cyber security intro

Question 1

What is the correct order of a TCP three-way handshake?

Answer 1

Syn, syn-ack, ack

Question 2

Which command is used to display files in a directory under the Windows
OS?

Answer 2

dir

Question 3

What is a good example of a valid internal IP address?

Answer 3

• 192.168.21.05/24
• 24 = the number of subnets that can be on a class c address
• How many host are in a class c network - 254 usable with one being the gateway 255

Question 4

What is a good example of UDP protocol usage?

Answer 4

• Movie streaming
• Udp - no connection needed
• Tcp - needs a connection
• TCP is a connection-oriented protocol, whereas UDP is a connectionless protocol.

Question 5

Which of the following Windows accounts has the weakest permissions?

Answer 5

• Guest

Question 6

What is hping3?

Answer 6

• A Linux tool that sends multiple packets and can creates a DoS attack.
• If you type this in kali linux it will create havoc hping3 -1 –flood 192.168.1.23

Question 7

What are the differences between Information Security and Cyber Security?

Answer 7

• Cyber security protects against all types of cyber crimes, while information security protects the information itself.

Question 8

What could be the subnet mask of a class A network?

Answer 8

• Example:
• A = 255.0.0.0
• B = 255.255.0.0
• C = 255.255.255.0
• Professor example:
• 255.0.0.0
• 255.255.255.254
• 255.255.255.0
• 255.255.0.0

Question 9

What is the role of a DNS server?

Answer 9

• Translating common names to IP addresses.

Question 10

What is the difference between a hub and a router?

Answer 10

• A hub operates in layer 1, while a router operates in layer 3.
• Layer1: PhysicalLayer.

Layer2: Data LinkLayer.

Layer3: NetworkLayer.

Layer4: TransportLayer.

Layer5: SessionLayer.

Layer6: PresentationLayer.

Layer7: ApplicationLayer.


Question 11

Which of the following is not an example of a DDoS attack?

Answer 11

• Man in the middle

Question 12

Cyber defense services are needed for:

Answer 12

• Detection, prevention, recovery

Question 13

What is the best password option that can be set to harden one’s account?

Answer 13

• 99CSULBCru!SeIsDBest
• 2FA - two factor authentication
• MFA - multi factor authentication

Question 14

You open Google Chrome and search for a new Razer mouse. The computer
reacts slowly. What type of hardware might be causing this?

Answer 14

• ~Network card
• ~Motherboard
• ~CPU
• =All answers above are possible


Question 15

Which of the following is not a physical control?

Answer 15

• Anti-Virus

Question 16

What is the purpose of the DMZ?

Answer 16

• A sub-network that exposes an organization’s external facing service.

Question 17

What is the purpose of the Ping command?

Answer 17

• Send packets to check if a host is reachable.

Question 18

Which of the following is a DDoS tool?

Answer 18

• LOIC - Low Orbit Ion Canon
• DoS - an attack from a single source
• DDoS - an attack from multiple sources

Question 19

Ping of Death is an example of which attack?

Answer 19

• DoS attack

Question 20

If someone hacked into a Facebook manager account and demand payment or they will release sensitive information to the public, what type of hacker would probably be involved?

Answer 20

• Black Hat

Question 21

Which of the following statements is FALSE? Choose one

Answer 21

• MAC addresses change according to the network, while IP addresses are fixed per computer and have a unique identifier.
• False
• IP addresses operate in the third layer, while MAC addresses operate in the second layer of the OSI model.
• True
• Which of the following statements is FALSE? Choose one.
* MAC addresses change according to the network, while IP addresses are fixed per computer and have a unique identifier.
• ~An example of an IP address is 192.168.0.1 and an example of a MAC
• address is 00-50-56-C0-00-08.
* 00:11:22:33:44:55

Question 22

What is the difference between a virus and a worm?

Answer 22

• Worms self-replicate but viruses do not.

Question 23

Select the terms below that make up the CIA triad? Choose all correct
answers.

Answer 23

• confidentiality, integrity, availability

Question 24

Which of the following is the main concept of MITM?

Answer 24

• When an attacker is between two other hosts and intercepts the communication.

Question 25

What is one difference between APT and Script Kiddies?

Answer 25

• APT is typically sponsored by a nation or state, while Script Kiddies are not well-funded.

Question 26

What are the layers of the OSI model?

Answer 26

• All People Seem To need Data Processing

* Application, Presentation, session, Transport, Network, Data Link, Physical

Question 27

What are the advantages of using virtualization?

Answer 27

• Can provide a safe lab environment for testing and threat investigation.
• Allows a single hardware platform to provide resources for multiple servers.

Question 28

What is the purpose of the kernel in the operating system?

Answer 28

Manages hardware resources and availability to the software

Question 29

Which is true about threads and processes?

Answer 29

• Each process has a separate memory space, unlike threads that use the same memory space of their parent process.

Question 30

What is the Windows Registry?

Answer 30

A database that holds different system and application configurations

Question 31

Which type of attack exploits a vulnerability in the TCP/IP 3-way handshake process?

Answer 31

• SYN flood

Question 32

Which of the following tools can be used for flooding a host with network traffic?

Answer 32

• Hping3

Question 33

Which of the following is the least secure protocol to use when setting up a wireless network?

Answer 33

• WEP

Question 34

What is MAC flooding?

Answer 34

• Flooding a switch with requests until it reverts to broadcast mode

Question 35

Which of the following is a name of a tool that can be used in order to initiate a MITM attack?

Answer 35

• Ettercap

Question 36

Which aspects of the CIA triad does evidence preservation help ensure? Select all correct answers

Answer 36

• Integrity, Confidentiality

Question 37

Firewall

Answer 37

inspects, detects, and blocks traffic based on places and parameters (IP,Port,etc).

Question 38

Antivirus

Answer 38

inspects, detects, and removes malware

Question 39

Cyber space

Answer 39

the mutual area - refers to info shared by computer and network.

Question 40

CIA

Answer 40

confidentiality - the act of sharing or revealing info only to authorized personnel.
Integrity - The ability to ensure that information or data remains unchanged and accurate.
Availability - ensuring data or service accessibility to those who require it, when they require it.

Question 41

1. Dos

2. Ddos

Answer 41

1. is from a single attacker

2. comes from multiple sources

Question 42

EternalBlue

Answer 42

is an exploit that allows cyber threat actors to remotely execute arbitrary code and
gain access to a network by sending specially crafted packets

Question 43

URL

Answer 43

uniform resource locator

Question 44

http

Answer 44

hyper text transfer protocol

Question 45

ftp

Answer 45

file transfer protocol

Question 46

Https

Answer 46

hyper text transfer protocol secure

Question 47

SMB

Answer 47

server message block

Question 48

What 5 ports would you test

Answer 48

• Port 445 smb
• Port 53 dns
• Port 88 tcp/udp
• Port 22 ssh
• Port 8080 proxy and cachingport

Question 49

What is more secure ftp or ssh

Answer 49

ssh is more secure

Question 50

Fuzzdb ports

Answer 50

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

Question 51

2g

5g

Answer 51

2g farther

5g if you are closer

Question 52

two things needed to connect to the internet?

Answer 52

MAC address and an IP address

Question 53

MAC address is in

IP address in in

Answer 53

MAC address is in hex a decimal

IP address in in decimal

Question 54

Smtp

Answer 54

Simple Mail Transfer Protocol - port 25

Question 55

ACL

Answer 55

access control list

Question 56

iscovered a fundamental flaw in the Domain Name System (DNS) protocol.

Answer 56

dan kaminsky

The flaw could allow attackers to easily perform cache poisoning attacks on most nameservers

Question 57

CTF

Answer 57

Capture the Flag

Question 58

DMZ

Answer 58

Demilitarized Zone

Question 59

Cd
.
..

Answer 59

change directory
one dot means here
two dots means go back to previous

Question 60

dir

Answer 60

is going to show the current directory

Question 61

ping

Answer 61

check if a host is reachable

Question 62

Mac flooding

Answer 62

is when an attacker floods a switch until it reverts to broadcast mode.