Deck F Prt. 1

Question 1

ARP Spoofing

Answer 1

Is a TYPE of Attack in which an Attacker ends False ARP (Address Resolution Protocol) Messages over a LAN (Local Area Network)

Question 2

Audit Feature

Answer 2

The First Step that The Company Should Take Before Enabling the Audit Feature is to Determine the Impact of Enabling the Audit Feature.

Question 3

BetterCAP

Answer 3

Is a Sniffing Tool to Send Fake ARP Messages over the Target Network to Link the MAC Address with the Target Systems IP Address. The Hacker Receives Messages Directed to the Victims MAC Address and then can use the same Tool to Intercept, Steal, Modify, and Block Sensitive Communication to the Target System. It is Used to Capture the Data of the Victim and BetterCAP is a Powerful Tool used to Perform Various MITM (Man In The Middle) Attacks on a network, Manipulate HTTP, HTTPS, & TCP Traffic in Realtime, Sniff for Credentials etc.

Question 4

Btlejack Attack

Answer 4

The btlejack -f 0x9c68fd30 -t -m ox1fffffffff IS A BlteJacking Command USED by Hackers to Hijack the Bluetooth Connections. This attack allows the Hacker to Hijack, Read, and Export Sensitive Information Shared between connected devices over Bluetooth Wireless

Question 5

Cloudborne Attack

Answer 5

Is a Vulnerability in a Bare Metal Cloud Server that can Enable Hackers to implant Malicious Backdoors in its Firmware. It Also Allows them to Identify Backdoor that Can Persist even if the server is reallocated to new clients or businesses that use it as an IaaS. Organizations deploying Critical high Value Apps on bare Metal Servers through Infrastructure as a Service (IaaS) Offering consider it the best alternative to buying their own hardware because this allows for easy and quick scaling of cloud based Applications without the need of sharing the Hardware with other Users.

Question 6

Code Injection

Answer 6

Is a Vulnerability that allows Hackers to GAIN Unauthorized Access to API Objects and perform actions such as View, Update, and Delete Sensitive Data of the Company.

Question 7

Cross Site Scripting (XSS)

Answer 7

Is the WEB Application Attack where the Attackers Exploit Vulnerabilities in Dynamically Generated Web Pages to Inject Client Side Script Into Web Pages Viewed By Other Users.

Question 8

Cyber Kill Chain

Answer 8

The 7 Stages/Phases Include: RW DEICE= Reconnaissance, Weaponization, Delivery, Exploitation, Installation, Command and Control (C2), & Exfiltration (Action on Objectives). An Example of the 3rd Step Delivery in a Cyber Kill Chain is when an Intruder Sends a Malicious attachment via Email to a target.

Question 9

DDoS Attack

Answer 9

Distributed Denial of Service (DDoS) Attack is carried out by Mirai Malware which targets IoT Devices and uses Compromised hosts to propagate and Create botnets

Question 10

DNS Cache Snooping

Answer 10

Is an enumeration Technique in which the Pen Testers Queries the DNS Server for a Specific Cached DNS Record. Further, by using this cached record, he determines the sites recently visited by the Organization’s User. DNS Cache Snooping is when someone queries a DNS Server in order to find out (SNOOP) if the DNS Server has a specific DNS record cached, and thereby deduce if the DNS Server’s Owner (or its users) have Recently visited a specific site.

Question 11

Docker

Answer 11

Is an Open Source Container Technology that Assists with Developing, Packaging, and Running Applications; further, the technology provides PaaS Through OS Level Virtualization, Delivers Containerized software packages, and promotes fast software delivery. Docker is a Set of PaaS (Platform as a Service) products that use OS Level virtualization to deliver Software in Packages called Containers. Containers are isolated from one another and bundle their won software, Libraries and configuration files.

Question 12

Enumeration

Answer 12

Allows Attackers to draw a map or outline the Target Organization network Infrastructure to know about the Actual Environment that they are going to Hack. Enumeration is defined as the process of extracting usernames, machine names, network Resources, Shares and services from a system.

Question 13

External Assessment

Answer 13

External Assessment Allows the Hacker to Examine the Network from a hackers perspective to identify Exploits and vulnerabilities accessible to the outside world by using Devices such as Firewalls, Routers, and Servers. It also permits the Threat of Network Security Attacks and Determine the Level of Security of the Corporate Network.

Question 14

Flowmon

Answer 14

Is an OT (Operational Technology) Tool that protects the organization critical infrastructure and industrial Networks Against Security Incidents such as Cyber Espionage, Zero Day Attacks, and Malware.

Question 15

GNU Wget Utility

Answer 15

Allows you to Download all the contents of the Web Page Locally for further Examination with Wget 10.10.90.10 Against a Web Server. GNU Wget is Free utility for non Interactive Download of files from the Web. It Supports HTTP, HTTPS, FTP Protocols, as well as retrieval through HTTP Proxies, this Allows you to start a Retrieval and Disconnect from the System, letting Wget Finish the Work.

Question 16

Guardster.com

Answer 16

Is an Anonymizer that Masks the Attackers Real IP Address and Ensures Complete and Continuous Anonymity for all of Attackers Online Activities

Question 17

Internal Monologue Attack

Answer 17

Allows Attacker to find the Passwords without going through Rainbow Table to Correspond with Respective Hashes. In Secure Environments, Where Mimikatz Should not be Executed, an Adversary can Perform an Internal Monologue Attack, in which they invoke a Local Procedure call to the NTLM Authentication Package (MSV1_0) From a User Mode Application though SSPI to Calculate a NetNTLM Response in the Context of The Logged on User, after performing an extended NetNTLM Downgrade.

Question 18

Key Escrow

Answer 18

Allows one to Recover the Encryption Keys from the Active Directory on a Windows PC in Case one Loses the Private Key.

Question 19

Netsparker

Answer 19

Is a Web Application Security Scanner, with Support for Both Detection and Exploitation of Vulnerabilities. Netsparker is Used to Performs Vulnerability Scanning to find Hosts, Services, Misconfigurations, and Other Vulnerabilities in the Target Server.

Question 20

Nmap

Answer 20

The COMMAND (nmap -sT -O -T0” Allows you to scan common ports with the least amount of noise in order to evade IDS

Question 21

OSINT Framework

Answer 21

OSINT (Open Source Intelligence) is a Framework for conducting automated footprinting and recon activities using Open Source Tools for gathering Intelligence.

Question 22

Password Cracking Tools

Answer 22

Hashcat, THC Hydra, & John The Ripper Are Tools USEFUL for Cracking the Hashed Passwords.

Question 23

Period (.)

Answer 23

Period (.) is the Start of the Filename character to hide the Files in a Linux Machine. The Files Starting with dot (.) are very special in LINUX and are called DOT Files. They are hidden Files and usually Configuration or system files in LINUX.

Question 24

Reverse Image Search

Answer 24

Is a Footprinting Technique that ALLOWS the Images as a Search Query and track the Original Source and details of the Images, Including Photographs, Profile Pictures, and Memes. Google Revers Image Search Helps you quickly discover visually similar images from around the Web. Journalists can use the Reverse Search option to find the original Source of an Image or to know the Approximate Date when a Picture was first Published on the internet.

Question 25

SOX (Sarbanes Oxley)

Answer 25

Is the Information Security Law or Standard that AIMS at Protecting Stakeholders and the Public From Accounting errors and Fraudulent Activities within Organizations.