DOMAIN 1

Question 1

SOCIAL ENGINEERING

Answer 1

an attempt by an attacker to convince someone to provide info (like a password) or
perform an action they wouldn’t normally perform (such as clicking on a malicious link).

Question 2

PHISHING

Answer 2

commonly used to try to trick users into giving up personal information (such as user
accounts and passwords), click a malicious link, or open a malicious attachment.

Question 3

SPEAR PHISHING

Answer 3

targets specific groups of users

Question 4

WHALING

Answer 4

targets high level executives

Question 5

VISHING

Answer 5

(voice phishing) phone based

Question 6

SMISHING

Answer 6

uses SMS (text) messaging on mobile

Question 7

SPAM

Answer 7

Unsolicited email, generally
considered an irritant

Question 8

SPIM

Answer 8

SPAM over instant messaging, also
generally considered an irritant

Question 9

DUMPSTER DIVING

Answer 9

Gathering important details (intelligence) from
things that people have thrown out in their trash.

Question 10

TAILGATING

Answer 10

when an unauthorized individual might
follow you in through that open door
without badging in themselves.

Question 11

ELICITING INFORMATION

Answer 11

strategic use of casual conversation
to extract information without the
arousing suspicion of the target

Question 12

SHOULDER SURFING

Answer 12

a criminal practice where thieves
steal your personal data by spying
over your shoulder

Question 13

PHARMING

Answer 13

an online scam
similar to phishing, where
a website’s traffic is manipulated, and
confidential information is stolen.

Question 14

IDENTITY FRAUD

Answer 14

use of another person’s
personal information,
without authorization, to commit a crime or to
deceive or defraud that person or other 3rd party.

Question 15

PREPENDING

Answer 15

Prepending is adding words or phrases like “SAFE”
to a malicious file or suggesting topics via social
engineering to uncover information of interest.

Question 16

INVOICE SCAMS

Answer 16

fake invoices with a goal of receiving money or
by prompting a victim to put their credentials
into a fake login screen.

Question 17

CREDENTIAL HARVESTING

Answer 17

attackers trying to gain access to your
usernames and passwords that might be
stored on your local computer.

Question 18

PASIVE DISCOVERY

Answer 18

Techniques that DO NOT send packets to the target; like Google hacking, phone
calls, DNS and WHOIS lookups.

Question 19

SEMI-PASSIVE DISCOVERY

Answer 19

Touches the target with packets in a non
aggressive fashion to avoid raising
alarms of the target.

Question 20

ACTIVE DISCOVERY

Answer 20

More aggressive techniques likely to be noticed by the target, including port
scanning, and tools like nmap and Metaspoit.

Question 21

HOAXES

Answer 21

Intentional falsehoods coming in a variety of forms ranging from virus
hoaxes to fake news. Social media plays a prominent role in hoaxes today.

Question 22

IMPERSONATION

Answer 22

A form of fraud in which attackers pose as a known or trusted person to
dupe the user into sharing sensitive info, transferring money, etc.

Question 23

WATERING HOLE ATTACK

Answer 23

Attack strategy in which an attacker guesses or observes which websites an
organization often uses and infects one or more of them with malware.

Question 24

TYPOSQUATTING
aka “URL hijacking”

Answer 24

a form of cybersquatting (sitting on
sites under someone else’s brand or
copyright) targeting users who type
an incorrect website address

Question 25

PRESTEXTING

Answer 25

An attacker tries to convince a victim to give up
information of value, or access to a service or system. The attacker develops a story, or pretext, in order to fool the victim.

Question 26

INFLUENCE CAMPAIGNS

Answer 26

A social engineering attack intended to manipulate
the thoughts and minds of large groups of people.

Question 27

HYBRID WARFARE

Answer 27

Attack using a mixture of conventional and unconventional
methods and resources to carry out the campaign. Including:

• SOCIAL MEDIA: May use multiple social platforms leveraging multiple/many
  individuals to amplify the message, influencing credibility.
  May involve creating multiple fake accounts to post content and
  seed the spread. And may even include paid advertising.

Question 28

PRINCIPLES OF SOCIAL ENGINEERING

Answer 28

• Authority
• Intimidation
• Consensus
• Scarcity
• Familiarity aka “liking”
• Trust
• Urgency

Question 29

APPLICATION ATTACKS

Answer 29

attacks attackers use to exploit
poorly written software .

Question 30

ROOTKIT (escalation of privilege)

Answer 30

freely available on the internet and exploit known vulnerabilities in various
operating systems enabling attackers to elevate privilege.

Countermeasures: keep security patches up
to date
anti
malware software, EDR/XDR

Question 31

BACK DOOR

Answer 31

undocumented command sequences that allow individuals with knowledge
of the back door to bypass normal access restrictions.
often used in development and debugging.

Countermeasures: firewalls, anti
malware, network monitoring, code review.

Question 32

COMPUTER VIRUS

Answer 32

a type of malicious code or program written to
alter the way a computer operates and is designed
to spread from one computer to another.

Question 33

TYPES OF VIRUSES

Answer 33

Crypto-malware
Hoaxes
Logic Bombs
Trojan Horse

Question 34

TYPES OF MALWARE

Answer 34

• Worm
• Potentially Unwanted Programs (PUPs)
• Keylogger
• Spyware
• Fileless virus
• Command and control
• Remote access trojan (RAT)
• Ransomware

Question 35

FILELESS VIRUS

Answer 35

a type of malicious software that does not rely on virus
laden files to infect a
host. Instead, it exploits applications that are commonly used for legitimate
and justified activity to execute malicious code in resident memory.

Question 36

COMMAND AND CONTROL

Answer 36

a computer controlled by an attacker or cybercriminal which is used to send
commands to systems compromised by malware and receive stolen data
from a target network.

Question 37

REMOTE ACCESS TROJAN

Answer 37

a malware program that gives an intruder administrative control over a
target computer.

Question 38

RANSOMWARE

Answer 38

infects a target machine and then uses encryption
technology to encrypt documents, spreadsheets,
and other files stored on the system with a key
known only to the malware creator.
user is then unable to access their files and receives
an ominous pop up message warning that
the files will be permanently deleted unless a
ransom is paid within a short period of time.

• Ransomware is a trojan variant.

Question 39

RANSOMWARE OCUNTERMEASURES

Answer 39

• Back up your computer
• Store backups separately
• File auto
  versioning

Question 40

RANSOMWARE PREVENTION

Answer 40

• Update and patch computers
• Use caution with web links
• Use caution with email attachments
• Verify email senders
• Preventative software programs
• User awareness training (Most important defense).

Question 41

PASSWORD ATTACKS

Answer 41

• Dictionary Attacks
• Password Spraying
• Offline
• Online
• Plaintext/unencrypted
• Brute Force Attack
• SALTS Cryptographic

Question 42

DICTIONARY ATTACKS

Answer 42

Use programs with built in dictionaries.
They attempt all dictionary words to try and find the
correct password, in the hope that a user would have
used a standard dictionary word.

Question 43

PASSWORD SPRAYING

Answer 43

Attacker tries a password against many different
accounts to avoid lockouts that typically come when
brute forcing a single account.
Succeeds when admin or application sets a default
password for new users

Question 44

OFFLINE

Answer 44

Attempt to discover passwords from a captured database or
captured packet scan.

Question 45

ONLINE

Answer 45

Attempts to discover a password from an online system. For
example, an attacker trying to log on to an account by trying to
guess a user’s password.

*Most web and wi-fi attacks are online attacks.

Question 46

PLAINTEXT/UNENCRYPTED

Answer 46

Protocols and authentication methods that leave credentials unencrypted,
like basic authentication and telnet.

Question 47

BRUTE FORCE ATTACK

Answer 47

Attempts to randomly find the correct cryptographic key
attempting all possible combinations (trial and error).
Password complexity and attacker resources will determine
effectiveness of this attack.

Question 48

SALTS Cryptographic

Answer 48

Attackers may use
rainbow tables , which contain
precomputed values of cryptographic hash
functions to identify commonly used passwords
A
salt is random data that is used as an additional
input to a one way function that hashes data, a
password or passphrase.
Adding salts to the passwords before hashing
them reduces the effectiveness of rainbow table
attacks.

Question 49

MULTI-FACTOR AUTHENTICATION

Answer 49

• Something you KNOW (pin or password)
• Something you HAVE (trusted device)
• Something you ARE (biometric)

*Multi-factor Authentication prevents:

• Phishing
• Spear phishing
• Keyloggers
• Credential stuffing
• Brute force and reverse brute force attacks
• Man-in-the-middle (MITM) attacks

Question 50

BOTS, BOTNETS, AND BOT HERDERS

Answer 50

Represent significant threats due to the massive
number of computers that can launch attacks

Question 51

BOTNET

Answer 51

a collection of compromised computing devices
(often called bots or zombies).

Question 52

BOT HERDER

Answer 52

criminal who uses a command
and control server
to remotely control the zombies
often use the botnet to launch attacks on other
systems, or to send spam or phishing emails.

Question 53

PHYSICAL ATTACKS

Answer 53

• Malicious Flash Drive
• Malicious USB cable
• Card cloning
• Skimming

Question 54

MALICIOUS FLASH DRIVE

Answer 54

Attack c
omes in two common forms
Drives dropped where they are likely to be
picked up.
Sometime effectively a trojan, shipped with
malware installed after leaving the factory.

Question 55

MALICIOUS USB CABLE

Answer 55

Less likely to be noticed than a
flash drive.
May be configured to show up as a human
interface device (e.g. keyboard).

Question 56

CARD CLONING

Answer 56

Focuses on capturing
info from cards used for
access, like RFID and magnetic stripe cards.

Question 57

SKIMMING

Answer 57

Involve fake card readers or social
engineering and handheld readers to
capture (skim) cards, then clone so
attacker may use for their own purposes.

*Device (
skimmer) often installed at
POS devices like ATM and gas pumps.

Question 58

ADVERSARIAL ARTIGICIAL INTELLIGENCE

Answer 58

A rapidly developing field targeting AI and Machine Learning (ML).

Question 59

TAINTED TRAINING DATA FOR MACHINE LEARNING (ML)

Answer 59

Data poisoning that supplies AI and ML algorithms with adversarial
data that serves the attackers purposes, or attacks against privacy.

Question 60

SECURITY OF MACHINE LEARNING ALGORITHMS

Answer 60

Validate quality and security of the data sources.
Secure infrastructure and environment where AI and ML is hosted.
Review, test, and document changes to AI and ML algorithms.

Question 61

ARTIFICIAL INTELLIGENCE

Answer 61

Focuses on accomplishing “smart” tasks
combining machine learning and deep
learning to emulate human intelligence

Question 62

MACHINE LEARNING

Answer 62

A subset of
AI, computer algorithms that
improve automatically through experience
and the use of data.

Question 63

DEEP LEARNING

Answer 63

a subfield of machine learning concerned with
algorithms inspired by the structure and function
of the brain called artificial neural networks.

Question 64

SUPPLY CHAIN ATTACKS

Answer 64

a cyber-attack that seeks to damage an organization
by targeting less-secure elements in the supply chain. Often attempt to compromise devices, systems, or software
before it reaches an organization.

Question 65

CLOUD-BASED ATTACKS

Answer 65

Data center is often more secure and less
vulnerable to disruptive attacks (like DDoS)
On the downside, you will not have facility
level or physical system level audit access.

Question 66

ON-PREMISES ATTACKS

Answer 66

You do not benefit from the cloud’s shared
responsibility model.
You have more control but are responsible for
security of the full stack.

Question 67

COLLISION ATTACK

Answer 67

attack on a cryptographic hash to find
two inputs that produce the same
hash value
beat with collision resistant hashes

Question 68

DOWNGRADE ATTACK

Answer 68

when a protocol is downgraded
from a higher mode or version to a
low quality mode or lower version.

*Commonly targets
TLS.

Question 69

BIRTHDAY ATTACK

Answer 69

an attempt to find collisions in hash
functions.

*Commonly targets digital signatures

Question 70

REPLAY ATTACK

Answer 70

an attempt to reuse authentication
requests.

*Targets authentication (
often
Kerberos).

Question 71

APPLICATION ATTACKS

Answer 71

A security hole created when code is
executed with higher privileges than
those of the user running it.

Question 72

PRIVILEGE ESCALATION

Answer 72

a type of injection using malicious scripts

Question 73

CROSS-SITE SCRIPTING (XXS)

Answer 73

A type of injection, in which malicious scripts are injected into
otherwise benign and trusted websites.
Occur when an attacker uses a web application to send
malicious code to a different end user.

Question 74

CROSS-SITE REQUEST FORGERY (XSRF OR CSRF)

Answer 74

similar to cross-site scripting attacks but exploits a different
trust relationship.
exploits trust a website has for your browser to execute code
on the user’s computer.

Question 75

DYNAMIC-LINK LIBRARY (DLL)

Answer 75

Is a situation in which the malware tries to inject code into the memory process
space of a library using a vulnerable/compromised DLL.

Question 76

LIGHTWEIGHT DIRECTORY ACCESS PROTOCOL (LDAP)

Answer 76

exploits weaknesses in LDAP implementations.
This can occur when the user’s input is not properly filtered, and the result can be
executed commands, modified content, or results returned to unauthorized queries.

Question 77

EXTENSIBLE MARKUP LANGUAGE (XML)

Answer 77

when users enter values that query XML (known as XPath) with values that take
advantage of exploits, it is known as an XML injection attack.
XPath works in a similar manner to SQL, except that it does not have the same levels
of access control, so exploits can return entire documents.

Question 78

INJECTIONS (INJECTION ATTACKS)

Answer 78

used to compromise web front-end and backend databases.

Question 79

SQL INJECTION ATTACKS

Answer 79

Use unexpected input to a web application to gain
unauthorized access to an underlying database.

*NOT new and can be prevented
through good code practices.

Question 80

POINTER/OBJECT DEREFERENCE

Answer 80

An attack that consists of finding null references in a target program
and dereferencing them, causing an exception to be generated.

*Dereferencing means taking away the reference and
giving you what it was actually referring to.
*GOOD coding is the best protection.