Dion Cards

Question 1

What is the AAA of Security?

Answer 1

Authentication
Authorization
Accounting

Question 2

What is Authentication in the AAA of Security?

Answer 2

When a person’s identity is established with proof or by a system

Question 3

What are the 5 ways Authentication can be established?

Answer 3

Something you are
Something you know
Something you have
Something you do
Somewhere you are

Question 4

What is Authorization in the AAA of Security?

Answer 4

Its when a user is given access to something - e.g. data or area of a building

Question 5

What is Accounting in the AAA of Security?

Answer 5

The tracking of data, computer usage and network resources.

Non-repudiation occurs when you have proof someone did an action.

Question 6

What are the 4 main types of security threat?

Answer 6

Malware
Unauthorized Access
System Failure
Social Engineering

Question 7

What is malware?

Answer 7

Malicious software

Question 8

What is Unauthorized Access threat?

Answer 8

Happens when someone accesses data/resources without the owner’s consent

Question 9

What is System Failure as a threat?

Answer 9

Happens when a computer or application fails

Question 10

What is the threat of Social Engineering?

Answer 10

Manipulation of users to give up confidential info or to perform detrimental actions

Question 11

What are three types of controls/categories that can mitigate threats?

Answer 11

Physical Controls
Technical Controls
Administrative Controls

Question 12

Give some examples of Physical Controls (6)

Answer 12

Fence
Locked doors
Alarm systems
Surveillance cameras
ID Cards
Security Guards

Question 13

Give some examples of Technical Controls (5)

Answer 13

Smart cards
Encryption
ACLs (Access Control Lists)
Intrusion Detection Systems
Network Authentication

Question 14

Give some examples of Administrative Controls (5)

Answer 14

Policies
Procedures
Security Awareness Training
Contingency Planning
Disaster Recovery Planning

Question 15

What are the 5 types of hacker!?

Answer 15

White Hat
non malicious, has company permission

Black Hat
malicious, no permission

Gray Hat
no company affliction, no permission. Trying to shame/educate, not personal gain

Blue Hat - has permission from company, but not employed by company

Elite - exploit things first

Question 16

What is an Advanced Persistent Threat?

Answer 16

Highly trained and funded groups of hackers e.g. Nation states

Question 17

What is a Virus?

Answer 17

Viruses require user action in order to reproduce and spread

Question 18

What are the 9 types of virus?

Answer 18

1. Boot Sector
2. Macro
3. Program
4. Multipartite
5. Encrypted
6. Polymorphic
7. Metamorphic
8. Stealth
9. Armored
10. Hoax

Question 19

What is a Multipartite Virus?

Answer 19

A virus that combines boot and program viruses that first attacks the boot sector and system files.

Question 20

What is a Macro virus?

Answer 20

A virus that is embedded into a document and is executed when the document is opened

Question 21

What is a polymorphic virus?

Answer 21

Advanced version of an encrypted virus that changes itself every time it is executed by altering the decryption module to avoid detection.

Question 22

What is a metamorphic virus?

Answer 22

A virus that rewrites itself entirely, before it attempts to infect a file.

Question 23

What is an Armored virus?

Answer 23

A virus with a layer of protection to confuse a program or person analyzing it

Question 24

What is a worm?

Answer 24

Like a virus, but can replicate on its own, without user interaction.

Question 25

What is a RAT?

Answer 25

Remote Access Trojan. The most common form of trojan horse - provides the hacker with remote control of a victim’s computer

Question 26

What is greyware?

Answer 26

Software that isn’t benign or malicious, just behaves improperly without serious consequences.

Question 27

What is a DLL injection?

Answer 27

DLL Injection is commonly used by rootkits to maintain their persistent control. The malicious code is inserted into a running process on a Windows machine via Dynamic Link Libraries that a loaded at runtime.

Question 28

What is Drive Manipulation?

Answer 28

Compromises the kernel-mode device drivers at privilege/system level. A shim is placed in between to intercepts calls.

Question 29

What is a watering hole?

Answer 29

Malware that is placed somewhere you know your users will go -
:) www.wynspeare.com
:( www.winspeare.com

Question 30

What is C2?

Answer 30

Command and Control - used with botnets

Question 31

What is active interception?

Answer 31

Occurs when a computer is placed between the sender and receiver and is able to capture or modify the traffic between them.