Deck B Prt. 1

Question 1

3DES

Answer 1

Is A type of SYMMETIC Encryption in which every individual block contains 64 bit Data, and 3 keys are used where each key consists of 56 bits. 3DES is not a very secure algorithm but better than DES

Question 2

ARP Ping Scan

Answer 2

Is used to Map Firewall rulesets & Distinguish between stateful and stateless firewalls. This Type of Scan Sends ACK Packets to a HOST.

Question 3

ARP Ping Scan

Answer 3

ARP Packets are sent for discovering all active devices in the IPv4 Range even though the presence of such devices is hidden by restrictive firewalls.

Question 4

APT

Answer 4

Advanced Persistent Threat is an ADVANCED ATTACK in which the Attacker remains in the network without being detected for a long time and obtains sensitive information over a period of time.

Question 5

Agent Smith Attack

Answer 5

Is an attack on mobile phones that replaces all the legitimate apps in the smartphone by deceptive Applications that appear Legitimate

Question 6

Androidmanifest.xml

Answer 6

Is a File in Android that determines that basic Configuration (Specifically Activities, Service, Broadcast Receivers, etc…) in an Android Application.

Question 7

Banner Grabbing

Answer 7

(nmap -sV) is the special Nmap command that is used to determine the type and version number of the web server in a Banner Grabbing Attack

Question 8

CVSS Rating

Answer 8

Represents Vulnerability severity Rating. EX: 4.0=Medium, 9.2=Critical, 4.0-6.9=Medium Severity Range, 9-10=Critical Range

Question 9

Credential Enumerator

Answer 9

Is a Tool like EMOTET which is a self extracting RAR File that hackers can use to retrieve information related to network Resources such as writable share drives, .RAR file composed of a service component and a bypass component. EMOTET Malware infiltrates computers though a network spreader component which consists of several spreader modules.

Question 10

DNS Tunneling

Answer 10

Is a Type of Firewall bypass Technique in which the attacker embeds malicious Data into the DNS protocol packets that even DNSSEC can not detect. The Attackers successfully inject malware to bypass a firewall and keep the communication with the victims machine and Server.

Question 11

DROWN Attack

Answer 11

Is A Vulnerability that makes that web server Vulnerable to attacks using less Secure Encryption Such as SSLv2 Because the SSlv2 Server can leak Key information. It is Recommended to use SSLv3

Question 12

Dragonblood

Answer 12

Is a Set of Vulnerabilities Discovered in the New WPA3 Wireless Encryption

Question 13

Encryption Virus

Answer 13

Is a Special Type of virus that can mutate its own code and then Cipher itself Multiple times as it Replicates. Encryption Viruses CONSIST of Encrypted Copy of the Virus and Decryption Module. First the Decryption Module Decrypt the Virus body. When virus tries to replicate and infect other files it will again use Encryption using Different Encryption Keys. it is also called POLYMORPHIC Virus

Question 14

FCC ID Search

Answer 14

Allows the Attacker to gather information Related to the Model of the IoT Device and the Certifications granted to it.

Question 15

Fileless Malware

Answer 15

Is A memory Based Malware that AntiVirus tools are unable to Discover and IDS/IPS fails to report on any non whitelisted programs.

Question 16

Gaining Access

Answer 16

Is the Phase of Ethical Hacking in which the Attacker is Infects a System with Malware and uses phishing to gain credentials to a system.

Question 17

Gobuster tool

Answer 17

Is a Web Server ENUMERATION Tool. the Fastest way to perform Enumeration on a web server using Gobuster Tool is to perform Content ENUMERATION using a wordlist.

Question 18

Gray Hat Hacker

Answer 18

Is a HACKER who often discovers Zero Day Vulnerability and sends the Owner and email describing the Vulnerability and also informs the vendor of the Vulnerability.

Question 19

Honey Trap Attack

Answer 19

Is an attack in which the Social Engineer Pretends to be romantically or Sexually Interested in the Victim, then fakes an online relationship and gathers Sensitive information through that relationship. This Attack is like Confidences/Romance Fraud Attacks.

Question 20

Hootsuite Tool

Answer 20

Is a Social Media Management tool in which the hacker Conducts a LOCATION Search to Detect their GEOLOCATION and Gathers information about the victim from social media to perform other sophisticated Attacks

Question 21

JXplorer Tool

Answer 21

Is an AUTOMATED Tool that hackers used to Anonymously Query the LDAP Service for Sensitive Information such as Usernames, Addresses, Departmental Details, and Server Names.

Question 22

KRACK Attack

Answer 22

Is Where an adversary Tricks a victim into reinstalling an already in -use key. this is achieved by manipulating and replaying Cryptographic Handshake messages. This is a replay Attack(a type of exploitable flaw) on the Wi-Fi Protected Access Protocol that secures Wi-Fi connections. The Security Protocol Protecting many Wi=Fi Devices can essentially be bypassed, potentially allowing an Attacker to Intercept sent and Received DATA

Question 23

KERNEL Rootkits

Answer 23

It Hides Undetached in the core components of the Operating System. They are Installed in Ring Zero, prior to AntiMalway Software being installed in Ring 3. RING 3 Apps can not inspect Ring 0 due to lack of the appropriate Privilege for Ring 3

Question 24

NSTX Tool

Answer 24

Port 53 is used for NSTX Tool for BYPASSING the Firewalls Using DNS Tunneling

Question 25

NetBIOS Code <03>

Answer 25

Is the SUFFIX that is used for Obtaining the messenger service running for the Logged-inuser.NetBIOS 00: Workstation service (Workstation Name), netBIOS 03:Windows Messenger service.NetBIOS20File Service(also called HOST Record)