Explain Attacks, Threats, and Vulnerabilities

Question 1

Answer 1

Relationship between vulnerability, threat, and risk.

Question 2

Answer 2

Example of a phishing email. On the right, you can see the message in its true form as the mail client has stripped out the formatting (shown on the left) designed to disguise the nature of the links. (Screenshot courtesy of CompTIA.)

Question 3

Answer 3

Using a command & control (C&C) network to operate a botnet of compromised hosts and
coordinate a DDoS attack.

Question 4

Answer 4

If authentication credentials are transmitted in cleartext, such as the unencrypted version of the
IMAP mailbox access protocol, it is a simple matter for the credentials to be intercepted via packet
sniffing.

Question 5

Answer 5

Hashcat password cracking utility. This example uses a mask to speed up a brute force attack. The attacker can use a mask by learning or guessing likely facts about how the target chooses a password, such as its length and likelihood of being a variation on a simple word or phrase.