Comptia Security +

Question 1

What is phishing ?

Answer 1

social engineering that mimics email to steal your information

Question 2

what is typosquatting and prepending of the Url ?

Answer 2

Hijacking of a url ( usually changes one one thing ) in the domain name or add onto the domains beginning . Prepending is adding onto the beginning. Typosquatting is changing the url name to make it seem believable

Question 3

what is pretexting?

Answer 3

Lying to gain information, this can be done via phone or email

Question 4

what is Pharming ?

Answer 4

A poisoned DNS that is combined with fishing that targets a group of people

Question 5

What is Vishing/Smishing?

Answer 5

Voice and SMS phising

Question 6

What is reconnoissance ?

Answer 6

Gathering information on victims

Question 7

What is spear phishing ?

Answer 7

targeted phishing with inside information

Question 8

what is whaling ?

Answer 8

a phishing attack that attacks the CEO

Question 9

What is shoulder surfing ?

Answer 9

Looking over someones shoulder to gather information

Question 10

What is a Hoax in term of IT?

Answer 10

A threat that dosen’t actually exist

Question 11

What is a waterhole attach and how do you prevent it ?

Answer 11

A water hole attack is a cyber attack that install malware from a third party organization. In order to prevent water hole attacks a company should use a next gen firewall and anti-malware/ Anti-virus

Question 12

How does a mail gateway system prevent against spam email ?

Answer 12

The mail gate way acts as a firewall for incoming and outgoing emails filter to detect varied problems. It does this by identifying keywords and problematic know senders

Question 13

What is a reverse DNS? and how does it help prevent spam?

Answer 13

The email server will look at the known IP address and see if it matches the sender

Question 14

What is tailgating?

Answer 14

using a authorized person to Gaining unauthorised access to a building

Question 15

What is an invoice scam?

Answer 15

An attack that is disguised as a Bill

Question 16

What is credential harvesting?

Answer 16

An attacker is looking to find your sign-ins, this is done via malicious emails.

Question 17

What is a virus?

Answer 17

Malware that needs a human to download it to begin the replicating process

Question 18

What is a worm?

Answer 18

Malware that does not need a human to click on it before it begins replicating

Question 19

What is electing information tactic?

Answer 19

A person call and pretends to be from the help desk and convinces people to give information.

Question 20

What is trojan Horse software?

Answer 20

A software that looks normal but has an ulterior motive to do bad or simple do nothing

Question 21

What is a back door during malware?

Answer 21

A way for malware to reconnect to your system without having to go through the front door

Question 22

What is RAT ( REMOTE ACESS TROJANS ) ?

Answer 22

A program that give a 3rd party full remote access over the operating system

Question 23

What is a root kit and why is it so hard to get rid of ?

Answer 23

A type of malware that modifies the core system files

Question 24

What is crypto-malware?

Answer 24

Encryption that requires a key in order to use-crypt information. Victim must pay ransom in order to get the key .

Question 25

What is Adware?

Answer 25

A malware attack that pop-ups ads

Question 26

What is a Botnet?

Answer 26

A group of computers that have been taken over to form a network of bots

Question 27

What is a Logic bomb?

Answer 27

A bomb that has been left to activate later, this is malware

Question 28

what is pup malware? ( potential unwanted pop-up)

Answer 28

Any un wanted malware

Question 29

What is DDoS?

Answer 29

Distributed denial of service

Question 30

What is a password Hash?

Answer 30

a string of text that is used to represent password data. Hash can not be reversed

Question 31

What is a Spraying attack?

Answer 31

trying to log in with common passwords

Question 32

What is a Brute force attack?

Answer 32

this type of attack tries every possible password combination

Question 33

what is a dictionary attack?

Answer 33

many common password wordlists are standard among people in a certain industry

Question 34

What is a rainbow table?

Answer 34

A table that has saved passwords and their hashes

Question 35

What is salt?

Answer 35

A salt is random data added to a password when hashing

Question 36

Why are malicious USB and Flash drivers known as HID ? and how do they attack the system?

Answer 36

They are known as Human interface Devices because they can begin typing w/o human interaction. They use that to there advantage to download malware onto computer. They can also have a keyboard logger .

Question 37

What is skimming?

Answer 37

copying data from magnetic stripe on credit cards

Question 38

What is a C2 server?

Answer 38

A c2 server is the mail tool cyber threat actors use to launch and control cyber attacks

Question 39

Why is it important to check data when inserting it into a machine learning program ?

Answer 39

The machine learning program is only as good as the data is. A poisoned data means weakness within the program

Question 40

What is supply chain security ?

Answer 40

Supply chain security is ensuring that there are polices and procedures in place to protect your network from other companies that work with yours.

Question 41

what is a hash collision ?

Answer 41

is when 2 pieces of different data share the same hash value 

Question 42

How do you avoid hash collision ?

Answer 42

Increasing the hash length decreases the chance of a collision happening

Question 43

What is the downgrade attack ?

Answer 43

A type of attack that is done during sending of data. This attacks causes systems to downgrade their security

Question 44

What is privildge escalation ?

Answer 44

An average user gains administer access to the operation system

Question 45

What is the difference between a vertical escalation and a horizontal escalation ?

Answer 45

In a vertical escalation a normal user is gaining administrative, while in a horizontal escalation user A is gaining access to user B

Question 46

What is data execution prevention ?

Answer 46

only allows application to run where that data and its functions are allowed to run. This prevent privilege escalation

Question 47

What is a cross site script ?

Answer 47

Information from one site is shared with another

Question 48

What is a non-persistent ( reflected) XSS attack?

Answer 48

It is an attack that allows the script to run in user input. For example, there is a fake website that allows session id to be available just from the user inserting information into the empty info box

Question 49

What is a persistent reflected (stored) attack?

Answer 49

An attack that is stored onto a post and does not specifically target a person, but all who come into contact with the post

Question 50

What is a code injection attack?

Answer 50

adding your own information into a data stream and stealing information, bad programming leads to this. This should not be allowed

Question 51

What is a buffer overflow?

Answer 51

One section of memory is an override a different section of memory

Question 52

What is a replay attack ?

Answer 52

An attacker gathers raw network data and send it across the network to make it seem as if it was coming someone in the network

Question 53

What is pass the hash ?

Answer 53

During this type of attack the attacker places a device between the victim and the server so that the attacker also receive the hash as it goes to the server to authenticate. why is this bad ?

Question 54

How can you protect a client from a pass the hash attack ?

Answer 54

End-to end encryption and salt ( one time authentication session id could not be used again)

Question 55

Explain what end to end encryption is

Answer 55

Both ends are encrypted. I send a friend a message using there public key and the decrypt it with there private key

Question 56

What is session Hijacking ( or sidejacking ) ?

Answer 56

An attacker gain the session id and bypasses the authentication and posses as you

Question 57

Explain what a cross site request forgery

Answer 57

An attacker will create a hyperlink that is sent to the victim to click. Once this has been clicked the victims computer will connect to the banks server and the attacker will naw be able to do whatever they want with the victims account

Question 58

Explain what a server side request forgery

Answer 58

An attacker finds a vulnerability within an application on the web server .The attacker will then send a request that will request the web server to gather more information the the victims server

Question 59

What are some attacks that can be done with drives ?

Answer 59

Since drivers work along side software , they can be manipulated to turn into a key logger to steal sensitive information as the person types it

Question 60

what is the windows shim? and how do attackers use it to get malware onto victims computer ?

Answer 60

The windows shims allows application to run on older window models. Attackers will write there own shim and this will help them by pass any user security features

Question 61

What is a metamorphic malware ? ( refactoring)

Answer 61

a metamorphic malware is an attack that appears different each due to it redesigning itself. This makes it extremely hard for anti-malware protection to protect.

Question 62

What is SSL stripping /HTTP downgrade ?

Answer 62

During this type of attack the attacker sit in between the client and the server and uses no encrypted communication between the victim and there self. The attacker will use encrypted communication( https) with the web server but communicate back to the victim in http to prompt the victim to keep sharing sensitive information. This can all be avoided by only using Https.

Question 63

What is a race condition ?

Answer 63

A race condition is behavior of a software system depends on the relative timing of events such as the order in which threads are scheduled to run.

Question 64

What is NULL Pointer dereference ?

Answer 64

a program will attempt to reference a portion of memory that does not have anything or is undefined. This will cause the application to crash.

Question 65

What is integer overflow ?

Answer 65

An integer overflow is larger number are placed into smaller sized space. This causes overflow into other memory sections.

Question 66

Explain what a directory traversal is

Answer 66

during this type of attack the hacker is able to read files of a web server that are outside of the websites file directory

Question 67

explain what improper error handling is

Answer 67

this is when error messages show to much information and could lead to sharing very sensitive information to the wrong personal

Question 68

Explain what a API attack is

Answer 68

An attack that looks into vulnerabilities in api-based apps

Question 69

What is a shim ? In operating system ?

Answer 69

In windows through the use of shims, an older software can be ran through a previous windows Version while still in the new version

Question 70

What is a rouge access point ? and its evil town ?

Answer 70

A rouge access point in a unauthorized access point that isn’t necessarily malicious . An wireless evil twin looks legitimate but it is malicious. If you are using the evil twin just make sure the communication in encrypted

Question 71

What is bluejacking ?

Answer 71

An unsolicited message via Bluetooth

Question 72

What is Bluesnarfing ?

Answer 72

An attacker can access data from your phone using Bluetooth

Question 73

What’s are management frames ?

Answer 73

Are a specific type of frame that is used in wireless networking. This protocol allows you to join/ leave the wireless network while also authenticating your device.

Question 74

What is an Disassociation attack ?

Answer 74

Is an attack the causes DOS by attacking the 802.11 protocol that is used to during wireless networking. This is because the management frames are not encrypted .

Question 75

What is RF jamming ?

Answer 75

During a RF jamming the good signal is no longer becoming the main signal because of the noise around.

Question 77

What is a cryptographic nonce ?

Answer 77

This is a random or pseudo number that can’t be reasonably guessed. The nonce is added into the login process to help create different hashes each time to avoid a replay attack( aka decrypting the hash).

Question 78

What does it mean to salt a password ?

Answer 78

Salting means that a nonce is added to every pass word saved onto the data base. This means no hash will be the same even if the passwords are the same

Question 79

How do you add randomization to cryptography ?

Answer 79

By adding a nonce. A nonce is a set of value that is used for the time being. A nonce will be different every log in. The server will check your nonce along with your password hash and if it looks good will grant you acesss.