1.4

Question 1

Is a common networking technology that has a substantial number of standards and processes to connect users to networks via a radio signal, thus freeing machines from wires.

Answer 1

Wireless

Question 2

type of wireless network attack where a malicious actor sets up a rogue Wi-Fi hotspot with a name identical or similar to a legitimate network.

Answer 2

Evil twin attack

Question 3

Is an unauthorized and typically malicious wireless access point (AP) that is connected to a network without the knowledge or approval of the network administrator.

Answer 3

Rogue access point

Question 4

The unauthorized access and theft of information from a Bluetooth-enabled device, such as a mobile phone or laptop, often exploiting vulnerabilities to gain access to personal data without the user’s knowledge or consent.

Answer 4

Bluesnarfing

Question 5

The act of sending unsolicited messages or data to nearby Bluetooth-enabled devices, such as mobile phones or laptops, without gaining unauthorized access to the device.

Answer 5

Bluejacking

Question 6

The intentional termination of a connection between a client device and a wireless network.

Answer 6

Disassociation attack

Question 7

Is a form of denial of service (DoS) that specifically targets the radio spectrum aspect of wireless.

Answer 7

Jamming

Question 8

A technology that uses wireless communication to identify and track objects or individuals through small electronic tags (RFID tags) .

Answer 8

Radio frequency identification (RFID)

Question 9

Is a set of wireless technologies that enables smartphones and other devices to establish radio communications over a short distance.

Answer 9

Near-field communication (NFC)

Question 10

Is used in wireless systems as the randomization element at the beginning of a connection. Attacks against it are aimed at determining the IV, thus finding the repeating key sequence.

Answer 10

Initialization vector (IV)

Question 11

A type of network attack where the malicious actor positions themselves on the communication path between two entities, such as a client and a server. This allows the attacker to intercept, modify, or manipulate the communication between the two parties.

Answer 11

On-path attack (previously
known as man-in-the-middle attack/
man-in-the-browser attack)

Question 12

Type of attacks that target the data link layer of the OSI model, focusing on vulnerabilities in network devices like switches and bridges.

Answer 12

Layer 2 attacks

Question 13

Involves manipulating the ARP cache of a network to associate a fake Media Access Control (MAC) address with a legitimate IP address.

Answer 13

Address Resolution
Protocol (ARP) poisoning

Question 14

Is the act of changing a MAC address to bypass security checks based on the MAC address.

Answer 14

MAC cloning

Question 15

Is a type of attack where an attacker floods the network switch with a large number of fake or random MAC addresses.

Answer 15

Media access control (MAC) flooding

Question 16

Is a decentralized system that translates human-readable domain names into IP addresses.

Answer 16

Domain name system (DNS)

Question 17

Is the act of changing the registration of a domain name without the permission of its original registrant.

Answer 17

Domain hijacking

Question 18

A type of attack where false or malicious information is introduced into the Domain Name System (DNS) cache. This can lead to the redirection of domain name resolutions, causing users to be directed to fraudulent websites.

Answer 18

DNS poisoning

Question 19

Is the method of describing where you want a browser to go, and it is the main interface to the DNS process that converts it to a machine-readable address.

Answer 19

Uniform Resource
Locator (URL) redirection

Question 20

The evaluation of a domain’s trustworthiness and legitimacy based on its historical behavior, security practices, and online activities.

Answer 20

Domain reputation

Question 21

A DoS attack employing multiple attacking systems.

Answer 21

Distributed denial-of-service (DDoS)

Question 22

Is a collection of compromised computers or devices, often forming a botnet, coordinated to flood a target system or network with a massive volume of traffic.

Answer 22

Distributed denial-of-service (DDoS): Network

Question 23

A type of DDoS attack that aims to exhaust the resources of a targeted application or service.

Answer 23

Application-level DDoS attack

Question 24

Is the name given to networks of industrial devices in cyber-physical systems.

Answer 24

Operational technology (OT)

Question 25

The use of scripts and automation to maliciously impact a system.

Answer 25

Malicious code and script execution

Question 26

A built-in command-line tool suite that has a rich set of Microsoft Windows commands.

Answer 26

PowerShell

Question 27

Is a widely used programming language/scripting language.

Answer 27

Python

Question 28

(aka Bourne Again Shell) is an interpreter that processes shell commands on Linux systems.

Answer 28

Bash

Question 29

Are recorded sets of instructions, typically presented to an application to automate their function.

Answer 29

Macros

Question 30

Is an older technology from Microsoft that was used to automate many internal processes in applications.

Answer 30

Visual Basic for Applications (VBA)