2.0 Threats, Vulnerabilities, and mitigations Flashcards
What is phishing?
A: Social engineering attack using spoofed links/emails to steal data or deliver malware.
Q: What is smishing and vishing?
A: Smishing = phishing via SMS; vishing = phishing via voice call.
Q: What are removable device vectors?
A: Malware delivered via USB drives; may emulate a keyboard.
Q: What is agentless malware?
A: Malware exploiting vulnerable software without installing itself.
Name some vectors of attack a hacker could enter through?
Bluetooth, wifi, file based or image based vectors, voice fishing
What is Agentless?
No installed executable, compromised software on the server
Name some unsecure wireless network protocols?
WEP, WPA, WPA2, 802.1X
What is smishing?
Phishing over text message
What is an SQL injection?
inject malicious SQL code into a database query
What is an LDAP injection?
Targets LDAP queries
How to keep OS’s safe?
Patch and up to date
What is cross-site scripting (XSS)?
When information from one site goes onto another
Hackers hijacks a victim who goes to a legitimate site and thus the javascript code will execute.
Steal info, hijack sessions, or redirect users
What is non-persistent XSS attack?
Script is included in the URL or input and reflected back immediately in the response
Only works if the user clicks on a suspicious link
What is a persistent XSS attack?
The malicious script is stored on the server like in a comment, profile bio or post
Runs everytime a person visits the affected page
What is End of Life?
When a manufactuer will stop selling a product, usually a warning out first
What is end of service?
Complete end of support unless maybe you pay a lot
What is directory traversal?
When you move to a part of the project/folder that you shouldn’t have access to
Name insecure protocols
Telnet, FTP, SMTP, IMAP
Name some secure protocols
SSH, SFTP, IMAPS
What port is FTP on?
Port 21
What port is Telnet on?
Port 23
What is port http on?
Port 80
What is port SMTP on?
Port 25
What port is IMAP on?
Port 143
What port is POP3 on?
Port 110
What does Telnet do?
Remote command line login
What does FTP do?
Transfers files without encryption
File transfer protocol
What doe SMTP do?
Sends emails without encryption
Simple mail transfer protocol
What does IMAP do?
Retrieves email (plaintext login)
Internet message access protocol
What does POP3 do?
Downloads email messages to local device (no encryption)
What is the secure version of Telnet? and what port does it run on?
SSH port 22
What is the secure version of FTP? and what port does it run on?
SFTP port 22
What is the secure version of IMAP? and what port does it run on?
IMAPS and port 993
What is the secure version FTP?
What is the secure version of POP3? and what port does it run on?
POP3S and port 995
What is the secure version of HTTP? and what port does it run on?
HTTPS and port 443
Whats the difference between SFTP and FTPS?
SFTP is a new protocol using SSH, more modern
FTPS is an older FTP that uses TLS encryption
What is the difference between hashing and encryption?
Hashing, you hash a password and check the hash with the hash you have saved in your system
Encryption - you encrypt a message and send it, decrypt with the correct key
Difference between jailbreaking and rooting?
Jailbreaking is for iPhones
Rooting is for Androids
Difference between a Virus and a Worm?
Viruses need something to latch onto for it to spread whether that be a packet or file
Worms can spread by themselves
What is RFID cloning?
Where you clone someone’s badge ID
Fileless virus
Stays in memory
What is a Fox Hunt?
Where you hunt for the radio frequency that is jamming your signals
How does ARP Poisoning work?
We have an ARP server and a victim laptop. The attacker will send a message to ARP saying “hey, we are that victim” then the server will send the info to the attacker and the attacker then feeds the info to the victim
How do replay attacks work?
Hijacks a session or save the credentials for reuse
What is a birthday attack?
Looking for a hash collision
What are some indicators of compromise?
- Unusually amount of traffic
- Change to file hash values
- International traffic increase
- Changes to DNS data
- Uncommon patterns like reading a file more than usual
Why is segmentation good for cybersecurity?
Keeps things seperate
What does SIEM do and mean?
Security Information and Event Management
Monitor, log, event correlation, alerting, dashboards and reporting
What are some mitigation techniques?
- Patching vulnerabilities - auto updates - third party updates
- Encryption - prevent access to application data files or full disk encryption
- Monitoring - network, servers, etc…
SIEM - Security event manager - Least privilege - role based access, best solution is to have no administrative privileges
- Configuration enforcement
- Decommissioning - once someone is out, or if a technology is faulty and must be decommission DESTROY
What does Nmap tool do?
Scans all the ports to see the ones that are open
Difference between Firewall, IDS and IPS
Firewalls manage the traffic and blocks
IDS tries to detect and notify
IPS tries to detect and block
What does Wireshark do?
Packet capture and network analysis
What does metasploit do?
Exploitation framework for penetration testing
What does burp suite do?
Web app vulnerability testing tool
What does tcpdump do?
Command line packet analyzer
Main difference between TCP and UDP?
TCP is reliable and establishes a connection
UDP is fast and is connectionless
Difference between VPN and a proxy?
VPN is meant to encrypt all data transferring between the two poitns
Proxy is meant to establish an alternate communication
