CH1

Question 1

Any potential danger to an asset

Answer 1

Threat

Question 2

If a vulnerability exist but has not yet been exploited the threat is considered what?

Answer 2

Latent

Question 3

If someone is actively launching an attack against your system and successfully accesses something or compromises your security against an asset the threat is what?

Answer 3

Realized

Question 4

The entity that takes advantage of a vulnerability

Answer 4

malicious actor

Question 5

The path used by a malicious actor to perform an attack

Answer 5

threat agent or threat vector

Question 6

A weakness in the system design, implementation, software, or code, or the lack of a mechanism.

Answer 6

Vulnerability

Question 7

5 places vulnerabilities can be found

Answer 7

Applications, Operating Systems, Hardware, Misconfiguration, Shrinkwrap software

Question 8

The identifier used by vendors, security researchers, and vulnerability coordination centers to disclose vulnerabilities to the public

Answer 8

CVE (Common Vulnerability Exposures)

Question 9

A piece of software, a tool, a technique, or a process that takes advantage of a vulnerability that leads to access, privilege escalation, loss of integrity, or denial of service on a computer system.

Answer 9

Exploit

Question 10

The probability or likelihood of the occurrence or realization of a threat.

Answer 10

risk

Question 11

Any item of economic value owned by an individual or corporation.

Answer 11

asset

Question 12

The amount of risk left after safeguards and controls have een put in place to protect the asset

Answer 12

residual risk

Question 13

List 5 types of threat actors

Answer 13

Script kiddies, organized crime groups, state sponsors and governemnts, hacktivists, terrorist groups.

Question 14

People who use existing scripts or tools to hack into computers and networks. They lack expertise to write their own scripts

Answer 14

Script kiddies

Question 15

Group whose main purpose is to steal information, scam people, and make money

Answer 15

Organized crime group

Question 16

These agents are interested in stealing data, including intellectual property and research-and-development data from major manufacturers, government agencies, and defense contractors.

Answer 16

State sponsors and governments

Question 17

People who carry out cybersecurity attacks aimed at promoting a social or political cause

Answer 17

Hacktivist

Question 18

These groups are motivated by political or religious beliefs

Answer 18

Terrorist Groups

Question 19

These individuals perform ethical hacking to help secure companies and organizations.

Answer 19

White hat hacker

Question 20

These individuals perform illegal activities, such as organized crime.

Answer 20

Black hat hacker

Question 21

These individuals usually follow the law but sometimes venture over to the darker side of black hat hacking.

Answer 21

Gray hat hacker

Question 22

The knowledge about an existing or emerging threat to assets, including networks and systems.

Answer 22

Threat intelligence

Question 23

What 5 items make up threat intelligence

Answer 23

context, mechanisms, indicators of compromise, implications, and actionable advise

Question 24

Typically require a host program or file to infect, requiring some human interaction.

Answer 24

Viruses

Question 25

Can travel from system to system without human interfaction

Answer 25

Worm

Question 26

Closely related to virus’s and worms, similar to Trojan because users don’t know it’s installed, steals information from the user and eats up bandwidth. Can also redirect web traffic and flood you with popups.

Answer 26

Spyware

Question 27

What are the primary types of malware attack mechanisms

Answer 27

Master boot record infection, BIOS infection, File infection, Macro infection, Cluster, Multipartite

Question 28

List 5 basic components of a virus

Answer 28

Search routine, infection routine, payload, antidetection routine, trigger routine.

Question 29

Programs that pretend to do one thing but, when loaded, actually perform another, more malicious act.

Answer 29

Trojan

Question 30

An attack in which an attacker leaves a USB thumb drive in the desk drawer of a victim.

Answer 30

Poison apple attack

Question 31

What is the number one means of malware propogation?

Answer 31

Email attachments

Question 32

A program used to combine two or more executables into a single packaged program.

Answer 32

Wrappers

Question 33

Similar to WinZip, Rar, Tar… these programs compress files to prevent anyone from viewing the malware’s code until it is placed in memory

Answer 33

Packers

Question 34

Encrypt or obscure the code. Some obscure the contents of the Trojan by applying an encryption algorithm.

Answer 34

Crypters

Question 35

Popular method used by criminals, hacktivist, and nation-state attackers to make money. Encrypts specific files in the victims system until a ransom is paid to the attacker.

Answer 35

Ransomware

Question 36

A way of moving information through a communication channel or protocol in a manner in which it was not intended to be used.

Answer 36

Covert channel

Question 37

Software or hardware devices used to record everything a person types.

Answer 37

Keyloggers

Question 38

A standalone environment that allows you to safely view or execute the program while keeping it contained.

Answer 38

Sandbox (Cisco ThreatGrid)

Question 39

List 3 types of injection-based vulnerabilities

Answer 39

SQL injection, HTML injection, Command injection

Question 40

This type of vulnerability can allow an attacker to view, insert, delete, or modify records in a database. The attacker inserts, or injects, partial or complete SQL queries via the web application.

Answer 40

SQL Injection

Question 41

What are the 3 categories of SQL injection attacks

Answer 41

in-band, out-of-band, blind

Question 42

SQL injection attack where attacker obtains data by using the same channel that is used to inject the SQL code (data is dumped directly in a web application or web page).

Answer 42

In-band SQL injection

Question 43

SQL injection attack where the attacker retrieves data using a different channel (an email, text, or instant message).

Answer 43

Out-of-band SQL injection

Question 44

SQL injection attack where the attacker does not make the application display or transfer any data; rather, the attacker is able to reconstruct the information by sending specific statements and discerning the behavior of the application and database.

Answer 44

Blind (or inferential) SQL injection

Question 45

Vulnerability that occurs when an unauthorized user is able to control an input point and able to inject arbitrary HTML code into a web application.

Answer 45

HTML Injection

Question 46

Attack in which an attacker tries to execute commands that he or she is not supposed to be able to execute on a system via a vulnerable application.

Answer 46

Command injection

Question 47

Credential brute forcing, session hijacking, redirecting, exploiting default credentials, exploiting weak credentials, exploiting Kerberos vulnerabilities are all examples of what type of vulnerability.

Answer 47

Authentication-based vulnerabilities.

Question 48

In this type of attack, an attacker attempts to log into an application or system by trying different usernames and passwords.

Answer 48

Credential brute force and password cracking

Question 49

Brute force attack in which the attacker actively tries to log in to the application by using many different combinations of credentials

Answer 49

Online brute force

Question 50

Brute force attack in which the attacker can gain access to encrypted data or hashed passwords.

Answer 50

Offline brute-force

Question 51

Some of the most common web applications vulnerabilities seen today where attackers use obfuscation techniques by encoding tags or malicious portions of the script using Unicode so that the link or HTML content is disguised to the end user browsing the site.

Answer 51

Cross-site Scripting (XSS)

Question 52

What are the 3 major categories of XSS

Answer 52

Reflected XSS, Stored (persistent) XSS, DOM-based XSS

Question 53

Type of XSS attack in which malicious code or scripts are injected by a vulnerable web application using any method that yields a response as part of a valid HTTP request. Example - user persuaded to follow a malicious link to a vulnerable server that injects the malicious code back to the user’s browser.

Answer 53

Reflected XSS

Question 54

Type of XSS attack in which the malicious code or script is permanently stored on a vulnerable or malicious server, using a database. These are typically carried out on blog sites, web forums, and other permanent storage methods.

Answer 54

Stored (persistent) XSS

Question 55

Type of XSS attack in which the attacker sends a malicious URL to the victim, and after the victim clicks the link, it may load a malicious website or a site that has a vulnerable DOM router handler. After the site is rendered by the browser, the payload executes the attack in the user’s context on that site.

Answer 55

DOM (Document Object Model) XSS

Question 56

Type of attack in which unauthorized commands are transmitted from a user who is trusted by the application. AKA (on-click attacks or session-riding).

Answer 56

Cross-site request forgery (CSRF or XSRF)

Question 57

Occurs when a system or application attempts to perform two or more operations at the same time however, due to the nature of such a system or application, the operations must be done in the proper sequence in order to be done correctly. These are also referred to as TOCTOU attacks). Example - policy push to IPS device rebuilds ACL’s - attacker has a small window to bypass the ACL’s.

Answer 57

Race conditions

Question 58

A non-profit charitable organization that leads several industry-wide initiatives to promote the security of applications and software. They list the top 10 most common vulnerabilities against applications at their website.

Answer 58

OWASP Top 10

Question 59

The requirement that private or confidential information not be disclosed to unauthorized individuals

Answer 59

Confidentiality

Question 60

The ability to make sure that a system and its data has not been altered or compromised.

Answer 60

Integrity

Question 61

A requirement that information and programs are changed only in a specified and authorized manner

Answer 61

Data Integrity

Question 62

A requirement that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.

Answer 62

System Integrity

Question 63

Systems, applications, and data must be available to authorized users when needed and requested. This concept is referred to as….

Answer 63

Availability

Question 64

What are the 3 types of DDoS attacks

Answer 64

Direct DDoS, Reflected DDoS, Amplification DDoS

Question 65

Occurs when the source of the attack generates the packets, regardless of protocol, application, and so on, that are sent directly to the victim of the attack.

Answer 65

Direct DDoS

Question 66

Occur when the sources of the attack are sent spoofed packets that appear to be from the victim, and then the sources become unwitting participants in the DDoS attacks by sending the response traffic back to the intended victim.

Answer 66

Reflected DDoS

Question 67

A form of reflected DDoS attack in which the response traffic (sent by the unwitting participant) is made up of packets that are much larger than those that were initially sent by the attacker (spoofing the victim).

Answer 67

Amplification DDoS

Question 68

According to NIST, what are the advantages of cloud computing

Answer 68

Distributed storage, scalability, resource pooling, access from any location, measured service, automated management.

Question 69

According to NIST, what are the essential characteristics of cloud computing

Answer 69

On-demand self-service, Broad network access, Resource pooling, Rapid elasticity, Measured service

Question 70

Cloud deployment model that is open for public use

Answer 70

Public Cloud

Question 71

Cloud deployment model that is used just by the client organization on-prem or at a dedicated area in a cloud provider

Answer 71

Private Cloud

Question 72

Cloud deployment model that is composed of two or more clouds (including on-prem)

Answer 72

Hybrid Cloud

Question 73

Cloud deployment model that is shared between several organizations

Answer 73

Community Cloud

Question 74

Accorindg to NIST, Cloud computing can be broken into the following 3 basic models

Answer 74

IaaS, PaaS, SaaS

Question 75

Cloud solution where you are renting infrastructure. You purchase virtual power to execute your software as needed.

Answer 75

IaaS

Question 76

Cloud solution providing everything except applications.

Answer 76

PaaS

Question 77

Cloud solution designed to provide a complete packaged solution. The software is rented out to the user. Usually provided through some type of front end or web portal.

Answer 77

SaaS

Question 78

Includes any computing devices (mechanical and digital machines) that can transfer data over a network without requiring human-to-human or human-to-computer interaction - for example, sensors, home appliances, connected security cameras, wearables, and numerous other devices.

Answer 78

IoT (Internet of Things)

Question 79

A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices

Answer 79

Cybersecurity incident

Question 80

Any observable occurrence in a system or network. Include users connecting to a file share, server receiving a request for a web page, user sending email etc.

Answer 80

Event