A

Question 1

Availability

Answer 1

Assurance that the systems responsible for delivering, storing, and processing information are accessible when required by the authorized users.

Question 2

Authenticity

Answer 2

Refers to the characteristic of a communication, document, or any data that ensures the quality of being genuine.

Question 3

Active Attacks

Answer 3

Active attacks tamper with the data in transit or disturb communication or services between the systems to bypass or break into secured systems.

Question 4

Adversary Behavioral Identification

Answer 4

Adversary behavioral identification involves the identification of the common methods or techniques followed by an adversary to launch attacks on or to penetrate an organization’s network.

Question 5

Active Footprinting

Answer 5

Active footprinting involves gathering information about the target with direct interaction.

Question 6

ARP Ping Scan

Answer 6

Attackers send ARP request probes to target hosts, and an ARP response indicates that the host is active.

Question 7

ACK Flag Probe Scan

Answer 7

Attackers send TCP probe packets set with an ACK flag to a remote device, and then analyze the header information (TTL and WINDOW field) of received RST packets to determine if the port is open or closed.

Question 8

Anonymizer

Answer 8

An anonymizer is an intermediate server placed between you as the end user and the website to access the website on your behalf and make your web surfing activities untraceable.

Question 9

Audio Steganography

Answer 9

Audio steganography refers to hiding secret information in audio files such as .MP3, .RM, and .WAV.

Question 10

Advanced Persistent Threats

Answer 10

Advanced persistent threats (APTs) are defined as a type of network attack, where an attacker gains unauthorized access to a target network and remains undetected for a long period of time.

Question 11

Antivirus Sensor System

Answer 11

An antivirus sensor system is a collection of computer software that detects and analyzes malicious code threats such as viruses, worms, and Trojans.

Question 12

Active Sniffing

Answer 12

Active sniffing involves injecting Address Resolution Packets (ARP) into the network to flood the switch’s Content Addressable Memory (CAM) table, which keeps track of host-port connections.

Question 13

Address Resolution Protocol (ARP)

Answer 13

Address Resolution Protocol (ARP) is a stateless protocol used for resolving IP addresses to machine (MAC) addresses.

Question 14

ARP Spoofing Attack

Answer 14

ARP spoofing involves constructing many forged ARP request and reply packets to overload the switch.

Question 15

Application Level Hijacking

Answer 15

Application level hijacking refers to gaining control over the HTTP’s user session by obtaining the session IDs.

Question 16

Anomaly Detection

Answer 16

It detects the intrusion based on the fixed behavioral characteristics of the users and components in a computer system.

Question 17

Application-Level Firewall

Answer 17

Application-level gateways (proxies) can filter packets at the application layer of the OSI model (or the application layer of TCP/IP).

Question 18

Application Proxy

Answer 18

An application-level proxy works as a proxy server and filters connections for specific services.

Question 19

API DDoS Attack

Answer 19

The DDoS attack involves saturating an API with a huge volume of traffic from multiple infected computers (botnet) to delay API services to legitimate users.

Question 20

Automated Web App Security Testing

Answer 20

It is a technique employed for automating the testing process. These testing methods and procedures are incorporated into each stage of development to report feedback constantly.

Question 21

Application Whitelisting

Answer 21

Application whitelisting contains a list of application components such as software libraries, plugins, extensions, and configuration files, which can be permitted to execute in the system.

Question 22

Application Blacklisting

Answer 22

Application blacklisting contains a list of malicious applications or software that are not permitted to be executed in the system or the network.

Question 23

Access point (AP)

Answer 23

An AP is used to connect wireless devices to a wireless/wired network.

Question 24

Association

Answer 24

It refers to the process of connecting a wireless device to an AP.

Question 25

Agent Smith Attack

Answer 25

Agent Smith attacks are carried out by luring victims into downloading and installing malicious apps designed and published by attackers in the form of games, photo editors, or other attractive tools from third-party app stores such as 9Apps.
 :

Question 26

Android Rooting

Answer 26

Rooting process involves exploiting security vulnerabilities in the device firmware and copying the SU binary to a location in the current process’s PATH (e.g., /system/xbin/su) and granting it executable permissions with the chmod command.

Question 27

Asymmetric Encryption

Answer 27

Asymmetric encryption (public-key) uses different encryption keys, which are called public and private keys for encryption and decryption, respectively.

Question 28

Advanced Encryption Standard (AES)

Answer 28

The Advanced Encryption Standard (AES) is a National Institute of Standards and Technology (NIST) specification for the encryption of electronic data.