1.0 Threats and Vulnerabilities

Question 1

Social engineering attack where the attacker views what the victim is typing by looking over the victims shoulder or passing by victims.

Answer 1

Shoulder Surfing

Question 2

A social engineering attack that uses a lie or false story to lead one or more people to believe something is true that is very much not true.

Answer 2

Hoax

Question 3

Type of social engineering attack that targets a group within an organization based on the patterns in a web page

Answer 3

Watering Hole Attack

Question 4

A type of Social Engineering that takes advantage of two reactions most people have to authoritative sources, such as bosses, VIPs and so on. Fear and respect.

Answer 4

Authority

Question 5

Can go hand in hand with authority, where a target can fell intimidated by someone that doesn’t have to be an authoritative figure.

Answer 5

Intimidation

Question 6

When the attacker tried to be a bit more understanding and nicer to the victim to get whatever they need out of the target.

Answer 6

Consensus

Question 7

Offering the victim or target something that they really want, specifically something that might be difficult to access or obtain.

Answer 7

Scarcity

Question 8

When people respond to others who like them or take time to know the victim developing a bond with the victim so they can be better at persuading and influencing the victim to get what they want.

Answer 8

Familiarity

Question 9

An attacker performs an action quickly to make it seem as if it is an urgent request to get what they need from the victim.

Answer 9

Urgency

Question 10

this involves the MAC (Media Access Control) address of the data being faked.

Answer 10

ARP Poisoning

Question 11

An attack method in which a daemon caches DNS reply packets, which sometimes contain other information (data used to fill the packets). The extra data can be scanned for information useful in a break-in or man-in-the-middle attack.

Answer 11

DNS Poisoning

Question 12

Registering domains that are similar to those for a known entity but based on a misspelling or typographical error.

Answer 12

Domain Hijacking

Question 13

Client side attack, initiated by the user by inadvertently running a Trojan Horse to grab communication between the client and the server, silently sending data the attacker wants to a third location.

Answer 13

Man-in-the Browser

Question 14

An attack that captures portions of a session to play back later to convince a host that it is still talking to the original connection.

Answer 14

Replay Attack

Question 15

Using multiple transparent or opaque layers to trick a user into clicking a button or link on another page when they had intended to click on the top page.

Answer 15

Clickjacking

Question 16

The interception of a valid computer session to get authentication information or other sensitive data

Answer 16

Session Hijacking

Question 17

Registering domains that are similar to those for a known entity but based on a misspelling or typographical error.

Answer 17

URL Hijacking

Question 18

A small library that is created to intercept API calls transparently.

Answer 18

Shimming

Question 19

Reprogramming a devices driver’s internals so that the device driver responds to all of the normal inputs and generates all the regular outputs but also generates malicious output.

Answer 19

Refactoring

Question 20

An attack that changes the source MAC Address

Answer 20

MAC Spoofing

Question 21

An attack that involves looking at repeated results in order to crack the WEP secret key.

Answer 21

IV Attack

Question 22

An attack in which a rogue wireless access point poses as a legitimate wireless service provider to intercept information that users transmit.

Answer 22

Evil Twin

Question 23

Purposely obstructing or interfering with a signal.

Answer 23

Jamming

Question 24

An authentication process that requires the user to do something in order to complete the enrollment process. Examples include pressing a button on the router within a short time period, entering a PIN, or bringing the new device close.

Answer 24

WPS

Question 25

The sending of unsolicited messages over a Bluetooth connection.

Answer 25

Bluejacking

Question 26

Attack that involves getting data from a Bluetooth device.

Answer 26

Bluesnarfing

Question 27

A technology that incorporates the use of electromagnetic coupling in the radio frequency (RF) portion of the spectrum to identify items uniquely (object, animal, person, credit cards, door access tokens, antishoplifting devices, and so on).

Answer 27

RFID

Question 28

Technology that enables communication between devices when they’re “touched” together. Often used to verify (often through RFID or Wi-Fi) that the device is present.

Answer 28

NFC

Question 29

An attack in which the intruder sends a frame to the AP with a spoofed address to make it look like it came from the victim and disconnects them from the network.

Answer 29

Disassociation Attack

Question 30

An attack in which the intruder sends a frame to the AP with a spoofed address to make it look like it came from the victim and disconnects them from the network.

Answer 30

Disassociation Attack

Question 31

Password attack stating that for any random group of 23 people, there is a 50% chance 2 of them have the same birthday

Answer 31

Birthday Attack

Question 32

A table of precomputed hashes used to guess passwords by searching for the hash of a password.

Answer 32

Rainbow Table Attack

Question 33

A password attack that uses a file of words and combinations. The attack tries every entry within the file when trying to guess the password.

Answer 33

Dictionary Attack

Question 34

A password attack that attempts to guess a password ,

Answer 34

Brute Force Attack

Question 35

When two different inputs into a cryptographic hash produce the same output, this is known as a collision.

Answer 35

Collision

Question 36

An attack that forces a system to downgrade its security.

Answer 36

Downgrade

Question 37

An attack that forces a system to downgrade its security.

Answer 37

Downgrade

Question 38

An attacker with very minimal skills.

Answer 38

Script Kiddies

Question 39

Attacker who launches attacks as a part of an activist movement or to further a cause.

Answer 39

Hacktivist

Question 40

Any sophisticated series of related attacks taking place over an extended period of time.

Answer 40

APT

Question 41

Anyone who has legitimate access to an organizations internal resources.

Answer 41

Insiders

Question 42

Anyone who has legitimate access to an organizations internal resources.

Answer 42

Insiders

Question 43

An information gathering technique in penetration testing where the pentester uses tools and techniques that may or may not avoid detection, but puts the attacker at risk.

Answer 43

Active Reconnaissance

Question 44

An information gathering technique in penetration testing where the pentester uses tools and techniques that make detection of activity difficult. The information is gathered without the targets knowledge and usually consists of open, available, and legal to acquire sources.

Answer 44

Passive Reconnaissance

Question 45

A step in pen-testing where the tester uses additional tools to gain additional information on the exploited computer or on the network

Answer 45

Pivot

Question 46

Type of Pen-test, where the tester has no knowledge of the environment prior to starting the test.

Answer 46

Black Box Testing

Question 47

Type of Pen-test, where the tester has some knowledge of the environment prior to the test.

Answer 47

Gray Box Testing

Question 48

A type of Pen-test where the tester has full knowledge of the environment prior to starting the test.

Answer 48

White Box Testing

Question 49

A method of testing targeted systems to determine if vulnerabilities can be exploited. This type of test is intrusive.

Answer 49

Penetration Testing

Question 50

Identifying specific vulnerabilities in your network. This type of scan is passive.

Answer 50

Vulnerability Scan

Question 51

An event that should be flagged but isn’t.

Answer 51

False Negative

Question 52

A flagged event that isn’t really an event and has been falsely triggered.

Answer 52

False Positive

Question 53

Operating system in a device, sometimes on a single chip.

Answer 53

Embedded System

Question 54

An application flaw that consumes memory without releasing it.

Answer 54

Memory Leak

Question 55

Putting too much information into too small of a space that has been set aside for numbers.

Answer 55

Integer Overflow

Question 56

Type of injection that injects Dynamic Link Library into memory and runs it. Attackers rewrite the DLL, inserting malicious code.

Answer 56

DLL Injection

Question 57

Denies users the capability of to address theses important issues, creating serious vulnerabilities.

Answer 57

Lack of Vendor Support

Question 58

A vulnerability that occurs when an organization has more systems than it needs, and systems it owns are underutilized.

Answer 58

System Sprawl