loses the patch or modification made to the system kernel after a reboot, meaning it must be re-jailbroken each time the device is restarted."));
        arrayList17.add(new QuizModel("What is a common risk of downloading untrusted APK files on Android devices?", "They may contain malicious software, granting attackers remote access to the device.", "They provide users with additional features from unofficial app stores.", "They can improve device performance by enhancing the operating system.", "They protect the device by filtering out harmful content.", "Untrusted APK files may contain malware that can grant attackers remote access to the device, putting sensitive data at risk."));
        arrayList17.add(new QuizModel("What is a potential risk of rooting an Android device?", "Rooting can void the device's warranty and make it susceptible to malware infections.", "Rooting prevents malware infections by securing the operating system.", "Rooting helps increase device speed without any associated risks.", "Rooting improves device performance and enhances security by giving users more control.", "Rooting a device can void its warranty and make it more vulnerable to malware infections, as it bypasses many security controls."));
        arrayList17.add(new QuizModel("What is the primary function of Mobile Device Management (MDM) software?", "MDM software monitors and oversees BYOD devices, enforcing security protocols and ensuring business continuity.", "MDM software allows employees to bypass security measures for easier device usage.", "MDM software is primarily used to improve the physical security of devices.", "MDM software tracks device location for marketing purposes.", "MDM software is designed to monitor and secure mobile devices, enforcing security policies and ensuring the safe use of devices in business environments."));
        arrayList17.add(new QuizModel("Which of the following is a major drawback of BYOD (Bring Your Own Device) policies?", "The potential for personal data to mix with corporate data, increasing the risk of security breaches.", "Employees can access corporate data more securely using personal devices.", "BYOD policies eliminate the need for corporate monitoring of device activity.", "Employees are less likely to install malicious apps on their personal devices.", "BYOD policies can lead to personal and corporate data mixing, which increases the risk of security breaches if devices are not properly secured."));
        arrayList17.add(new QuizModel("Which of the following is a responsibility of an administrator in managing network security?", "Develop robust security policies and implement complex password requirements.", "Allow users to bypass antivirus updates to improve device performance.", "Provide employees with unrestricted access to all network resources.", "Set up devices without enforcing security measures.", "Network administrators are responsible for developing strong security policies, implementing encryption, and enforcing complex password requirements."));
        arrayList18.add(new QuizModel("Which of the following is a key principle of cryptography?", "Data Confidentiality, Data Integrity, Authentication, and Non-repudiation.", "Encrypting data makes it impossible for attackers to access.", "Cryptography ensures that no one can read encrypted data.", "Cryptography is used solely for encrypting passwords.", "Cryptography involves ensuring data confidentiality, integrity, authentication, and non-repudiation, among other principles."));
        arrayList18.add(new QuizModel("Which of the following is a benefit of cryptography?", "Confidentiality, Security, Authentication, and Integrity.", "Cryptography can only be used to protect passwords.", "Cryptography makes it impossible to send messages securely.", "Cryptography only ensures data confidentiality.", "Cryptography offers multiple benefits, including confidentiality, security, authentication, and integrity, to protect sensitive information."));
        arrayList18.add(new QuizModel("Which of the following is a drawback of cryptography?", "It can be costly and cause delays in operations.", "It guarantees high availability of data.", "It prevents all types of system outages.", "It eliminates the need for access control systems.", "Cryptography can be computationally expensive, and its implementation may lead to delays and overhead in operations."));
        arrayList18.add(new QuizModel("Which classical cryptographic method was famously broken by Polish cryptanalysts during World War II?", "Enigma Machine", "Caesar Cipher", "Hebern Rotating Machine", "Vigenère Cipher", "The Enigma Machine was famously broken by Polish cryptanalysts during World War II, which played a key role in the Allied victory."));
        arrayList18.add(new QuizModel("Which cryptographic method is commonly used to ensure the security of transactions in digital currencies like Bitcoin?", "Hashing Algorithms", "Symmetric Key Encryption", "Digital Signatures", "Public Key Cryptography", "Hashing algorithms are used in cryptocurrencies like Bitcoin to secure transactions and ensure data integrity without requiring keys."));
        arrayList18.add(new QuizModel("Which of the following is an example of a symmetric key cryptographic algorithm?", "AES", "ECC", "RSA", "DSA", "AES (Advanced Encryption Standard) is a widely used symmetric key encryption algorithm that employs the same key for both encryption and decryption."));
        arrayList18.add(new QuizModel("Which of the following is an example of asymmetric key cryptography?", "RSA", "AES", "Triple DES", "Blowfish", "RSA is an example of asymmetric key cryptography, where different keys are used for encryption and decryption, providing strong security."));
        arrayList18.add(new QuizModel("Which of the following is a quality of a good hash function?", "Collision-resistant", "Reversible", "Constant-length hash size", "Easily decrypted", "A good hash function should be collision-resistant, meaning no two different inputs should produce the same hash value."));
        arrayList18.add(new QuizModel("Which of the following is a cryptographic algorithm used for encryption?", "AES", "SHA", "DES", "RSA", "AES (Advanced Encryption Standard) is a widely used cryptographic algorithm for secure data encryption."));
        arrayList18.add(new QuizModel("Which of the following algorithms is used for asymmetric encryption?", "RSA", "DES", "AES", "SHA", "RSA is an example of asymmetric encryption, where different keys are used for encryption and decryption."));
        arrayList18.add(new QuizModel("What is the main purpose of a digital signature?", "To bind an individual or entity to digital information", "To hide the identity of the sender", "To prevent message forwarding", "To ensure message encryption", "The main purpose of a digital signature is to bind an individual or entity to digital information, ensuring authenticity and integrity."));
        arrayList18.add(new QuizModel("What is the first step in the model of a digital signature process?", "The signer generates a hash of the data", "The signer uses the public key to generate the signature", "The receiver verifies the signature using the public key", "The verifier compares the hash values", "The first step in the digital signature process is for the signer to generate a hash of the data."));
        arrayList19.add(new QuizModel("What is a key vulnerability of the WEP encryption standard used in Wi-Fi networks?", "The use of a small initialization vector (24 bits) that leads to key reuse after a few packets", "The long duration of key security before requiring a change", "WPA2's vulnerability to brute force attacks", "The use of strong encryption methods like AES", "WEP is vulnerable due to the use of a small initialization vector, which leads to key reuse and makes it susceptible to attacks."));
        arrayList19.add(new QuizModel("Which of the following is a disadvantage of using Wi-Fi networks?", "Bandwidth limitations with increased device connections", "Easy installation", "Improved signal quality through Orthogonal Frequency-Division Multiplexing (OFDM)", "Mobility for users", "Wi-Fi networks face bandwidth limitations as more devices connect, which can lead to slower performance."));
        arrayList19.add(new QuizModel("Which of the following authentication methods involves a centralized server that verifies clients?", "Centralized Authentication", "Peer-to-Peer Authentication", "Shared Key Authentication", "Open Authentication", "Centralized Authentication involves a centralized server that verifies clients' credentials to control access to resources."));
        arrayList19.add(new QuizModel("Which wireless transmission standard offers a data rate of 54 Mbps and operates on the 2.4 GHz frequency?", "802.11g", "802.11a", "802.11b", "802.11n", "802.11g offers a data rate of 54 Mbps and operates on the 2.4 GHz frequency, making it a common Wi-Fi standard."));
        arrayList19.add(new QuizModel("Which Bluetooth attack allows hackers to send unsolicited messages to devices within range, but does not give access to the device's data?", "Bluejacking", "Bluesnarfing", "Bluebugging", "Bluesniping", "Bluejacking involves sending unsolicited messages to Bluetooth devices within range without accessing their data."));
        arrayList19.add(new QuizModel("Which of the following Wi-Fi attacks involves the attacker setting up a fake access point with the same or similar name as a legitimate one, intending to intercept sensitive data from users?", "Evil Twin Attack", "Misconfiguration Attacks", "Unauthorized/Ad-Hoc Connection Attacks", "Jamming Signals", "The Evil Twin Attack involves setting up a fake access point to intercept data from unsuspecting users connecting to it."));
        arrayList19.add(new QuizModel("Which of the following tools is used for sniffing TCP, UDP, DHCP, and ARP packets, and is commonly used in wardriving activities?", "Kismet", "Aircrack-ng", "WireShark", "OmniPeek", "Kismet is commonly used for sniffing network traffic in wardriving activities, including monitoring TCP, UDP, DHCP, and ARP packets."));
        arrayList19.add(new QuizModel("Which tool is used to crack 802.11 WEP keys using a dictionary-based approach and is available for the Linux platform?", "Aircrack-ng", "OmniPeek", "WepAttack", "InSSIDer", "Aircrack-ng is used to crack WEP keys using a dictionary-based approach, often on the Linux platform."));
        arrayList19.add(new QuizModel("Which of the following encryption protocols is considered outdated and vulnerable due to its ability to be easily cracked?", "WEP", "WPA", "AES", "WPA2", "WEP (Wired Equivalent Privacy) is outdated and vulnerable due to weaknesses in its encryption, making it easy to crack."));
        arrayList19.add(new QuizModel("Which encryption protocol uses 128-bit keys and 48-bit IV to ensure secure data transmission with replay detection?", "CCMP", "AES", "LEAP", "RADIUS", "CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) uses 128-bit keys and 48-bit initialization vectors for secure data transmission and replay protection."));
        arrayList20.add(new QuizModel("Which type of Intrusion Detection System (IDS) method detects deviations from the established normal behavior of users or system components?", "Anomaly Detection", "Signature Recognition", "Protocol Anomaly Detection", "False Positive", "Anomaly Detection identifies deviations from established normal behavior, which may indicate an intrusion or attack."));
        arrayList20.add(new QuizModel("Which type of Intrusion Detection System (IDS) is responsible for capturing network traffic and detecting patterns indicative of potential intrusions, such as Denial of Service (DoS) or port scanning?", "Network-Based Intrusion Detection Systems (NIDS)", "File Integrity Checking", "Log File Monitoring IDS (LFM IDS)", "Host-Based Intrusion Detection Systems (HIDS)", "Network-Based Intrusion Detection Systems (NIDS) capture network traffic to detect signs of potential intrusions such as DoS or port scanning."));
        arrayList20.add(new QuizModel("Which of the following is a limitation of firewalls?", "Filtering tunneled traffic effectively", "Prevention of social engineering attacks", "Protection against insider threats", "Protection against new viruses", "Firewalls are limited in their ability to filter tunneled traffic, which can bypass traditional filtering methods."));
        arrayList20.add(new QuizModel("Which firewall technology evaluates packet content at the application layer and combines features from packet filtering, circuit-level, and application-level firewalls?", "Stateful Multilayer Inspection Firewall", "Packet Filtering Firewall", "Application Proxy", "Circuit-Level Gateway Firewall", "Stateful Multilayer Inspection Firewalls combine features from packet filtering and circuit-level firewalls to analyze packet content at the application layer."));
        arrayList20.add(new QuizModel("Which type of firewall architecture uses multiple interfaces to allow for segmentation and enhanced security control, with each interface serving a specific security goal?", "Multi-homed Firewall", "Screened Subnet (DMZ)", "Bastion Host", "DeMilitarized Zone (DMZ)", "A Multi-homed Firewall architecture uses multiple interfaces for segmentation, allowing for enhanced security controls for different network segments."));
        arrayList20.add(new QuizModel("What is the primary purpose of a honeypot in cybersecurity?", "To act as a decoy and trap attackers trying to infiltrate the network", "To enhance the performance of network systems", "To monitor and log user activity for analysis", "To provide a secure access point for legitimate users", "The primary purpose of a honeypot is to act as a decoy and trap attackers, diverting them from critical systems while gathering intelligence."));
        arrayList20.add(new QuizModel("Which of the following is true about high-interaction honeypots in cybersecurity?", "They offer the most comprehensive level of interaction and capture detailed attack data.", "They simulate only a limited set of services and applications.", "They are primarily used to gather information about network scans and worm activity.", "They are designed to mimic actual production networks.", "High-interaction honeypots offer the most comprehensive level of interaction and capture detailed attack data by simulating a real system."));
        arrayList20.add(new QuizModel("Which of the following techniques can an attacker use to evade detection by an IDS by manipulating packet data to confuse the system?", "Overlapping Fragments", "Denial-of-Service (DoS) Attack", "Polymorphic Shellcode", "All of the above", "Overlapping fragments is one of the techniques attackers use to evade detection by manipulating packet data."));
        arrayList20.add(new QuizModel("Which of the following methods can attackers use to bypass firewalls?", "All of the above", "Firewalking", "Using Proxy Servers", "SSH Tunneling", "All of the listed methods, including firewalking, proxy servers, and SSH tunneling, can be used to bypass firewalls."));
        arrayList20.add(new QuizModel("Which of the following methods can be used to detect the presence of a honeypot?", "All of the above", "Use time-based TCP fingerprinting techniques for Honeyd honeypots", "Analyze the TCP window size for Layer 4 tar pits", "Investigate network congestion caused by Sebek logs", "All listed methods, including time-based TCP fingerprinting, analyzing TCP window size, and investigating Sebek logs, can be used to detect honeypots."));
        arrayList20.add(new QuizModel("Which of the following actions is most effective in defending against IDS evasion techniques?", "Use traffic normalization tools at the IDS", "Educate users to recognize attack patterns", "Block ICMP TTL expired packets", "Disable unused switch ports", "Using traffic normalization tools at the IDS is an effective defense against evasion techniques by ensuring the traffic is consistently analyzed."));
        arrayList20.add(new QuizModel("Which of the following is the most important action to defend against firewall evasion?", "Regularly monitor firewall logs and investigate suspicious entries", "Disable all FTP connections to or from the network by default", "Schedule periodic security audits to ensure the firewall is operating optimally", "Set up a remote syslog server and secure it from unauthorized access", "Regularly monitoring firewall logs and investigating suspicious entries helps detect firewall evasion attempts."));
        arrayList20.add(new QuizModel("Which method of attack detection relies on comparing current traffic to a baseline of expected behavior?", "Behavior-based Detection", "None of the above", "Protocol Anomaly-based Detection", "Signature-based Detection", "Behavior-based Detection compares current traffic to a baseline of expected behavior to identify deviations and potential threats."));
        arrayList20.add(new QuizModel("Which of the following evasion techniques involves disguising malicious payloads by altering their representation, such as using ASCII or hexadecimal encoding?", "Encoding", "Exploiting IDS Reassembly Timeouts", "Encryption", "Reducing Packet Count", "Encoding is a technique where attackers alter the representation of malicious payloads to evade detection, such as using ASCII or hexadecimal encoding."));
        ArrayList arrayList21 = new ArrayList();
        arrayList21.add(new QuizModel("Which of the following is a common vulnerability in IoT devices that involves unencrypted data transmission?", "Lack of Transport Encryption/Integrity", "Insecure Cloud Interfaces", "Insecure Network Services", "Insufficient Authentication/Authorization", "The lack of transport encryption or integrity is a common vulnerability in IoT devices, leaving data exposed during transmission."));
        arrayList21.add(new QuizModel("Which of the following tools is commonly used for vulnerability scanning in IoT devices?", "Firmalyzer", "JTAGulator", "Nmap", "KillerBee", "Firmalyzer is commonly used for scanning IoT devices for vulnerabilities, particularly focusing on firmware analysis."));
        arrayList21.add(new QuizModel("Which of the following is NOT one of the three basic components of an IoT system?", "IoT Gateways", "Sensing Technology", "The Cloud", "Middleware Layer", "IoT Gateways is not one of the basic components of an IoT system. The three primary components are Sensing Technology, Middleware Layer, and the Cloud."));
        arrayList21.add(new QuizModel("Which of the following operating systems is primarily used in low-powered devices such as wearables?", "ARM mbed OS", "Brillo", "RIOT OS", "Integrity RTOS", "ARM mbed OS is designed for Internet of Things (IoT) devices and is optimized for low-power, resource-constrained environments, making it well-suited for wearables and other small embedded systems."));
        arrayList21.add(new QuizModel("Which method of communication in IoT involves devices communicating through a gateway before reaching the cloud?", "Device to Gateway", "Back-End Data Sharing", "Device to Device", "Device to Cloud", "The 'Device to Gateway' communication method in IoT involves devices sending data to a gateway before it reaches the cloud for further processing."));
        arrayList21.add(new QuizModel("Which tool is commonly used for intercepting and modifying web traffic between devices and the internet?", "Fiddler", "Wireshark", "None of the above", "Nmap", "Fiddler is commonly used to intercept and modify web traffic, making it useful for debugging and security analysis."));
        arrayList21.add(new QuizModel("Which tool is primarily used for gathering information and mapping relationships between various data points for investigative tasks?", "Maltego", "Metasploit", "Wireshark", "Nmap", "Maltego is a tool used for mapping relationships and gathering information in investigative and reconnaissance tasks."));
        ArrayList arrayList22 = new ArrayList();
        arrayList22.addAll(arrayList2);
        arrayList22.addAll(arrayList3);
        arrayList22.addAll(arrayList4);
        arrayList22.addAll(arrayList5);
        arrayList22.addAll(arrayList6);
        arrayList22.addAll(arrayList7);
        arrayList22.addAll(arrayList8);
        arrayList22.addAll(arrayList9);
        arrayList22.addAll(arrayList10);
        arrayList22.addAll(arrayList11);
        arrayList22.addAll(arrayList12);
        arrayList22.addAll(arrayList13);
        arrayList22.addAll(arrayList14);
        arrayList22.addAll(arrayList15);
        arrayList22.addAll(arrayList16);
        arrayList22.addAll(arrayList17);
        arrayList22.addAll(arrayList18);
        arrayList22.addAll(arrayList19);
        arrayList22.addAll(arrayList20);
        arrayList22.addAll(arrayList21);
        Collections.shuffle(arrayList22);
        arrayList.add(new QuizCollectionModel("Collection 1", arrayList2));
        arrayList.add(new QuizCollectionModel("Collection 2", arrayList3));
        arrayList.add(new QuizCollectionModel("Collection 3", arrayList4));
        arrayList.add(new QuizCollectionModel("Collection 4", arrayList5));
        arrayList.add(new QuizCollectionModel("Collection 5", arrayList6));
        arrayList.add(new QuizCollectionModel("Collection 6", arrayList7));
        arrayList.add(new QuizCollectionModel("Collection 7", arrayList8));
        arrayList.add(new QuizCollectionModel("Collection 8", arrayList9));
        arrayList.add(new QuizCollectionModel("Collection 9", arrayList10));
        arrayList.add(new QuizCollectionModel("Collection 10", arrayList11));
        arrayList.add(new QuizCollectionModel("Collection 11", arrayList12));
        arrayList.add(new QuizCollectionModel("Collection 12", arrayList13));
        arrayList.add(new QuizCollectionModel("Collection 13", arrayList14));
        arrayList.add(new QuizCollectionModel("Collection 14", arrayList15));
        arrayList.add(new QuizCollectionModel("Collection 15", arrayList16));
        arrayList.add(new QuizCollectionModel("Collection 16", arrayList17));
        arrayList.add(new QuizCollectionModel("Collection 17", arrayList18));
        arrayList.add(new QuizCollectionModel("Collection 18", arrayList19));
        arrayList.add(new QuizCollectionModel("Collection 19", arrayList20));
        arrayList.add(new QuizCollectionModel("Collection 20", arrayList21));
        arrayList.add(new QuizCollectionModel("All", arrayList22.subList(0, i)));
        return arrayList;
    }

    public static List<String> getRandomList(List<String> list) {
        ArrayList arrayList = new ArrayList();
        String str = new String[]{"1234", "1243", "1324", "1342", "1423", "1432", "2134", "2143", "2314", "2341", "2413", "2431", "3124", "3142", "3214", "3241", "3412", "3421", "4123", "4132", "4213", "4231", "4312", "4321"}[new Random().nextInt(24)];
        String str2 = "";
        for (int i = 0; i < str.length(); i++) {
            int parseInt = Integer.parseInt(String.valueOf(str.charAt(i))) - 1;
            arrayList.add(list.get(parseInt));
            if (parseInt == 0) {
                str2 = String.valueOf(arrayList.size() - 1);
            }
        }
        arrayList.add(str2);
        return arrayList;
    }
}
