Cyber Security

Question 1

What does CIA stand for?

Answer 1

Confidentiality, Integrity, Availability

Question 2

Define confidentiality

Answer 2

Data is accessed by only those with the right permit

Question 3

Define Integrity

Answer 3

Data is not tampered or altered in anyway

Question 4

Define availability

Answer 4

data and resources are able to be accessed and shared

Question 5

What does DAD stand for?

Answer 5

Disclosure, Alteration, Deniability

Question 6

Define disclosure

Answer 6

data is accessed by non-authorized individuals

Question 7

Define alteration

Answer 7

Data has been compromised or tampered with

Question 8

Define deniability

Answer 8

access to data and resources are blocked

Question 9

Define blacklist

Answer 9

a list of banned IP addresses, applications, or users

Question 10

Define whitelist

Answer 10

a list of allowed IP addresses, applications, or users

Question 11

Define cat fishing

Answer 11

the process of creating a fake online profile in order to trick people into believing they are someone else

Question 12

Define zero day?

Answer 12

A threat that is unknown to security specialists and has not been addressed

Question 13

Define hack value

Answer 13

describes a target that may attract an above average level of attention from an attacker

Question 14

Define non-repudiation

Answer 14

once an action is carried out by a party, it cannot be denied by that same party

Question 15

Define logic bomb

Answer 15

Malicious code that is only triggered when a set of conditions are met

Question 16

Define obfuscation

Answer 16

the tactic of making code unclear so that humans or programs like an antivirus cannot understand it

Question 17

Define honey pot

Answer 17

a decoy or trap for hackers

Question 18

Define spoof

Answer 18

the act of falsifying the indentity of the source of a communication or interaction

Question 19

What is a protocol?

Answer 19

a set of rules that determine how computers communicate with each other

Question 20

What does HTTP stand for?

Answer 20

Hyper Text Transfer Protocol

Question 21

Is HTTP stateless or stateful?

Answer 21

stateless

Question 22

What is SSL?

Answer 22

Secure Socket Layer

Question 23

What is SSH?

Answer 23

Secure Shell

Question 24

What is FTP?

Answer 24

File Transfer Protocol

Question 25

What is SFTP?

Answer 25

Secure File Transfer Protocol

Question 26

What is IMAP?

Answer 26

Internet Message Access Protocol

Question 27

What is SMTP?

Answer 27

Simple Mail Transfer Protocol

Question 28

What is a cookie?

Answer 28

Pieces of text of stored by a web server on your had disk

Question 29

What are cookies used for?

Answer 29

identify a user, check for their past activity on the website and use this record to provide the most relevant information to the user

Question 30

What is TCP?

Answer 30

Transmission Control Protocol divides a message or file into packets that transmitted over the internet more efficiently

Question 31

What is IP?

Answer 31

Internet Protocol is responsible for the address of each packet so it is sent to the correct destination

Question 32

What are the 4 layers of TCP/IP?

Answer 32

Datalink Layer, internet/networking layer, Transport layer, application layer

Question 33

What is the datalink layer of TCP/IP?

Answer 33

consists of protocols that operate on a link that connects hosts on a network e.g. ethernet

Question 34

Internet/Networking layer

Answer 34

connects independent networks together e.g. IP

Question 35

Transport Layer

Answer 35

handles communication between hosts e.g. TCP

Question 36

Application Layer

Answer 36

standardizes data exchange for applications e.g. HTTP, FTP

Question 37

What are the 5 main Social Engineering Tactics?

Answer 37

Baiting, Pretexting, Quid Pro Quo, Phishing, Vishing

Question 38

What is a brute force attack?

Answer 38

A trial and error attack against passwords

Question 39

What is a dictionary attack?

Answer 39

A type of brute force attack that goes through all the words of a dictionary

Question 40

What is phishing?

Answer 40

An email that contains a malicious link or file

Question 41

What is a spear phishing attack?

Answer 41

a phishing attack directed a specific individual

Question 42

What is vishing?

Answer 42

Phishing attack with a phone call

Question 43

What is smishing?

Answer 43

Phishing over text

Question 44

True or False: Botnets are very often used in DDoS attacks

Answer 44

True

Question 45

What are the three ways to prevent DDoS attacks from taking down your server?

Answer 45

Overprovision bandwidth, Creating a DDoS playbook, outsourcing protection to DDoS specialist

Question 46

What is the Man in the Middle Attack?

Answer 46

An attack where the attacker intercepts and potentially alters messages between computers

Question 47

What is a SQL Injection attack?

Answer 47

An attack where the attacker sends a malicious SQL statement to gain access to a database

Question 48

What is a XSS attack?

Answer 48

A cross site scripting attack is when a attacker sends malicious scripts of code into a website or website application. When a visitor comes to the website, their computer is infected

Question 49

What is a supply chain attack?

Answer 49

When hackers get into company A by getting into Company B’s network (where company B has access to company B)

Question 50

What is the server that is used to issue commands to bots in a botnet?

Answer 50

command and control server

Question 51

What are viruses/worms?

Answer 51

Malicious code written to alter the way a computer or a network operates

Question 52

True or False: A virus requires an active host program or already infected system to run

Answer 52

True

Question 53

is a worm or a virus self replicating and self propagating

Answer 53

a worm

Question 54

What is a trojan?

Answer 54

Powerful malware disguised as legitimate software

Question 55

What are the 4 types of Trojans?

Answer 55

backdoor trojans, infostealer trojan, trojan downloader, trojan DDoS

Question 56

What is Adware?

Answer 56

a program that displays unwanted banner advertisements

Question 57

What is spyware?

Answer 57

malware that monitors computer and internet use

Question 58

What is ransomware?

Answer 58

when a hacker encrypts a users data until the user pays the hacker to decrypt their data or threatens to release sensitive data unless a payment is received

Question 59

What is a firewall?

Answer 59

A security device that monitors incoming and outgoing network traffic

Question 60

What are the two types of firewalls?

Answer 60

hardware firewall and software firewall

Question 61

What are the two major types of encryption?

Answer 61

Symmetric and Asymmetric

Question 62

What is the difference between symmetric and asymmetric encryption?

Answer 62

symmetric uses the same key for encryption and decryption while asymmetric uses different keys

Question 63

What is an antivirus?

Answer 63

a software used to protect a computer from malware

Question 64

How does antivirus work?

Answer 64

identifies signatures of already identified malware or it runs the software in a sandbox and observes how it runs

Question 65

What are the main authentication factors

Answer 65

Knowledge factor (password), possession factor (keycard), inheritance factor (fingerprint)

Question 66

What is a DMZ?

Answer 66

A demilitarized zone is a physical or logical subnetwork that separates networks from other untrusted networks

Question 67

What is a security policy?

Answer 67

a written document that describes how an organizations protects it virtual and physical data assets

Question 68

What does BYOD stand for?

Answer 68

Bring your own device

Question 69

What is the weakest link in a companies security?

Answer 69

an employee