Cybersecurity Fundamentals

Question 1

NIST: The Official publication series for standards and guidelines

Answer 1

FIPS

Question 2

Any potential danger to an asset

Answer 2

threat

Question 3

A weakness in the system, design, implementation, software, or code, or the lack of a mechanism.

Answer 3

Vulnerability

Question 4

refers to a piece of software, a tool, a technique, or a process that takes advantage of a vulnerability that leads to access, privilege escalation, loss of integrity, or denial of service on a computer system

Answer 4

Exploit

Question 5

Referred to as the knowledge about an existing or emerging threat to assets, including networks and systems.

Answer 5

Threat Intelligence

Question 6

An express language designed for sharing of cyber-attack information. Details can contain data such as the IP addresses or domain names of command and control servers, malware hashes, and so on.

Answer 6

Structured Threat Information eXpression (STIX)

Question 7

An open transport mechanism that standardizes the automated exchange of cyber-threat information. TAXII was originally developed by MITRE and is now maintained by OASIS.

Answer 7

Trusted Automated eXchange of Indicator Information (TAXII)

Question 8

Free Standardized schema for specification, capture, characterization, and communication of events of stateful properties that are observable in the operational domain.

Answer 8

Cyber Observable eXpression (CybOX)

Question 9

An open framework for sharing threat intelligence in a machine-digestible format.

Answer 9

Open Indicators of Compromise (OpenIOC)

Question 10

A language for the command and control of cyber-defense technologies. OpenC2 Forum was a community of cybersecurity stakeholders that was facilitated by the U.S. National Security Agency

Answer 10

Open Command and Control (OpenC2)

Question 11

responsible for locating new files, disk space, or RAM to infect.

Answer 11

Search Routine

Question 12

This portion of the virus is responsible for copying the virus and attaching it to a suitable host

Answer 12

Infection Routine

Question 13

allow the attacker full control over the system. Poison Ivy is an example of this type of Trojan.

Answer 13

RAT

Question 14

The idea behind this type of Trojan is to hide a user’s data.

Answer 14

Data Hiding

Question 15

These Trojans (Zeus is one such example) intercept and use a victim’s banking information for financial gain. Usually, they function as a transaction authorization number (TAN) grabber, use HTML injection, or act as a form grabber. The sole purpose of these types of programs is financial gain.

Answer 15

E-banking

Question 16

Types of Trojans

Answer 16

RAT
Data Hiding
E-Banking
DoS
Proxy
FTP
Security-Software Disablers

Question 17

Trojan infection mechanisms

Answer 17

P2P
Instant Messaging
Internet Relay Chat
Email Attachments
Physical access
Browser
SMS messages
Impersonated mobile apps
Watering hole
Freeware

Question 18

A Program used to cmbine two or more executables into a single packaged program

Answer 18

Wrapper

Question 19

Compress files like programs such as WinZip, Rar, and Tar

Answer 19

Packers

Question 20

software designed to install malware payloads on the victim’s system

Answer 20

Droppers

Question 21

Function to encrypt of obscure the Code

Answer 21

Crypters

Question 22

Ways to Distribute Malware

Answer 22

Wrapper
Packer
Dropper
Crypter

Question 23

A tool that uses TCP ACK packets as a covert communication channel

Answer 23

AckCMD

Question 24

Hackers can bypass SYN blocking rule by using what type of packet as a covert commuication channel

Answer 24

TCP ACK

Question 25

Designed to tunnel TCP traffic over a UDP connection

Answer 25

UDP Tunnel

Question 26

dnscat

Answer 26

option for tunneling dat over an open dns connection

Question 27

Malware Analysis that consists of decompiling, reverse engineering, and analysis of malicious software.

Focused on breaking down the software.

Answer 27

Static Analysis

Question 28

A software reverse engineering tool developed by the U.S. National Security Agency.

Answer 28

Ghidra

Question 29

Malware Analysis that consists of the monitoring and analysis of computer activity and Network traffic.

Monitor Computer Activity and Network Traffic

Answer 29

Dynamic Analysis

Question 30

What type of SQL injection is where the attacker obtains the data by using the same channel that is used to inject the SQL code. Data is dumped directly int a web application or web page.

Answer 30

In-band SQL injection

Question 31

What type of injection , the attacker retireves data using a different channel. For example, email, text, or an instant message.

Answer 31

Out-of-band SQL injection

Question 32

With this type of injection, the attacker does not make the application display or transfer any data; rather, the attacker is able to reconstruct the information by sending specific statements and discerning the behavior of the application and database.

Answer 32

Blind SQL injection

Question 33

a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications.

Answer 33

OWASP Top 10