Domain 1

Question 1

is the art of exploiting human behavior by convincing someone to reveal information or perform an activity, these attacks can occur in person, via email, and over the phone

Answer 1

Social Engineering

Question 2

is the act of attempting to gather personal or sensitive information through fraudulent emails. is the most common form of social engineering attack related to computer security

Answer 2

Phishing

Question 3

is the act of attempting to gather personal or sensitive information through fraudulent SMS (short message services, better known as texting) works primarily due to the use of urgency and intimidation in the message

Answer 3

Smishing

Question 4

Is the act of attempting to gather personal or sensitive information through fraudulent phone calls, This video demonstrates the use of (***) to steal someone’s cell phone credentials

Answer 4

Vishing

Question 5

is unwanted commercial emails that are sent out in bulk via email

Answer 5

Spam

Question 6

SPIM is unwanted commercial emails that are sent out in bulk via instant messages

Answer 6

Spam Over Instant Messaging

Question 7

is a term created to refer to a phishing attack that targets a specific person or group of people with something in common

Answer 7

Spear Phishing

Question 8

is the act of attempting to gather personal or sensitive information from trash dumpstersAn attacker may gather a variety of information that can be useful in a social engineering attack10

Answer 8

Dumpster Diving

Question 9

is the act of secretly observing a person’s computer screen or keyboard to gather personal or sensitive informationThe attacker directly observes the individual entering sensitive information on a form, keypad, or keyboard

Answer 9

Shoulder Surfing

Question 10

is the act of directing internet users to a malicious website to gather personal or sensitive informatio

Answer 10

Pharming

Question 11

is the act of following an authorized person into a restricted area without providing credentialsAlso known as piggybacking

Answer 11

Tailgating

Question 12

Is the act of encouraging a person to disclose personal or sensitive information Calls to or from help desk and tech support units can be used to ____ ______

Answer 12

Eliciting Information

Question 13

is a type of phishing that targets high-profile individuals such as executivesThe sender must do some upfront research about the target as well as the subject in order to craft an e-mail that sounds convincing

Answer 13

Whaling

Question 14

The attacker adds a story to the beginning of the message

Answer 14

Prepending

Question 15

is the act of stealing personal information to impersonate the victim

Answer 15

Identity fraud

Question 16

The act of sending spoofed invoices from a trusted source or business executive

Answer 16

Invoice Scams

Question 17

The act of gaining access to a vast number of stored usernames and passwords, enabling an attacker a series of access passes to the system

Answer 17

Credential Harvesting

Question 18

The act of engaging with a computer system to gather information about its possible weaknesses

Answer 18

Reconnaissance

Question 19

is a false security threat that’s meant to entice a user to believe it’s real and disclose sensitive or personal information

Answer 19

Hoax

Question 20

The act of masquerading as a legitimate or trusted individual or entity

Answer 20

Impersonation

Question 21

The act of infecting a frequently visited website with malware

Answer 21

Watering Hole Attack

Question 22

also known as URL hijacking) is the act of presenting users with a fake site that has a similar URL

Best defense against this is to register those domains with all deviations of the designated site

Answer 22

Typosquatting

Question 23

A social engineering tactic where the attacker creates a false scenario to steal the victim’s personal information

An example is an attacker calling to verify personal information with the victim

Answer 23

Pretexting

Question 24

are an attempt to shift public opinion through the use of social media platforms

Answer 24

Influence Campaign

Question 25

A military strategy that employs conventional warfare and unconventional means in the battlefield

Information is used to sway people toward a position favored by those spreading it

Answer 25

Hybrid Warfare

Question 26

refers to websites that allow users to post and share content within a digital community

Answer 26

Social Media

Question 27

Authority
•The attacker impersonates a high-level executive or an IT support person

Intimidation
•The attacker attempts to scare or threaten the victim

Consensus
•The attacker claims that others are performing the requested action

Answer 27

Principles (reasons for effectiveness)

Question 28

Scarcity
•The attacker claims limited availability for a prize or reward

Familiarity
•The attacker poses as a familiar figure or builds rapport over time before conducting a social engineering attack

Trust
•The attacker uses his or her good relationship with the victim to conduct the social engineering attack

Urgency
•The attacker scares or threaten the victim to perform an action within a short amount of time

Answer 28

Principles

Question 29

is term given to a program intended to damage a computer system

Answer 29

Malware

Question 30

is malware designed to lock a victim’s computer or data until money is paid to the attacker

Answer 30

Ransomware

Question 31

are malicious applications that misleads victims by appearing as a trusted file or application

Answer 31

Trojans

Question 32

is a type of malware with the objective of spreading rapidly

Answer 32

Worm

Question 33

are programs like spyware and adware that are downloaded along with the program the user consented to download

Answer 33

Potentially Unwanted Program (PUPS)

Question 34

is a type of malware that uses a system’s software and applications to hide and execute its operations

Answer 34

Fileless Virus

Question 35

gives instructions to the botnet and is the central management center to conduct cyber-attacks

Answer 35

Command and Control

Question 36

Computer programs that automate a previously repetitive and task.

Answer 36

Bots

Question 37

uses encryption to deny the victim access to his or her data

Also the name given to malware used to mine crypto

Answer 37

Cryptomalware

Question 38

are malware designed to execute on a future date or event

Answer 38

Logic Bombs

Question 39

is malware designed to steal a victim’s personal information online

Answer 39

Spyware

Question 40

capture the victim’s keystrokes to steal credentials or personal information

Answer 40

Keylogger

Question 41

are malicious programs that installs a backdoor on the victim’s computer

Answer 41

Remote Access Trojans (RAT)

Question 42

are malicious programs that allow attackers to control a victim’s computer remotely

Answer 42

Rootkits

Question 43

an undisclosed way to gain access to a system or application

Answer 43

Backdoor

Question 44

The attacker attempts to gain access to a large amount of usernames through commonly used passwords

Answer 44

Spraying

Question 45

The attacker attempts to gain access to a password-protected resource by entering every word in a ________ as a password

Answer 45

Dictionary

Question 46

The attacker attempts every possible combination of letters, numbers, and special characters to guess the user’s credential

Answer 46

Brute Force

Question 47

are pre-assembled tables for reversing encrypted hashes, typically password hashes

Answer 47

Rainbow Table

Question 48

An attacker can launch a known ______ attack if he has samples of both the ? and the ciphertext

Answer 48

Plaintext

Question 49

A USB drive that appears harmless but contains might contain ransomware or a keylogger that transmits back to the attacker’s command and control server

Answer 49

Malicious Flash Drive

Question 50

The attacker creates a copy of a legitimate card to steal its credentials

Answer 50

Card Cloning

Question 51

Attackers capture credit card information illegally through fake credit card readers

Answer 51

Skimming

Question 52

A technique to make systems capable of machine learning more resilient by exposing them to malicious scenarios

Answer 52

Adversarial artificial intelligence (AI)

Question 53

The attacker inputs malicious data to a system or application while its in its training process

Answer 53

Tainted training data for machine learning (ML)

Question 54

Attackers might try new approaches to find security holes in the machine learning algorithm

Answer 54

Security of machine learning algorithms

Question 55

Attackers might try new approaches to find security holes in the machine learning algorithm

Answer 55

Supply-chain attacks

Question 56

attacks have less physical impact than on-premise attacks and are more resilient due to the lower cost to back-up data.

Answer 56

Cloud Based

Question 57

The attacker attempts to find a match to a hash by identifying portions based off probability

Answer 57

Birthday

Question 58

occurs when two different inputs produce the same hash value

Answer 58

Collison

Question 59

The attacker negotiates for a less secure protocol to communicate with hosts and servers

Answer 59

Downgrade

Question 60

Attackers try to work their way up from a basic user account to an account with administrative access

Answer 60

Privilege Escalation

Question 61

An application vulnerability that allows an attacker to inject malicious data

Answer 61

Cross-site scripting

Question 62

The attacker inserts malicious code into an application

Answer 62

Injection

Question 63

An attacker inserts malicious code to obtain or delete data from the database

Answer 63

Structured query language (SQL)

Question 64

is a collection of code that is designed to be used as needed by a computer process

Answer 64

Dynamic Link Library (DLL)

Question 65

is performed by replacing a valid DLL file with a malicious DDL file

Answer 65

DLL Injection Attack

Question 66

The attacker exploits input validation vulnerabilities to execute commands to the LDAP servers

Answer 66

Lightweight Directory Access Protocol (LDAP)

Question 67

The attacker injects XML code directly into the application to manipulate its operations

Answer 67

Extensible Mark Up Language (XML)

Question 68

occurs when a program attempts to read or write to memory with a NULL pointer

Answer 68

Pointer/object dereference

Question 69

The attacker manipulates the file system structure on a web server to search for unsecured files

Answer 69

Directory Traversal

Question 70

The attacker attempts to crash or hang up the application by injecting more data than intended for the application

Answer 70

Buffer Overflow

Question 71

occurs when a process produces an unexpected result due to timing

Answer 71

Race Condition

Question 72

The attacker attempts to access a file between the first time the program accesses the file and usage of file

Answer 72

Time of check/time of use

Question 73

is the ability for an application to catch errors and provide user-friendly feedback to the user, without crashing the application

Answer 73

Error Handling

Question 74

occurs when an error message that’s displayed to an end user provides clues about how an application operates

Answer 74

Improper Error Handling

Question 75

occurs when an attacker intercepts secure communication and fraudulently resends or misdirects the communication

Answer 75

Replay Attack

Question 76

The attacker repeats valid transmission data between a legitimate user and server

Answer 76

Session Replays

Question 77

occur when a user’s input exceed the boundaries of integer variables

Answer 77

Integer overflows

Question 78

The attacker attempts to bypass the input validation countermeasures on a server to gain access to sensitive data

Answer 78

Server-side validation

Question 79

With a web-based service, the attacker performs legitimate but unauthorized actions on a user’s account

Answer 79

Cross side request forgies

Question 80

allows applications to communicate and respond to each other

An attacker can target an *** to gain administrative access or modify its intended behavior by discovering flaws in its implementation

Answer 80

application programming interface (API)

Question 81

The attacker exploits the system or application to crash or hang up its intended operations

Answer 81

Resource Exhaustion

Question 82

The attacker causes the application to consume more and more memory the longer it runs

Answer 82

Memory Leak

Question 83

SSL stripping is a technique to downgrade the security of a website from https to http

Answer 83

Secure Sockets Layer

Question 84

Drivers are used by operating systems to interact with the hardware and software components of a device

Answer 84

Driver Manipulation

Question 85

is the act if writing code to provide operating system compatibility with older drivers

Answer 85

Shimming

Question 86

is the act of rewriting the internal processing of a program without altering its external behavior

Answer 86

Refactoring

Question 87

The attacker sends a legitimate password hash for authentication

Answer 87

Pass the hash

Question 88

is a malicious access point that is been configured to eavesdrop and intercept wireless network traffic

Answer 88

Evil twin

Question 89

is an unauthorized and potentially malicious access point

Answer 89

Rogue Access Point

Question 90

is the act of using Bluetooth technology to connect to another device for potentially malicious reasons

Answer 90

Bluesnarfing

Question 91

is the act of using Bluetooth technology to send messages to another device

Answer 91

Bluejacking

Question 92

is a wireless attack in which the attacker denies the victim wireless connection to the access point

Answer 92

Disassocation

Question 93

is the act of blocking access to wireless signals and causing denial of service by interjecting electromagnetic waves on the same frequency

Answer 93

Jamming

Question 94

These attacks occur when an attacker eavesdrops or alters the radio frequencies of **-capable devices

Answer 94

RFID (Radio Frequency Identification)

Question 95

NFC attacks occur when an attacker disables or alters the communication path between an NFC-capable devices

Answer 95

NFC (Near Field Communication)

Question 96

attacker can decrypt the IV of a wireless traffic to read messages in plaintext

Answer 96

Initialization Vector (IV)

Question 97

attacks occur when an attacker places themselves between two devices to eavesdrop, alter, or intercept the communication

Answer 97

On Path Attack
Man In The Middle
Man In The Browser

Question 98

is the process of altering data to deceive devices about the actual MAC address of a system

Answer 98

Address Resolution Protocol (ARP) poisoning

Question 99

is the act of removing legitimate MAC entries from a network switch and consuming its limited bandwidth

Answer 99

Media access control (MAC) flooding

Question 100

is the act of duplicating the default or factory-assigned MAC address of a device

Answer 100

MAC cloning

Question 101

(DNS) translates URLs to IP addresses

Attackers can target these servers to redirect users to malicious websites

Answer 101

Domain Name Systems

Question 102

occurs when an attacker compromises and takes full control of the victim’s domain name account

Answer 102

Domain Hijacking

Question 103

is the process of altering DNS records to mislead users to a malicious website

Answer 103

DNS Poisoning

Question 104

occurs when users are redirected to a malicious website

Answer 104

Uniform Resource Locator (URL

Question 105

is the act of validating the authenticity of a website and those who access the website

Answer 105

Domain Reputation

Question 106

is large-scale denial-of-service attack that leverages often thousands of botnets

Answer 106

Distributed denial-of-service (DDoS

Question 107

occurs when an attacker denies legitimate access to networking devices

Answer 107

Network DDoS

Question 108

network DDoS occurs when an attacker denies legitimate access to user applications

Answer 108

Application DDoS

Question 109

DDoS occurs when an attacker denies legitimate access to IP-capable devices designed to monitor physical systems

Question 110

is designed to aid administrators manage Windows systems

Attackers can write **** scripts to steal credentials and other sensitive data through a popular hacking tool called PowerSploit

Answer 110

PowerShell

Question 111

is a widely used programming language and scripting tool used in software development and data analytics

Answer 111

Python

Question 112

a popular scripting language used for automating tasks on Linux systems

Answer 112

Bash

Question 113

are recorded instructions used to improve the functionality of PDF documents

Answer 113

Macros

Question 114

is an older scripting language used to automate Microsoft processes and applications

Answer 114

Visual Basic for Applications (VBA)

Question 115

are long-running attacks, sophisticated cyber-attacks

Answer 115

Advanced persistent threat (APT)

Question 116

These threat actors has legitimate access to organizational facilities and IT resources making detection difficult

Answer 116

Internal Actors

Question 117

These types of hackers are financially supported by their governments and have access to advanced cyber capabilities, including zero-day vulnerabilities

Answer 117

States Actors

Question 118

are beginner hackers who often use tools or scripts without the knowledge of its operations

Answer 118

Script Kiddies

Question 119

are threat actors that switched from traditional criminal activities to conducting online attacks

Answer 119

Criminal Syndicates

Question 120

Skilled individuals with the ability to access computer systems and recourses without authorization

Answer 120

Hackers

Question 121

who are hired to discover computer or network vulnerabilities

Answer 121

Hackers - Authorized

Question 122

Hackers with the intent of stealing sensitive data or gaining unauthorized access to a computer system

Answer 122

Hackers - Unauthorized

Question 123

refers to IT projects that are managed without the knowledge and consent of the IT department

Answer 123

Shadow IT

Question 124

Outside organizations seeking financial or market gain through espionage

Answer 124

Competitors

Question 125

Anonymity can make attribution difficult

Cyber-persona can mask the true actor, requiring significant analysis and collaboration to identify actor at times

Answer 125

Attributes of actors

Question 126

Nation states can conduct more sophisticated cyber-attacks due than script-kiddies, and can cause higher levels of disruptions

Answer 126

Level of sophistication/capability

Question 127

Nation state-sponsored hackers receive industry-leading training in computer hacking and they share their collected information with their government intelligence agencies

Answer 127

Resources/funding

Question 128

An attacker needs a medium to carry out a cyber-attack so they rely on attack vectors (sometimes called threat vectors) to gain access to a system

Answer 128

Vectors

Question 129

This involves an attacker having physical access to the hardware of the system

Answer 129

Direct access

Question 130

An attacker can gain access to a network or device through unsecured access points, weak wireless encryption standards, and weak or default credentials

Answer 130

Wireless

Question 131

is a threat vector that attackers exploit through phishing campaigns

Attackers consider email to be the most successful vector due to its widespread use

Answer 131

Email

Question 132

An attacker can gain access to a system’s component prior to its final integration by attacking its manufacturing process

Answer 132

Supply Chain

Question 133

Attackers can use social media to launch a social media attack or impersonate the victim online

Answer 133

Social Media

Question 134

An attacker can load malware into _________ _______ without the victim’s knowledge

Answer 134

Removable Media

Question 135

Attackers can gain access to data stored in the cloud through password attacks

Answer 135

Cloud

Question 136

Publicly available information about cyber threats

Answer 136

Open-source intelligence (OSINT)

Question 137

Information about cyber threats that is not publicly available

Answer 137

Closed/proprietary

Question 138

The US National Vulnerability Database keeps a record of technical vulnerabilities, including those found in the Common Vulnerabilities and Exposures database or CVE

Answer 138

Vulnerability databases

Question 139

A central resource between the public and private sector to disseminate information regarding cyber threats actors and threats to critical infrastructure

Answer 139

Public/private information-sharing centers

Question 140

Internet content and websites that are undisclosed via search engines and is known for criminal activity

Answer 140

Dark Web

Question 141

Evidence that an unauthorized action has been perform against an information system

Answer 141

Indicators of compromise (IoC)

Question 142

system that sends automatic alerts between the public and private sector once a threat is confirmed

Answer 142

Automated Indicator Sharing (AIS)

Question 143

A standardized communication standard to automatically exchange cyber threat information

Answer 143

Structured Threat Information eXpression (STIX)/Trusted Automated eXchange of Intelligence Information (TAXII)

Question 144

The act of analyzing cyber threat information to predict the attacker’s

Answer 144

Predictive analysis

Question 145

A graphical representation of cyber attacks conducted around the globe

Answer 145

Threat maps

Question 146

A location for software developers to collaborate on projects and centrally store their source code

Answer 146

File/code repositories

Question 147

Conducting research on a vendor by exploring its website for valuable information

Answer 147

Vendor Websites

Question 148

can provide information regarding current cyber threats and critical vulnerabilities

Answer 148

Vulnerability feeds

Question 149

are published research papers that have been peer reviewed and written by industry experts

Answer 149

Academic journals

Question 150

The set of standards that document the protocols involved in online communication

Answer 150

Request for Comments (RFC)

Question 151

are comprised of security experts sharing cyber threat information, while promoting networking amongst peers

Answer 151

Local industry groups

Question 152

A source for information regarding cyber threats from multiple sources

Answer 152

Threat feeds

Question 153

The pattern of activities that is associated to a specific threat actor

Answer 153

Adversary tactics, techniques, and procedures (TTP)

Question 154

exploits an unpublished vulnerability with no available vendor patch

Answer 154

Zero Day

Question 155

refer to security configurations that expose a system or application to threats that could be countered with proper configurations

Answer 155

Weak configurations

Question 156

refers to a device or application with no access control measures in place

Answer 156

Open permissions

Question 157

pose a significant security concern by allowing an attacker to gain administrative access

Answer 157

Unsecured root accounts

Question 158

This is like a default administrator account password should be changed to avoid an attacker guessing the default credential

Answer 158

Default settings

Question 159

refers to protocols like Telnet, HTTP, or FTP, which transmits data in cleartext

Answer 159

Unsecure protocols

Question 160

can receive and respond to communication requests from an attacker

Answer 160

Open ports and services

Question 161

Risks associated with sharing information with individuals, groups, or outside organizations

Answer 161

Third party risks

Question 162

This refers to the policies and procedures in place to vendor and supply chain risks

Answer 162

Vendor Management

Question 163

What refers to the ability for hardware and software systems to effectively communicate and interoperate

Answer 163

System Intregation

Question 164

can expose an organization to security vulnerabilities with no security patch available

Answer 164

Lack of vendor support

Question 165

are risks associated with an attacker can disrupting the system’s manufacturing process

Answer 165

Supply Chain

Question 166

An organization may choose to transfer its code development process to third-parties but may lose visibility and control of the code

Answer 166

Outsourced Code Development

Question 167

Data stored outside the organization via a third party cloud provider should have identical security measures as data stored on-premise

Answer 167

Data storage

Question 168

refers to software code that resides within the hardware of system when the system boots up

Answer 168

Firmware

Question 169

controls the functionalities of a computer and can receive patches from major vendors through automation

Answer 169

(OS) Operating System

Question 170

are software programs with user interfaces and are susceptible to software vulnerabilities

Answer 170

Applications

Question 171

A large open source of information on a threat’s capabilities, gathered from various sources and researchers

Answer 171

Intelligence Fusion

Question 172

is the act of examining a system or application for the presence of known software vulnerabilities

Answer 172

Vulnerability Scans

Question 173

occurs when a vulnerability scan detects a vulnerability that is not present on a system or application

Answer 173

False Positives

Question 174

occurs when a vulnerability scan does not detect a vulnerability that is present on a system or application

Answer 174

False negatives

Question 175

can detect access violations, security incidents, and other policy violations

Answer 175

Log reviews

Question 176

can provide information such as the state of the system, but it is not as in depth as a credentialed scan

Answer 176

Non credentialed scan

Question 177

requires higher privileges but provides vulnerability details and user account information

Answer 177

Credentialed scan

Question 178

involves directly interaction with the target system beyond scanning for open ports

Answer 178

Intrusive vs Non Intrusive Scan

Question 179

vulnerabilities can be detected through a dynamic code analysis and can sometimes require regression testing to ensure the code is executing as intended

Answer 179

Applications

Question 180

Attacker can use available web application scanners to search for web applications that are vulnerable to SQL Injection or cross-site scripting attacks

Answer 180

Web applications

Question 181

A scan is conducted to enumerate the ports and services operating within a network

Answer 181

Network Scan

Question 182

A popular database of known software vulnerabilities, each ranked and with a unique ID

Answer 182

Common Vulnerabilities and Exposures (CVE)/Common Vulnerability Scoring System (CVSS)

Question 183

What reviews should be conducted to discover deviations within the system’s security

Answer 183

Configuration review

Question 184

A system that collects, correlates, and aggregate log data to support IT teams

Answer 184

Syslog/Security information and event management (SIEM)

Question 185

Reviewing the output from a SIEM for the presence of security incidents and possible false positives

Answer 185

SIEM Reports

Question 186

Network packets captured by the SIEM system can identify a threat’s presence on the network

Answer 186

Packet Capture

Question 187

A SIEM system can ingest data from multiple sources

Answer 187

Data Input

Question 188

A SIEM system can create alerts based on changes in an end-user’s patterned behavior

Answer 188

User behavior analysis

Question 189

refers to collected data that conveys human emotion or opinion

Answer 189

Sentimental Analysis

Question 190

is the process of combining log data to a format that is searchable

Answer 190

Log Aggregation

Question 191

are software that are gathered independently and passed to the SIEM for aggregation

Answer 191

Log collectors

Question 192

What combines data from multiple sources to decrease the dwell time of an attack?

Answer 192

Security orchestration, automation, and response (SOAR)

Question 193

A simulated cyber-attack from an outside

Answer 193

Penetration testing

Question 194

(white box) testing is conducted with the security tester having in-depth knowledge of the system or application being tested

Answer 194

Known Environment

Question 195

(black box) testing is conducted with the security tester has no knowledge of the system or application being tested

Answer 195

Unknown Environment

Question 196

(gray box) testing is conducted with the security tester is given limited knowledge of the system or application being tested

Answer 196

Partially Known Environmental

Question 197

the scope and boundaries of the penetration test

Answer 197

Rules of engagement

Question 198

refers to an attacker pivoting to other devices within a network

Answer 198

Lateral Movement

Question 199

An attacker can install a backdoor to maintain or regain access to a compromised system

Answer 199

Persistence

Question 200

involves engaging with the system to collect information that’s otherwise not publicly available

Answer 200

Active Reconnaissance

Question 201

to open-source techniques of information gathering such as Google to gather information on a target

Answer 201

Passive Reconnaissance

Question 202

is the act of gathering initial information regarding the target system or application

Answer 202

Foot printing