Chapter 2: Threats, Vulnerabilities and Mitigations

Question 1

Logic Bomb

Answer 1

a string of malicious code intentionally inserted into a program to cause harm to a network when it meets certain conditions.

Question 2

Trojan Horse

Answer 2

a type of malware that disguises itself as a legitimate program to trick users into downloading and installing it on their computer.

Question 3

Rootkit

Answer 3

a type of malware that gives cybercriminals unauthorized access to a computer or network.

Question 4

Worm

Answer 4

a type of malicious software (malware) that can self-replicate and spread rapidly across a network without any user interaction

Question 5

WPA3

Answer 5

• Wi‐Fi Protected Access 3 (WPA‐3) is the most modern, most secure option
• Uses Simultaneous Authentication of Equals (SAE) instead of WPA2’s Pre-Shared Key (PSK). SAE is more secure and protects against offline dictionary attacks and password guessing attacks.
• encrypts each device’s data individually, which improves privacy and security.

https://www.securew2.com/wp-content/uploads/2023/08/Design-the-WPA2-Vs-802.1-X-Image.png

Question 6

WPA2

Answer 6

• WPA2 is vulnerable to WEP attacks if the router is compatible with WEP systems.
• uses the Advanced Encryption Standard (AES), which is considered one of the most complex encryption technologies available. AES is used by the US government to protect classified data.

https://www.securew2.com/wp-content/uploads/2023/08/Design-the-WPA2-Vs-802.1-X-Image.png

Question 7

Cross-site Scripting

Answer 7

Cross‐site scripting (XSS) involves entering a script into text areas that other users will view.

Question 8

SQL Injection

Answer 8

a common attack vector that uses malicious SQL code for backend database manipulation to access information that was not intended to be displayed

Question 9

On-path attack

Answer 9

a cyberattack where an attacker secretly intercepts and modifies communication between two parties.

Question 10

What is a motivation for a Nation-state actor?

Answer 10

Nation‐state actors are typically advanced persistent threats (APTs) and their motivations commonly include espionage, data exfiltration, disruption/chaos, and war. Financial gain is more commonly associated with organized crime, blackmail with insider threats, and ethical with hacktivists.

Question 11

Spear Phishing

Answer 11

a type of phishing attack that targets a specific individual, group or organization.

Question 12

Bloatware

Answer 12

Unwanted or hidden software installed by the manufacturer or vendor on a new computer, device, or application.

Question 13

Vishing

Answer 13

a cyberattack that involves tricking people into giving away sensitive information over the phone.

Question 14

Smishing

Answer 14

a type of cybercrime that uses deceptive text messages to trick people into sharing sensitive information or performing actions that compromise their security.

Question 15

Pretexting

Answer 15

creating a fake scenario to trick a victim into giving away sensitive information.

Question 16

Business email compromise (BEC)

Answer 16

tricking people into sending money or sharing sensitive information through email.

Question 17

Typo squatting

Answer 17

a form of cybersquatting (sitting on sites under someone else’s brand or copyright) that targets Internet users who incorrectly type a website address into their web browser

Question 18

HIDS

Answer 18

a cybersecurity tool that monitors a computer’s internal systems and network packets for suspicious activity.

Question 19

HIPS

Answer 19

which is a security tool that monitors and prevents threats to a computer system.

Question 20

On-Path Attack

Answer 20

a cyberattack where a malicious actor intercepts and modifies communication between two parties.

Question 21

Least Privilege Access

Answer 21

a cybersecurity strategy that limits user access to only what is needed to perform their job.

Question 21

Watering Hole Attack

Answer 21

a cyberattack that infects a website that a target group frequently visits with malware, which then infects the target’s computer.

Question 22

RDP (Remote Desktop Protocol)

Answer 22

Microsoft protocol that allows users to remotely access a Windows computer from another device.

Question 23

NTLM (Network Trust Level Manager)

Answer 23

a Microsoft security protocol suite that authenticates users in a network environment.

Question 24

Birthday attack

Answer 24

a cryptographic attack that uses the birthday problem in probability theory to find collisions in hash functions.