General

Question 1

TLS Transport Layer Security

Answer 1

TLS can wrap regular HTTP traffic within TLS, which means that we can encrypt our entire conversation, not just the data sent or requested. Before the TLS mechanism was in place, we were vulnerable to Man-in-the-middle

Question 2

Passive Analysis Dependencies

Answer 2

passive, we are just copying data that we can see without directly interacting with the packets.

Question 3

Active Passive Dependencies

Answer 3

Active capture requires us to take a more hands-on approach. This process can also be referred to as in-line traffic captures.

Question 4

Tcpdump

Answer 4

command-line packet sniffer that can directly capture and interpret data frames from a file or network interface

Question 5

NIST SP 800-61 framework

Answer 5

preperation
detection & analysis
containment, eradication, and recovery
post incident activity

Question 6

3 types of NIDS

Answer 6

network-based intrusion detection system

inline, network tap, passive

Question 7

OSI Model

Answer 7

PDNTSPA

Question 8

Application Layer protocols

Answer 8

HTTP, FTP

Question 9

Presentation Layer protocols

Answer 9

JPG,TLS,SSL,PNG

Question 10

Session Layer protocols

Answer 10

NetBIOS
Responsible for the communication of devices

Question 11

Important IP addresses

Answer 11

Loopback: 127.0.0.1
Link local: 169.254.x.x
Prívate: 10.0.0.0- 10.255.255.255
172.16.0.0, 192.168.0.0

Question 12

Different Layers of Firewalls

Question 13

Cyber Kill Chain

Answer 13

The model identifies what the adversaries must complete in order to achieve their objective.

1. Reconnaissance
2. Weaponization
3. Delivery
4. Exploitation
5. Installation
6. Command and Control (C2)
7. Actions on objectives

Question 14

Kerberos

Answer 14

a ticket-granting system

Uses username and password to AS (Authentication server) > AS sends ticket (encrypted secret key derived from users password)

Question 15

SQL Injection

Answer 15

a web application directly includes unsanitized data provided by the user in SQL queries.

Question 16

How to prevent SQL Injection

Question 17

SQL Injection Payload

Answer 17

https://github.com/payloadbox/sql-injection-payload-list

Question 18

XSS

Answer 18

Cross Site Scripting

Type of injection using malicious scripts into trusted websites

Question 19

WAF

Answer 19

Web Application Firewall
-Layer 7 Firewall
-protects against XSS, SQL Injection

Question 20

Encoding

Answer 20

Converts the data in the desired format required for exchange between different systems.

Question 21

Hash vs Encryption

Answer 21

Encryption is a two-way function that includes encryption and decryption whilst hashing is a one-way function that changes a plain text to a unique digest that is irreversible.