Day 11 - Network Security Concepts

Question 1

Solve for the security term based on the description:

A weakness in a system or its design that could be exploited by a threat

Answer 1

Vulnerability

Question 1

Solve for the security term based on the description:

Anything of value to the organization, including people, equipment, resources and data

Answer 1

Assets

Question 2

Solve for the security term based on the description:

A potential danger to a company’s assets, data or network functionality

Answer 2

Threat

Question 3

Solve for the security term based on the description:

A mechanism that takes advantage of a vulnerability

Answer 3

Exploit

Question 4

Solve for the security term based on the description:

The process of taking countermeasures to reduce the likelihood or severity of a potential threat or risk

Answer 4

Mitigation

Question 5

Solve for the security term based on the description:

The likelihood of a threat exploiting the vulnerability of an asset, with the aim of negatively affecting an organization

Answer 5

Risk

Question 6

An __________ vector is a path by which a threat actor can gain access to a server, host, or network

Answer 6

Attack (vector)

Question 7

Data loss or data __________ occurs when data is intentionally or unintentionally lost, stolen or leaked to the outside world

Answer 7

Exfiltration

Question 8

Solve for the data loss vector term based on the description:

Intercepted email or IM messages could be captured and reveal confidential information

Answer 8

Email/Social networking

Question 9

Solve for the data loss vector term based on the description:

If data is not stored using encryption algorithm, the thief may be able to retrieve valuable confidential information

Answer 9

Unencrypted devices

Question 10

Solve for the data loss vector term based on the description:

Sensitive data can be lost if access to the cloud is compromised due to weak security settings

Answer 10

Cloud storage devices

Question 11

Solve for the data loss vector term based on the description:

An employee could perform an unauthorized transfer of data to a USB drive or a USB drive containing valuable data could be lost

Answer 11

Removable media

Question 12

Solve for the data loss vector term based on the description:

Confidential data should be shredded when no longer required

Answer 12

Hard copy

Question 13

Solve for the data loss vector term based on the description:

Passwords or weak passwords that have been compromised can provide a threat actor with easy access to corporate data

Answer 13

Improper access control

Question 14

Solve for the pen testing tool term based on the description:

These types of tools are often referred to as password recovery tools and can be used to crack or recover a password. These tools repeatedly make guesses in order to crack a password

Answer 14

Password crackers

Question 15

Solve for the pen testing tool term based on the description:

These types of tools are used to intentionally hack into a wireless network to detect security vulnerabilities

Answer 15

Wireless hacking tools

Question 16

Solve for the pen testing tool term based on the description:

These types of tools are used to probe network devices, servers and hosts for open TCP and UDP ports

Answer 16

Networking scanning and hacking tools

Question 17

Solve for the pen testing tool term based on the description:

These tools are used to probe and test a firewall’s robustness using specially forged packets

Answer 17

Packet crafting tools

Question 18

Solve for the pen testing tool term based on the description:

These tools are used to capture and analyze packets in traditional Ethernet LAN or WANs

Answer 18

Packet sniffers

Question 19

Solve for the pen testing tool term based on the description:

This is a directory and file integrity checker used by white hats to detected installed rootkits

Answer 19

Rootkit detectors

Question 20

Solve for the pen testing tool term based on the description:

These tools are used by white hat hackers to sniff out any trace of evidence existing in a computer

Answer 20

Forensic tools

Question 21

Solve for the pen testing tool term based on the description:

These tools are used by black hats to reverse engineer binary files when writing exploits. They are also used by white hats when analyzing malware

Answer 21

Debuggers

Question 22

Solve for the pen testing tool term based on the description:

These are specially design operating systems preloaded with tools optimized for hacking

Answer 22

Hacking operating systems

Question 23

Solve for the pen testing tool term based on the description:

These tools use algorithms schemes to encode data to prevent unauthorized access to the encrypted file

Answer 23

Encryption tools

Question 24

Solve for the pen testing tool term based on the description:

These tools identify whether a remote host is vulnerable to security attacks

Answer 24

Vulnerability exploitation tools

Question 25

Solve for the pen testing tool term based on the description:

These tools scan a network or system to identify open ports

Answer 25

Vulnerability scanners

Question 26

Solve for the attack type term based on the description:

A threat actor captures and listens to network traffic. This attack is also referred to as sniffing or snooping

Answer 26

Eavesdropping attack

Question 27

Solve for the attack type term based on the description:

If threat actors have captured enterprise traffic, they can alter the data in the packet without the knowledge of the sender or receiver

Answer 27

Data modification attack

Question 28

Solve for the attack type term based on the description:

A threat actor constructs an IP packet that appears to originate from a valid address inside the corporate intranet

Answer 28

IP address spoofing attack

Question 29

Solve for the attack type term based on the description:

A threat actor who discovers a valid user account has the same rights as a real user. A threat actor can use a valid account obtain lists of other users or network information, change server and network configurations and modify, reroute or delete data

Answer 29

Password-based attacks

Question 30

Solve for the attack type term based on the description:

This type of attack prevents normal use of a computer or network by valid users. It floods a computer or an entire network with traffic until a shutdown occurs because of the overload

Answer 30

Denial of service attack

Question 31

Solve for the attack type term based on the description:

This attack occurs when threat actors have positioned themselves between a source and destination and actively monitor, capture and control the communications transparently

Answer 31

Man in the middle attack

Question 32

Solve for the attack type term based on the description:

If a threat actor obtains a secret key, that key is referred to as this…

Answer 32

Compromised-key attack

Question 33

Solve for the attack type term based on the description:

This is an application or device that can read, monitor and capture network data exchanges and read network packets. If packets are not encrypted, this type of attack provides a full view of the data inside a packet

Answer 33

Sniffer attack

Question 34

Solve for the type of malware based on the definition:

Executes arbitrary code and installs copies of itself in the memory of the infected computer

Answer 34

Worm

Question 35

Solve for the type of malware based on the definition:

Malicious software that executes a specific, unwanted, often harmful function on a computer

Answer 35

Virus

Question 36

Solve for the type of malware based on the definition:

Non self replicating type of malware. If often contains malicious code that is designed to look like something else, such as a legitimate file or application

Answer 36

Trojan horse

Question 37

What are some other types of malware other than worms, viruses or trojan horses?

Answer 37

Adware
Ransomware
Rootkits
Spyware

Question 38

What are 5 types of common network attacks?

Answer 38

reconnaissance attacks
access attacks
DoS attacks
Social engineering attacks
Attacks on the TCP/IP suite

Question 39

Solve for the reconnaissance attack technique based on the description:

The threat actor looks for initial information about a target. Various tools can be used such as a google search, organization’s website and WHOIS

Answer 39

Information query of a target

Question 40

Solve for the reconnaissance attack technique based on the description:

An information query usually reveals the target’s network address. The threat actor can then initiate this to determine which IP addresses are active

Answer 40

Ping sweep

Question 41

Solve for the reconnaissance attack technique based on the description:

This can be used to determine which ports or services are available

Answer 41

Port scans

Question 42

Solve for the reconnaissance attack technique based on the description:

This can query the identified ports to determine the type and version of the application and OS running on the host

Answer 42

Vulnerability scanner

Question 43

Solve for the reconnaissance attack technique based on the description:

Threat actor attempts to discover vulnerable services that can be exploited. These tools include Metasploit, Core Impact, sqlmap, Social-engineering toolkit and Netsparker

Answer 43

Exploitation Tools

Question 44

Solve for the access attack based on the description:

The threat actor attempts to discover critical system passwords using various methods

Answer 44

Password attack

Question 45

Solve for the access attack based on the description:

The threat actor has a device pose as another device by falsifying data

Answer 45

Spoofing attack

Question 46

Solve for the access attack based on the description:

The threat actor uses unauthorized privileges to gain access to a system

Answer 46

Trust exploitation

Question 47

Solve for the access attack based on the description:

The threat actor uses a compromised system as a base for attacks against other targets

Answer 47

Port redirection

Question 48

Solve for the access attack based on the description:

The threat actor is positioned between two legitimate entities in order to read or modify data that passes between the two

Answer 48

Man in the middle attack

Question 49

Solve for the access attack based on the description:

The threat actor exploits the buffer memory and overwhelms it with unexpected values. This usually leads to a DoS attack

Answer 49

Buffer overflow attack

Question 50

Solve for the type of attack based on the definition below:

Threat actors attempt to manipulate individuals into performing actions or divulging confidential information

Answer 50

Social engineering attacks

Question 51

Solve for the social engineering attack based on the description:

An attack in which a threat actor creates a targeted phishing attack tailored for a specific individual or organization

Answer 51

Spear phishing attack

Question 52

Solve for the social engineering attack based on the description:

An attack in which a threat actor sends a fraudulent email that is disguised as being from a legitimate, trusted source

Answer 52

Phishing

Question 53

Solve for the social engineering attack based on the description:

Unsolicited email

Answer 53

Spam

Question 54

What kind of attack creates some sort of interruption of network services to users, devices or applications

Answer 54

DoS Attack

Question 55

DoS attacks are created in what two ways?

Answer 55

Overwhelming quantity of traffic
Maliciously formatted packets

Question 56

A threat actor may build a network of infected hosts called __________

Answer 56

Zombies

Question 57

A network of “zombies” is known a what?

Answer 57

Botnet

Question 58

What does uRPF stand for and what it is used to guard against?

Answer 58

Unicast Reverse Path Forwarding
Used to guard against spoofed IP Addresses

Question 59

What are the 4 transport layer attacks?

Answer 59

TCP Syn Flood Attack
TCP reset attack
TCP session hijacking
UDP flood attack