cyber security intro Flashcards
What is the correct order of a TCP three-way handshake?
Syn, syn-ack, ack
Which command is used to display files in a directory under the Windows
OS?
dir
What is a good example of a valid internal IP address?
- 192.168.21.05/24
- 24 = the number of subnets that can be on a class c address
- How many host are in a class c network - 254 usable with one being the gateway 255
What is a good example of UDP protocol usage?
- Movie streaming
- Udp - no connection needed
- Tcp - needs a connection
- TCP is a connection-oriented protocol, whereas UDP is a connectionless protocol.
Which of the following Windows accounts has the weakest permissions?
- Guest
What is hping3?
- A Linux tool that sends multiple packets and can creates a DoS attack.
- If you type this in kali linux it will create havoc hping3 -1 –flood 192.168.1.23
What are the differences between Information Security and Cyber Security?
- Cyber security protects against all types of cyber crimes, while information security protects the information itself.
What could be the subnet mask of a class A network?
- Example:
- A = 255.0.0.0
- B = 255.255.0.0
- C = 255.255.255.0
- Professor example:
- 255.0.0.0
- 255.255.255.254
- 255.255.255.0
- 255.255.0.0
What is the role of a DNS server?
- Translating common names to IP addresses.
What is the difference between a hub and a router?
- A hub operates in layer 1, while a router operates in layer 3.
- Layer1: PhysicalLayer. Layer2: Data LinkLayer. Layer3: NetworkLayer. Layer4: TransportLayer. Layer5: SessionLayer. Layer6: PresentationLayer. Layer7: ApplicationLayer.
Which of the following is not an example of a DDoS attack?
- Man in the middle
Cyber defense services are needed for:
- Detection, prevention, recovery
What is the best password option that can be set to harden one’s account?
- 99CSULBCru!SeIsDBest
- 2FA - two factor authentication
- MFA - multi factor authentication
You open Google Chrome and search for a new Razer mouse. The computer
reacts slowly. What type of hardware might be causing this?
- ~Network card
- ~Motherboard
- ~CPU
- =All answers above are possible
Which of the following is not a physical control?
- Anti-Virus
What is the purpose of the DMZ?
- A sub-network that exposes an organization’s external facing service.
What is the purpose of the Ping command?
- Send packets to check if a host is reachable.
Which of the following is a DDoS tool?
- LOIC - Low Orbit Ion Canon
- DoS - an attack from a single source
- DDoS - an attack from multiple sources
Ping of Death is an example of which attack?
- DoS attack
If someone hacked into a Facebook manager account and demand payment or they will release sensitive information to the public, what type of hacker would probably be involved?
- Black Hat
Which of the following statements is FALSE? Choose one
- MAC addresses change according to the network, while IP addresses are fixed per computer and have a unique identifier.
- False
- IP addresses operate in the third layer, while MAC addresses operate in the second layer of the OSI model.
- True
- Which of the following statements is FALSE? Choose one. * MAC addresses change according to the network, while IP addresses are fixed per computer and have a unique identifier.
- ~An example of an IP address is 192.168.0.1 and an example of a MAC
- address is 00-50-56-C0-00-08. * 00:11:22:33:44:55
What is the difference between a virus and a worm?
- Worms self-replicate but viruses do not.
Select the terms below that make up the CIA triad? Choose all correct
answers.
- confidentiality, integrity, availability
Which of the following is the main concept of MITM?
- When an attacker is between two other hosts and intercepts the communication.
What is one difference between APT and Script Kiddies?
- APT is typically sponsored by a nation or state, while Script Kiddies are not well-funded.
What are the layers of the OSI model?
- All People Seem To need Data Processing
* Application, Presentation, session, Transport, Network, Data Link, Physical
What are the advantages of using virtualization?
- Can provide a safe lab environment for testing and threat investigation.
- Allows a single hardware platform to provide resources for multiple servers.
What is the purpose of the kernel in the operating system?
Manages hardware resources and availability to the software
Which is true about threads and processes?
- Each process has a separate memory space, unlike threads that use the same memory space of their parent process.
What is the Windows Registry?
A database that holds different system and application configurations
Which type of attack exploits a vulnerability in the TCP/IP 3-way handshake process?
- SYN flood
Which of the following tools can be used for flooding a host with network traffic?
- Hping3
Which of the following is the least secure protocol to use when setting up a wireless network?
- WEP
What is MAC flooding?
- Flooding a switch with requests until it reverts to broadcast mode
Which of the following is a name of a tool that can be used in order to initiate a MITM attack?
- Ettercap
Which aspects of the CIA triad does evidence preservation help ensure? Select all correct answers
- Integrity, Confidentiality
Firewall
inspects, detects, and blocks traffic based on places and parameters (IP,Port,etc).
Antivirus
inspects, detects, and removes malware
Cyber space
the mutual area - refers to info shared by computer and network.
CIA
confidentiality - the act of sharing or revealing info only to authorized personnel.
Integrity - The ability to ensure that information or data remains unchanged and accurate.
Availability - ensuring data or service accessibility to those who require it, when they require it.
- Dos
2. Ddos
- is from a single attacker
2. comes from multiple sources
EternalBlue
is an exploit that allows cyber threat actors to remotely execute arbitrary code and
gain access to a network by sending specially crafted packets
URL
uniform resource locator
http
hyper text transfer protocol
ftp
file transfer protocol
Https
hyper text transfer protocol secure
SMB
server message block
What 5 ports would you test
- Port 445 smb
- Port 53 dns
- Port 88 tcp/udp
- Port 22 ssh
- Port 8080 proxy and cachingport
What is more secure ftp or ssh
ssh is more secure
Fuzzdb ports
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
2g
5g
2g farther
5g if you are closer
two things needed to connect to the internet?
MAC address and an IP address
MAC address is in
IP address in in
MAC address is in hex a decimal
IP address in in decimal
Smtp
Simple Mail Transfer Protocol - port 25
ACL
access control list
iscovered a fundamental flaw in the Domain Name System (DNS) protocol.
dan kaminsky
The flaw could allow attackers to easily perform cache poisoning attacks on most nameservers
CTF
Capture the Flag
DMZ
Demilitarized Zone
Cd
.
..
change directory
one dot means here
two dots means go back to previous
dir
is going to show the current directory
ping
check if a host is reachable
Mac flooding
is when an attacker floods a switch until it reverts to broadcast mode.
