Attacks

Question 1

What is Cross-site scripting (XSS)?

Question 2

What is Malware?

Answer 2

Software that is specifically designed to disrupt, damage, or gain unauthorised access to a computer

Question 3

Define Ransomeware?

Answer 3

This involves encrypting a victims data and cash is demanded in order for the threat actor to decrypt your data. The OS remains available in order to for the threat actor to remain in contact with you

Question 4

Define a Virus?

Answer 4

This is Malware that can replicate itself and needs you to run a program - Reproduces itself through the system or over the network

Question 5

Name some ways in which your machine can become infected with Malware

Answer 5

E-mail link
Clicking on a web page pop
Drive-by download
A worm

Question 6

Name some Virus types

Answer 6

Program Virus
Boot sector virus
Script viruses
Macro viruses

Question 7

Define a Worm?

Question 8

Define bloatware?

Question 9

Define Spyware?

Question 10

How can you protect against Spyware?

Question 11

Define a logic bomb?

Question 12

How can you prevent a logic bomb?

Question 13

Define a rootkit?

Question 14

How can you find and remove rootkits?

Question 15

What is phishing?

Question 16

What is a threat vector?

Answer 16

A method used by the attacker to gain access to your system - Also called an attack vector

Question 17

What are the threats of removable devices within an organisation and how can this be managed?

Answer 17

Malicious software on USB devices can get around the network therefore circumventing high security networks ie fire walls

Data exfiltration - These devices can be used to exfiltrate company data by a malicious insider or a threat actor who has physical access to machines

Data loss - This could be intentional or accidental

Compliance violations - Require strict control over sensitive data including how it is stored, transferred and accessed. Allowing unrestricted use can lead to data transfers that violate compliance policies

Removable media does not typically have encryption enabled which can lead to unprotected storage of sensitive data

Ways to mitigate this threat:

Question 18

What are the threats of unsupported systems within an organisation and how can this be managed?

Answer 18

Unsupported systems pose a threat as they no longer receive security patches, updates or technical support from the vendor.

The following are issues of having unsupported systems:

Increased likelihood of a security exploit as they no longer receive patches to address newly discovered vulnerabilities.

Lack of vendor support and limited incident response

Potential for incompatibility with security tools like endpoint detection or encryption protocols

Some systems may lack critical data protection features

Ways to mitigate this threat:

Organisations should plan to upgrade unsupported systems wherever possible and implement mitigating controls like additional monitoring, limiting access, segmenting unsupported systems from critical networks

Question 19

What is a keylogger?