1.2

Question 1

Software that has been designed for some nefarious purpose.

Answer 1

Malware

Question 2

Is a form of malware that performs some action and extracts a ransom from the user. Typically encrypts files on a system and then leaves them unusable.

Answer 2

Ransomware

Question 3

Is a piece of software that appears to do one thing (and may in fact, actually do that thing) but hides some other functionality.

Answer 3

Trojans

Question 4

Is a type of malware that self-replicates. It doesn’t need you to take any action. Uses the network as a transmission medium. Self propagates and spreads quickly.

Answer 4

Worms

Question 5

Potentially unwanted programs that may have adverse effects on a computer’s security or privacy. Frequently, these involve Adware or Spyware components and are used for revenue generation purposes.

Answer 5

Potentially unwanted programs (PUPs)

Question 6

A type of malware that operates only in Random Access Memory (RAM), never touching the filesystem. Makes it harder to detect.

Answer 6

Fileless Virus

Question 7

A type of server that is used by hackers to control bots.

Answer 7

Command and control

Question 8

A functioning piece of software that performs some task, under the control of another program.

Answer 8

Bots

Question 9

Is a type of malware that uses a system’s resources to mine cryptocurrency. This is really just a theft-of-service attack where an attacker is using the CPU cycles of someone else’s computer to do the cryptomining.

Answer 9

Cryptomalware

Question 10

A piece of code that sits dormant for a period of time until some event or date invokes its malicious payload. Often left by someone with a grudge against an organization.

Answer 10

Logic bombs

Question 11

Is malware that spies on users, recording and reporting on their activities. Typically installed without a user’s knowledge. It can record keystrokes (keylogging). It can monitor what websites and applications a user visits/uses.

Answer 11

Spyware

Question 12

A piece of software that logs all of the keystrokes that a user enters

Answer 12

Keyloggers

Question 13

Is a type of malware that allows a remote attacker to control a system as if they had physical access to it. Attacker can perform actions such as key logging, screen recording/screenshots, copy files, embed more malware.

Answer 13

Remote access Trojan (RAT)

Question 14

A form of malware that modifies core system files located in the Kernel of the Operating System. Can be invisible to the OS because it won’t be seen by the task manager. Also invisible to traditional anti-virus utilities. Originally a Unix technique.

Answer 14

Rootkit

Question 15

Programs that attackers install after gaining unauthorized access to a system to ensure that they can continue to have unrestricted access to the system, even if their initial access method is discovered and blocked.

Answer 15

Backdoor

Question 16

Unauthorized attempts to gain access to user accounts or systems by exploiting weaknesses in password security.

Answer 16

Password Attacks

Question 17

A type of password attack that uses a limited number of commonly used passwords and applies them to a large number of accounts.

Answer 17

Spraying Attack

Question 18

A type of password attack that uses a password-cracking program that uses a list of dictionary words to try to guess the password. Many common wordlists available on the internet. Wordlists can be customized by language or line of work.

Answer 18

Dictionary Attack

Question 19

When an attacker tries every possible combination of password until there is a match.

Answer 19

Brute force attack

Question 20

A category of Brute force attacks. When a list of users and hashes is obtained. Using high-performance GPU-based parallel machines to compare the hashes of a potential password with the stored password hash..

Answer 20

Brute force attack (Offline)

Question 21

A category of Brute force attacks. When the brute force attack occurs in real time against a system. Very slow and very easy to see by network security monitoring. Most accounts will lockout after a number of failed attempts.

Answer 21

Brute force attack (Online)

Question 22

Are optimized, pre-built sets of hashes. Saves time and storage space. Doesn’t need to contain every hash. Incorporating a ____________ will lead to remarkable speed increases for password cracking.

Answer 22

Rainbow table

Question 23

Refers to a situation where an attacker attempts to gain unauthorized access to sensitive information without the need to decipher or break encryption. In other words, the target data is in its original, readable form without any cryptographic protection.

Answer 23

Plaintext/unencrypted attack

Question 24

A type of attack that occurs when a physical element such as a flash drive is left for someone to use.

Answer 24

Physical Attacks

Question 25

Looks like a normal ________ cable but contains embedded electronics inside. Once connected, the cable downloads and installs malicious software.

Answer 25

Malicious Universal Serial Bus (USB) cable

Question 26

Used to dupe users into picking them up, plugging them into their machine, and accessing an attractive folder such as “HR data” or sensitive pictures”. Deliver malicious payload to the machine when files from the _______ are opened or downloaded.

Answer 26

Malicious flash drive

Question 27

The act of copying the information on the magnetic strip of a debit or credit card and using it to make a clone of your card.

Answer 27

Card cloning

Question 28

Physical devices built to intercept a credit card. These devices are placed on credit card readers to steal the data from the card.

Answer 28

Skimming

Question 29

Is the use of complex models to simulate functions of the brain. A means to impart analytical abilities to the things we use, from robot vacuum cleaners to smartphone apps, to digital assistants.

Answer 29

Adversarial Artificial Intelligence (AI)

Question 30

One of the attack vectors that attackers can use against Machine Learning (ML) systems. ML algorithms needs retraining or updating to make it effective against differing inputs. Each of these updates represents an opportunity to _____ the input data set.

Answer 30

Tainted training data for
machine learning (ML)

Question 31

Cross check and verify the training data, constantly retrain with new data (more data and better data), train the AI with possible poisoning

Answer 31

Ways to secure machine learning algorithms

Question 32

A type of attack that targets the vulnerabilities or weaknesses in the supply chain of a company or organization.

Answer 32

Supply-chain attacks

Question 33

• Customize your security posture
  o Full control when everything is in-house
• On-site IT Team can manage security better
  o The local team can ensure everything is secure
  o A local team can be expensive and difficult to staff
• Local team maintains uptime and availability
• System checks can occur at anytime
• No phone call for support
• Security changes can take time
  o New equipment, configuration, and additional costs.

Answer 33

on-premises security

Question 34

• Data is in a secure environment
  o No physical access to the data center
  o Third-party may have access to the data
• Cloud providers are managing large-scale security
  o Automated signatures and security updates
  o Users must follow security best-practices
• Limited downtime
  o Extensive fault-tolerance and around the clock monitoring
• Scalable Security options
  o One-click security deployments
  o This may not be as customizable as necessary

Answer 34

Cloud-based security

Question 35

Attacks against the cryptographic system.

Answer 35

Cryptographic Attacks

Question 36

Is a specific type of attack that exploits the ________ paradox to compromise the integrity or security of cryptographic systems. This attack is most commonly associated with hash functions and digital signatures. The __________ paradox refers to the probability that, in a relatively small group of entities, there is a higher chance of finding two entities with the same property than one might expect.

Answer 36

Birthday attacks

Question 37

A type of attack where two different inputs yield the same output of a hash function. When an attacker successfully finds a ___________ in a hash function, it means they have identified two different inputs that produce the same hash value. This situation can be exploited in various ways depending on the context and the specific application involved

Answer 37

Collision

Question 38

is a type of attack where an attacker intentionally forces a system to use older or weaker security protocols or cryptographic algorithms. The goal of this type of attack is to exploit vulnerabilities in outdated or less secure protocols.

Answer 38

Downgrade