General

Question 1

What is dns fast flux?

Answer 1

It’s where IP addresses are rapidly changed pointing to a malicious dns domain

Question 2

What is double flux?

Answer 2

Where the DNS is replaced with fast flux

Question 3

What is domain flux network

Answer 3

Where random DGA is used to rotate domain name.

Question 4

What is a birthday attack

Answer 4

Brute force to exploit collisions in hash functions

Question 5

What is a plaintext/ unencrypted attack ?

Answer 5

Exploits password storage or network authentication that isn’t encrypted

Question 6

What is an online password attack ?

Answer 6

Where attackers interacts directly with authentication service such as RDP or web login form

Question 7

What is password spraying ?

Answer 7

Horizontal brute force where a few passwords are used against a range of different accounts

Question 8

What is a offline password attack ?

Answer 8

Where attacker has a database of password hashes and tries to crack it offline

Question 9

How to make rainbow table attacks harder to do?

Answer 9

Use a salt and password length above 14 characters

Question 10

When assessing supplier risk what two relationships should you keep in mind

Answer 10

Vendor and business partner relationships

Question 11

What is a TOCTTOU race condition?

Answer 11

Time of check to time of use occurs when there is a change between when resource is checked and used

Question 12

What is DLL injection?

Answer 12

Where a legitimate apps process can be forced to run a malicious DLL

Question 13

How can malware use shim database?

Answer 13

It’s there for legacy apps to run
Malware with local admin rights can use it to gain persistence

Question 14

What is session replaying ?

Answer 14

An attack that involves replaying a session such as a token or cookie

Question 15

3 ways to counter cookie hijacking

Answer 15

Encrypt cookies during transmission
Delete cookie from browser cache
Use new cookie for each new session between client and app

Question 16

What is a csrf and xsrf attack in general ?

Answer 16

An attack that exploits a session a user already has by sending them for example malicious link

Question 17

What is click jacking ?

Answer 17

Type of hijack attack that forces or tricks user to click link embedded or hidden on website

Question 18

What is an sslstrip attack and how can it be prevented

Answer 18

Where a request can be set to http through mitm attack
To prevent this use hsts in browser and only allow https links

Question 19

What is a cross site scripting attack XSS?

Answer 19

Malicious script hosted on attackers site or coded in a link on trusted site to compromise clients visiting it

Question 20

What is a reflected non persistent XSS attack

Answer 20

Malicious Input comes from a crafted link

Question 21

What is a stored persistent XSS attack

Answer 21

aims to insert code in back end database or cms. Such as a comment on website

Question 22

Can XSS attacks exploit client side scripts

Answer 22

Yes and it involves DOM at times

Question 23

Data submitted through xml unencrypted is vulnerable in what 3 ways

Answer 23

Spoofing, request forgery, and injection of arbitrary code or data

Question 24

What is a server side request forgery attack ssrf?

Answer 24

Where attackers abuse servers access to internal resources by abusing implicit trust between servers and services or weak input validation

Question 25

What is the confused deputy problem

Answer 25

It’s where an attacker tricks a more privileged entity such as a server to perform an action abusing the access said entity has to other entities

Question 26

What else is a man in the middle mitm attack called ?

Answer 26

On path attack

Question 27

What is vertical privilege escalation?

Answer 27

When an attacker performs functions that are typically assigned to higher roles

Question 28

What is horizontal privilege escalation

Answer 28

When user access or modified specific resources they are not entitled to

Question 29

What does a wifi krack attack exploit?

Answer 29

4 way handshake to reveal encrypted data like passwords

Question 30

What can be used to protect against some wifi deauthentication attacks

Answer 30

Management frame protection 802.11w

Question 31

What is blue jacking ?

Answer 31

Bluetooth attack where you are send spam through Bluetooth like image

Question 32

What is blue snarfing?

Answer 32

An exploit that hacks device through Bluetooth

Question 33

3 traits of fileless malware

Answer 33

Doesn’t write to disk
Uses lightweight shell code
Live off the land techniques rather than compiled executables