FBLA Practice

Question 1

IBM, Microsoft, and Novell universal biometric standard

Answer 1

Bio API

Question 2

Attack type that relies on trust and deception

Answer 2

Social Engineering

Question 3

How can you prevent intruders from accessing your wireless network?

Answer 3

Restrict to known MAC addresses

Question 4

Microsoft Passport is what?

Answer 4

Single Sign-On

Question 5

Computer system designed to trap intruders

Answer 5

Honeypot

Question 6

Stateful Inspection

Answer 6

Compares parts of a packet to trusted information

Question 7

TCP

Answer 7

Internet protocol to get data from one device to another (Transmission Control Protocol)

Question 8

UDP

Answer 8

Protocol for information without a response, like streaming (User Datagram Protocol)

Question 9

ICMP

Answer 9

Router to Router Protocol (Internet Control Message Protocol)

Question 10

SMTP

Answer 10

Email or text transfer protocol (Simple Mail Transfer Protocol)

Question 11

SNMP

Answer 11

Used to collect system info from a remote computer (Simple Network Management Protocol)

Question 12

Telnet

Answer 12

Used to preform commands on a remote machine (often insecure)

Question 13

Application Backdoor

Answer 13

Hidden access coded in by developer

Question 14

SMTP Session Hijacking

Answer 14

Allows access to email addresses and therefore spam

Question 15

Email Bomb

Answer 15

Large quantity of email to overwhelm server, prevents access

Question 16

Redirect bomb

Answer 16

Attack using ICMP to change the path of information

Question 17

Source Routing

Answer 17

Controlling the path of a packet from the source

Question 18

Proxy Server

Answer 18

Server that local packets go through before internet

Question 19

Adware

Answer 19

Malware the displays ads, often collecting personal info

Question 20

Attack

Answer 20

Bypassing security

Question 21

Audit trail

Answer 21

Recording showing who and what a user did on a computer

Question 22

Authentication

Answer 22

Verifying a user’s identity

Question 23

Blended threat

Answer 23

Combining types of malware to inflict maximum damage, such a trojan horse worm

Question 24

Dictionary Attack

Answer 24

Using a list of words to try and find a password

Question 25

Brute-force attack

Answer 25

Using every possible possible password combination

Question 26

EULA

Answer 26

End User License Agreement

Question 27

Flooding

Answer 27

Denial of Service through sending large amounts of data

Question 28

Pharming

Answer 28

Like Phishing, except done through DNS poisoning (redirecting a user through false information put into a DNS server)

Question 29

RADIUS

Answer 29

Authentication service used by ISPs to manage access to the ISP system

Question 30

Retro-Virus

Answer 30

Infects all backup media to ensure you cannot restore system

Question 31

Rootkit

Answer 31

Allows complete access to a system with a hidden presence

Question 32

Smurfing

Answer 32

Denial of service attack using ICMP and a Smurfed IP address, exploits Echo requests

Question 33

Spyware

Answer 33

Hidden components of software that harvest personal information

Question 34

Threat

Answer 34

Anything that has the potential to attack or threaten a system

Question 35

Vulnerability

Answer 35

Something that a threat can exploit to carry out an attack

Question 36

Worm

Answer 36

Self Replicating program, often used to clog networks through its spread

Question 37

Worm

Answer 37

Self Replicating program, often used to clog networks through its spread

Question 38

APT

Answer 38

Advanced Persistent Threat, coordinated, complex, and long term threat

Question 39

Air Gap

Answer 39

Physically Isolation of a network

Question 40

Asymmetric Cryptography

Answer 40

Private/Public Key Cryptography, Must use both keys, allows no shared secrets

Question 41

Botnet

Answer 41

Multiple computers AKA zombies, controlled by single entity, used for DDoS,

Question 42

CERT

Answer 42

Computer Emergency Response Team, often government or corporate run teams of cybersec. expertise

Question 43

Conflicker

Answer 43

2008 Computer Worm, noteworthy for large size of botnet and international response

Question 44

DNS

Answer 44

Domain Name System, translates IP addresses into words

Question 45

FedRAMP

Answer 45

Federal Risk and Authorization Management Program, 2012 Program that allowed 1 certification for all US Civilian Government Work

Question 46

FedRAMP

Answer 46

Federal Risk and Authorization Management Program, 2012 Program that allowed 1 certification for all US Civilian Government Work

Question 47

GhostNet

Answer 47

1295 computer botnet, spread over 103 countries, discovered 2004, most likely used by China to target the West

Question 48

ICS

Answer 48

Industrial Control System, runs large scale industry, such as factories, to pipelines

Question 49

ISAC

Answer 49

Information Sharing and Analysis Center, Hub to share information with an industry for critical infrastructure

Question 50

Integrity Attack

Answer 50

An attack for changing data, rather than extracting it

Question 51

ICANN

Answer 51

Internet Corporation for Assigned Names and Numbers, 1998 Nonprofit took over US Gov. control of DNS and Internet Policy

Question 52

ITU

Answer 52

1865 Founded UN Agency in charge of Telecommunications (International Telecommunications Union)

Question 53

IETF

Answer 53

Internet Engineering Task Force, developed standards and protocols, part of ISOC

Question 54

ISOC

Answer 54

Internet Society, group of agencies in charge of developing internet policy

Question 55

NIST

Answer 55

US Commerce Department, develops industry standards

Question 56

Operation Orchard

Answer 56

2007 Israeli strike on Syrian Nuclear Research

Question 57

Operation Shady RAT

Answer 57

2006 Series of Cyber attacks, comprised confidential information of 70+ major firms and agencies

Question 58

Red team

Answer 58

Simulated attack group of white hat hackers

Question 59

Root access

Answer 59

Ability to change every file on a system

Question 60

SIPRNet

Answer 60

Secure Internet Protocol Router Network, US Military Classified INTRAnet, uses common Internet Protocol

Question 61

SCADA

Answer 61

Supervisory Control and Data Acquisition, Industrial Control System to manage sensors and control large facilities

Question 62

TOR

Answer 62

The Onion Router, used to provide online anonymity, developed by US Gov. now volunteer run

Question 63

SQL

Answer 63

Structured Query Language, used to access and manage databases in servers

Question 64

SQL Injection

Answer 64

Using a website to pass SQL code to gain access to a database and the information within

Question 65

typosquatting

Answer 65

registering domain names that may be close to the original (fisney instead of disney)

Question 66

Watering Hole

Answer 66

Attack on a specific group by compromising website used frequently by members of that group

Question 67

Zero Day

Answer 67

Exploits a previously unknown vulnerability, “zeroth day of awareness”