6) Fundamentals of Cyber Security

Question 1

What are the forms of attack on a network?

Answer 1

Active attack
Passive attack
Insider atatck
Social engineering

Question 2

What is a passive attack?

Answer 2

When a hacker eavesdrops of a network by ‘sniffing’ data packets

Question 3

What is an active attack?

Answer 3

When someone uses malware or other technical methods to compromise a network’s security

Question 4

What is authentication?

Answer 4

Any methods which allow users to prove that an account is theirs

Question 5

What is a dictionary attack?

Answer 5

Brute force attack from words in a pretermined lists

Question 6

What are ways of protection against cracking?

Answer 6

Writing a network policy which enforces strong passwords
Using two-factor authentication
Restricting number of failed password attempts

Question 7

What does DoS stand for?

Answer 7

Denial of Service

Question 8

What does a DoS attack do?

Answer 8

Attempt to bring a server down by flooding it with useless requests

Question 9

What are ways of protection against DoS attacks?

Answer 9

Firewalls blacklisting traffic from known IP addresses

Monitor and limit traffic

Question 10

What does DDoS stand for?

Answer 10

Distributed Denial of Service

Question 11

What does DDoS attacks overcome?

Answer 11

Blacklisting of IP addresses

Question 12

How do DDoS attacks work?

Answer 12

Requests are sent from an army of machines

A botnet

Question 13

What does penetration testing identify?

Answer 13

Vulnerabilities

Question 14

What does a good penetration test check?

Answer 14

Technical vulnerabilities
Likelihood of social engineering
Test of damage recovery

Question 15

What is the motivation for penetration tests?

Answer 15

Fixing bugs saves money

Question 16

What is black box testing?

Answer 16

Outside organisation practices a real attack

Question 17

What is white box testing?

Answer 17

Inside organisation tests vulnerabilities with knowledge of system and basic access rights, prevents insider attacks

Question 18

What is cold calling?

Answer 18

Pretending to be from a bank or utility company

Attempting to gain confidential details

Question 19

What tactic do social engieers often use?

Answer 19

Fear

Question 20

How can we protect against social engineering?

Answer 20

Public awareness campaigns
Company security policies
Education and training

Question 21

What is pharming?

Answer 21

Setting a fake website and attempting to redirect people to it
Often done through DNS servers

Question 22

What is blagging?

Answer 22

Attacker pretends to be involved with an organisation to gain information

Question 23

What is shouldering?

Answer 23

Physically watching a user either in person or using screen capture software

Question 24

What is phishing?

Answer 24

Using fake emails and websites to trick people into giving away sensitive data

Question 25

How can you protect against phishing?

Answer 25

Don't click email links Check email sender address is correct Look for clues email is not legitimate

Question 26

What are viruses?

Answer 26

Small pieces of code injected into other programs which spread from computer to computer

Question 27

What are worms?

Answer 27

Small pieces of code which spread across a network, smiliar to viruses but without a host program

Question 28

What are trojan horses?

Answer 28

Any form of malware which tricks the user into installing it by pretending to be a different program

Question 29

What is ransomware?

Answer 29

Encrypts files on an infected system and only decrypts files once a payment has been made to the hacker

Question 30

What is spyware?

Answer 30

Gathers information about a user by tracking their activity

Question 31

What are rootkits?

Answer 31

Malware which modifies the computer's OS to avoid detection by antivirus software

Question 32

What are backdoors?

Answer 32

Malware which opens up an access channel to a computer that other malware can use to take over the machine

Question 33

How can malware spread?

Answer 33

Installations Attachments Replication

Question 34

What are macros?

Answer 34

Small programs that give permission to run on the computer

Question 35

What can macros install?

Answer 35

Malware

Question 36

What does anti-virus software provide?

Answer 36

Real time scans of files | Checks if file is infected when opened

Question 37

What does anti-malware software do?

Answer 37

Periodically scan system to detect malware and remove them from the computer

Question 38

What does quarantining a piece of software do?

Answer 38

Prevents it from running until user decides whether to destroy software or attempt to remove virus from it

Question 39

What do firewalls do?

Answer 39

Inspect and filter incoming and outgoing data packets

Question 40

What is packet filtering?

Answer 40

Inspecting each packet and dropping those that don't meet a certain criteria

Question 41

What is IP address filtering?

Answer 41

Only allowing traffic from certain known sources

Question 42

What is port blocking?

Answer 42

Blocking access to certain ports

Question 43

What is a firewall?

Answer 43

A hardware device or piece of software which sits between a device and the internet

Question 44

What are common defences of cyber attacks?

Answer 44

Biometric authentication Email verification Automatic updates CAPTCHA

Question 45

What are access rights?

Answer 45

Whether each user can: Read files Write files Execute files

Question 46

What can we limit with user access levels?

Answer 46

Installing software Creating new accouts Accessing confidential information

Question 47

When are passwords effective?

Answer 47

When kept secret | When strong against brute force attacks

Question 48

What are principles of a strong password?

Answer 48

Long Letters, numbers, symbols Changed regularly Never written down

Question 49

What is encryption?

Answer 49

Scrambling data according to a specific algorithm so it cannot be read by third parties Only intended recpient can decode data

Question 50

How long are keys?

Answer 50

256 bits | 1,024 bits

Question 51

What are keys?

Answer 51

Shared secrets

Question 52

Why is it especially important to encrypt wireless networks?

Answer 52

High chance of data interception