INFO310FINAL

Question 1

Goal of Cybersecurity

Answer 1

Protection of Assets, Prevention Detection, and Recovery

Question 2

CIA

Answer 2

confidentiality, Integrity, Availability.

Question 3

Confidentiality (CIA)

Answer 3

the concealment of information or resources

Question 4

Integrity (CIA)

Answer 4

the trustworthiness of data or resources

Question 5

Availability (CIA)

Answer 5

Availability: the ability to use information or resources

Question 6

Categories of Threats

Answer 6

Deception, Disruption, Disclosure, Usurpation

Question 7

Deception (Category of threat)

Answer 7

The acceptance of false data

Question 8

Disruption (Category of threat)

Answer 8

the interruption or prevention of correct operation

Question 9

Disclosure (Category of threat)

Answer 9

The unauthorized access to information

Question 10

Usurpation (Category of threat)

Answer 10

the unauthorized control of some part of a system

Question 11

Snooping or eavesdropping (Type of threat)

Answer 11

the unauthorized interception of information, is a form of disclosure

Question 12

Modification or alteration (Type of threat)

Answer 12

an unauthorized change of information is a form of usurpation, deception, and disclosure.

Question 13

Masquerading or spoofing (Type of threat)

Answer 13

an impersonation of one entity by another, is a form of both deception and usurpation.

Question 14

Repudiation of origin

Answer 14

a false denial that an entity sent (or created) something, is a form of deception.

Question 15

Denial of receipt

Answer 15

a false denial that an entity received some information or mes- sage, is a form of deception

Question 16

Delay

Answer 16

a temporary inhibition of a service, is a form of usurpation, al- though it can play a supporting role in deception.

Question 17

Denial of service

Answer 17

a long-term inhibition of service, is a form of usurpation often also used as a mechanism of deception.

Question 18

The Core of Cybersecurity

Answer 18

Asset, Threat, Vulnerability, Risk

Question 19

Asset

Answer 19

People, property, and information of value

Question 20

Threat

Answer 20

Anything that can exploit a vulnerability, intentionally or acciden- tally, and obtain, damage, or destroy an asset.

Question 21

Vulnerability

Answer 21

Weaknesses or gaps in a security program that can be exploited by threats to gain unauthorized access to an asset.

Question 22

Risk

Answer 22

The potential for loss, damage or destruction of an asset as a result of a threat exploiting a vulnerability.

Question 23

Formula for calculating risk

Answer 23

Asset + Threat + Vulnerability = Risk.

Question 24

Polyalphabetic Ciphers

Answer 24

Any cipher based on substitution, using multiple substitution alphabets.

Question 25

Scytale Encryption

Answer 25

message wrapped around a rod of a certain size then can be read.

Question 26

Transposition Ciphers

Answer 26

A method of encryption by which the positions held by units of plaintext […] are shifted according to a regular system, so that the ciphertext constitutes a permutation of the plaintext.

Question 27

Frequency Analysis

Answer 27

The study of the frequency of letters or groups of letters in a ciphertext. The method is used as an aid to breaking classical ciphers.

Question 28

Social Engineering

Answer 28

s the art or better yet, science, of skillfully maneuvering human beings to take action in some aspect of their lives.

Question 29

Phishing (SE)

Answer 29

The practice of sending emails appearing to be from reputable sources with the goal of influencing or gaining personal information.

Question 30

Vishing (SE)

Answer 30

The practice of eliciting information or attempting to influence action via the telephone, may include such tools as phone spoofing.

Question 31

Impersonation (SE)

Answer 31

The practice of pretexting as another person with the goal of obtaining information or access to a person, company, or computer system

Question 32

Properties of encryption

Answer 32

· Ensures Authentication · Ensures Non-Repudiation · Ensures Confidentiality · Ensures Integrity

Question 33

Secret Key Cryptography (SKC) (AKA Symmetric Encryption)

Answer 33

Uses a single key for both encryption and decryption

Question 34

Public Key Cryptography (PKC) (AKA Asymmetric Encryption)

Answer 34

Uses one key for encryption and another for decryption

Question 35

Hash Functions (AKA Checksum)

Answer 35

Uses a mathematical transformation to create a digital fingerprint or message digest

Question 36

The Layers of the Internet Protocol Model

Answer 36

Physical, Link, Network, Transport, and Application

Question 37

Physical layer IPM

Answer 37

Wire, open air, optic fibers

Question 38

Link layer IPM

Answer 38

Ethernet, Wifi, 4G

Question 39

Network layer IPM

Answer 39

Internet protocol, inter control ICMP (nter Control Messaging Protocol)

Question 40

Transport Layer (IPM)

Answer 40

Transmission Control Protocol (TCP) User Datagram Protocol (UDP)

Question 41

Application Layer IPM

Answer 41

Email > Simple Mail Transfer Protocol (SMTP) - Websites>HyperText Transfer Protocol (HTTP) -File Sharing>File Transfer Protocol (FTP)>Server Message Block (smb)

Question 42

Public IP

Answer 42

public domain on the internet. Created by Internet Service Providers (ISP) to connect to other ISPs around the world. Creates the internet.

Question 43

Private IP

Answer 43

private to a Local Area Network (LAN). Private IPs are assigned in a LAN by the Dynamic Host Configuration Protocol (DHCP).

Question 44

Internet Protocol (IP) Address

Answer 44

it is a unique identifier. An IP address has two components: the network address and the host address. A subnet mask then sep- arates the IP address into network and host addresses.

Question 45

Authentication

Answer 45

the process of verifying that an individual, entity or website is who it claims to be. Authentication in the context of web applications is commonly performed by submitting a username or ID and one or more items of private information that only a given user should know

Question 46

Credential

Answer 46

An attestation of identity, qualification, competence, or authority issued to an individual by a third party

Question 47

Web Session

Answer 47

sequence of network HTTP request and response transactions associated to the same user. […] sessions provide the ability to establish variables - such as access rights and localization settings - which will apply to each and every interaction a user has with the web application for the duration of the session.

Question 48

Client side code

Answer 48

is almost exclusively in Javascript (JS) runs with an interpreter. Makes web pages come alive. Credential information is stored and sent from the client

Question 49

Server Side

Answer 49

Server side services listen for a request and then respond to that request part of the N-tier application design

Question 50

N-Tier Application

Answer 50

Presentation, logic, data

Question 51

Presentation tier

Answer 51

Translates data in to something the user can understand

Question 52

Logic Tier

Answer 52

Coordinates the application, processes commands makes logical decisions and evaluations and performs calculations. Provides communication between the presentation and data tier

Question 53

Data Tier

Answer 53

Information is stored and retrieved from a database, datastore or filesystem. Provides information back to the logic tier

Question 54

Hub

Answer 54

does nothing except provide a pathway for the electrical signals to travel along

Question 55

Switch

Answer 55

are the connectivity points of an Ethernet network that forward data only to the port that connects to the destination device. It does this by learning the MAC address of the devices attached to it, and then by matching the destination MAC address in the data it receives.

Question 56

Router

Answer 56

ill normally create, add, or divide on the Network Layer as they are normally IP-based devices.Receives a packet of data, it reads the header of the packet to define the destination address

Question 57

Wireless Access Point

Answer 57

use the wireless infrastructure network mode to provide a connection point between WLANs and a wired Ethernet LAN.

Question 58

Virtual Private Network (VPN)

Answer 58

Encrypted Connection over the internet from a device to a network

Question 59

Firewall

Answer 59

A networking device, either hardware or software based, that controls access to your organization’s network.

Question 60

Software Firewalls

Answer 60

Use network operating systems such as Linux/Unix, Windows Servers and Mac OS Servers

Question 61

Hardware Firewalls

Answer 61

Dedicated network device Many routers and WAPs have firewall functionality built in

Question 62

Subnet Mask

Answer 62

a 32-bit number that masks an IP address, and divides the IP address into network address and host address. network bits to all “1”s and setting host bits to all “0”s

Question 63

Classless inter-domain routing (CIDR)

Answer 63

is a set of Internet protocol (IP) standards that is used to create unique identifiers for networks and individual devices.

Question 64

CVE - Common Vulnerabilities and Exposures

Answer 64

A dictionary of CVE attempting to standardize across the industry

Question 65

Goals of Vulnerability Management Program (4)

Answer 65

Maintain accurate inventory of assets Define and set stan- dards>Maintain awareness and detect new vulnerabilities>Reme- diate or mitigate identified vulnerabilities >Continuously monitor IT environment

Question 66

Remediation

Answer 66

Apply Patches -Update configurations -Deactivate unnecessary services and channels

Question 67

Mitigation

Answer 67

Compensating Network Controls - Procedural or Physical Controls

Question 68

Script Kiddies

Answer 68

tend to lack motivation and rely on script created by more ad- vanced hackers. They utilize easy to use software to do things such as port scanning. Blue hats are “vindictive script kiddies”.

Question 69

Green Hat

Answer 69

newbie hackers. Unlike script kiddies, green hat hackers have the drive to become a more advanced hacker

Question 70

Black Hat

Answer 70

malicious hacker who hacks for personal gain, typically financial

Question 71

White Hat/Ethical Hackers

Answer 71

Use their skills in order to help individuals, businesses and gov- ernment.

Question 72

Grey Hat

Answer 72

: shifts between ethical and non-ethical hacking practices

Question 73

Hacktivists:

Answer 73

Digital vigilantes working to right a perceived wrong in the world

Question 74

Nation State Hackers (AKA APT)

Answer 74

government employees who attempt to acquire classified informa- tion about other governments

Question 75

Malicious Insider

Answer 75

: a disgruntled employee or corporate spy

Question 76

Microsoft secure development lifecycle 12 parts

Answer 76

1) Provide training 2)Define security requirements 3)Define met- rics and compliance reporting 4) Perform threat modeling 5) Establish design requirementsà6) Define and use cryptography standards 7)Manage the security risk of using 3rd party compo- nentsà8) Use approved tools 9) Perform SAST 10) Perform DAST 11)Perform penetration testing 12) Establish a standard incident response process

Question 77

permission Read (r)

Answer 77

Having read permissions grants the right to read the contents of the file and read the permissions of a directory.

Question 78

Permission write(w)

Answer 78

Implies the ability to change the contents of a file. Or create new files in a directory

Question 79

Permission Execute (x)

Answer 79

the right to execute the files if they are programs. Regarding directories, it allows you to enter any directories and access files

Question 80

Privilege escalation

Answer 80

exploiting a bug or design flaw to gain elevated access to re- sources that are normally protected from a user or application

Question 81

Vertical privilege escalation

Answer 81

o a lower level privilege user accesses functions or content revised for higher privilege users or applications

Question 82

Horizontal privilege escalation

Answer 82

o a normal user accesses functions or content reserved for other normal users

Question 83

Role Based Access Controls

Answer 83

Type of permissions that only allow a person to have the permis- sions necessary to complete their role. For example, an employ will only be given permissions needed to complete their job. Pre- vents lower level employees from accessing additional information that is not relevant to them

Question 84

Threat Modeling

Answer 84

a process by which potential threats, such as structural vulnera- bilities or the absence of appropriate safeguards, can be identi- fied, enumerated, and mitigations can be prioritized. This is about finding problems should be done early in the development.

Question 85

Asset based approach (TM)

Answer 85

lists all of the assets and considers how attacker could threaten them

Question 86

Modeling Attacker

Answer 86

Talking about human threat agents can make the threat seem real

Question 87

Software model

Answer 87

models that focus on software being built or system being de- ployed

Question 88

Trust boundary

Answer 88

any place where entities of different privilege interact. Threats tend to cluster around trust boundaries

Question 89

Dataflow Diagrams (DFD) (Software model)

Answer 89

follows the flows of data often ideal for threat modeling

Question 90

Unified modeling language (UML) (Software model)

Answer 90

Fairly complex if starting from scratch likely can be adapted

Question 91

Swim line diagrams (Software model)

Answer 91

o represent flows between various participants; each lane edge is labeled to identify a participant; each message is represented by a line between participants.

Question 92

state diagram (Software model)

Answer 92

represents the various states a system could be in and the tran- sitions between those states.

Question 93

STRIDE

Answer 93

STRIDE: A well accepted approach to thinking of threats when threat modeling: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of privilege.

Question 94

spoofing

Answer 94

Pretending to be someone or something other than yourself. This VIOLATES AUTHENTICATION.

Question 95

Tampering

Answer 95

Modification of something on a disk in memory or network. This VIOLATES INTEGRITY

Question 96

Repudiation

Answer 96

claiming that you did not do something VIOLATES NONREPUDI- ATION o Information disclosure - providing information to someone not authorized to see it VIOLATES CONFIDENTIALITY

Question 97

Denial of Service

Answer 97

Absorbing the resources needed to provide a service. VIOLATES AVAILABILITY.

Question 98

Information Disclosure

Answer 98

providing information to someone not authorized to see it VIO- LATES CONFIDENTALLITY

Question 99

elevation of privilege

Answer 99

Allowing someone to do something they are not authorized to do. Violates AUTHORIZATION

Question 100

Data tier languages and Protocols List them

Answer 100

SQL, Network file system NFS, Standard messaging block (SMB), Rsyslog

Question 101

SQL

Answer 101

o Structured Query Language - SQL - A language used in programming and designed to manage data held in databases. PORTS: 3306 (MySQL/MariaDB)>5432 Postgres>1433 MS SQL

Question 102

Network file system (NFS)

Answer 102

Distributed file system protocol runs on port: 2249

Question 103

Standard messaging block (SMB)

Answer 103

o A network protocol for shared access to files printers and serial ports (445 or 139)

Question 104

Rsyslog

Answer 104

A utility for sending logs to remote log systems

Question 105

Protecting Data (5 rules)

Answer 105

Minimize attack surface, Principle of least privilege, Encryption, Tokenization, Federation

Question 106

Minimize attack surface

Answer 106

Minimize the attack surface area: Implement physical, Network, logistical controls on data.

Question 107

Principle of least privilege

Answer 107

access to data should be controlled by permissions that are veri- fied before allowing users to access the data.

Question 108

Encryption

Answer 108

prevents data visibility in the event of unauthorized access or theft

Question 109

Tokenization

Answer 109

Substituting sensitive data with non-sensitive equivalent. The to- ken is then used to map back to the data

Question 110

Federation

Answer 110

A type of meta-database file system that is geographically de- centralized and transparently maps multiple databases in to one single one.

Question 111

NICE: National Initiative for Cybersecurity Education (parts and what they do

Answer 111

o Categories: provide organizational structure o Specialty Areas: subgroups of categories containing cybersecu- rity work.o Work Roles: the most detailed grouping of cybersecurity related work which includes KSAs and tasks for the role.o Knowledge, skills and abilities: The skills required to perform a work role.o Task - specific task assigned to the work role

Question 112

OWASP

Answer 112

Open Web Application Security Project

Question 113

OWASP TOP 10: list them

Answer 113

Top ten critical security risks to applications A1: Injection A2: Bro- ken authentication A3: Sensitive data exposure A4: XML External Entities A5: Broken access control A6: Security misconfiguration A7: Cross Site Scripting (XSS) A8: Insecure deserialization A9: Vulnerable components A10: Insufficient logging and monitoring.

Question 114

SQLi

Answer 114

Injection of a string in to a query in order to modify a response: attacker sends hostile data in to an interpreter How does it work: There are flaws in the code that when a specific string is injected do something different than they were meant to do.

Question 115

SQLi mitigation (3 parts)

Answer 115

requires keeping data separate from commands and queries. Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.”o Never Insert Untrusted Data Except in Allowed Locations o HTML Escape Before Inserting Untrusted Data into HTML Ele- ment Contento Use a trusted library”

Question 116

XSS - Cross Site Scripting

Answer 116

A type of application attack where the attacker takes advantage of scripting and input validation vulnerabilities in an interactive website to attack legitimate users.

Question 117

Reflected XSS:

Answer 117

The application or API includes invalidated or un-escaped user input as HTML output.

Question 118

Stored XSS

Answer 118

The application or API stores unsanitized user input that can be viewed at a later date.

Question 119

DOM XSS

Answer 119

JavaScript frameworks, single-page applications, and APIs that dynamically include attacker-controllable data to a page are vul- nerable to DOM XSS

Question 120

XSS mitigation

Answer 120

Escaping untrusted HTTP request data based on the context in the HTML output, Using frameworks that automatically escape XSS by design, such as the latest Ruby on Rails and React JS.

Question 121

Static Application Security Testing (SAST):

Answer 121

the analysis of computer software that is performed WITHOUT executing programs.

Question 122

Dynamic Application Security Testing (DAST)

Answer 122

the analysis of computer programs DURING their execution. DAST does not require the source code and therefore detects vulnera- bilities by performing attacks itself.

Question 123

Private: cloud infrastructure

Answer 123

operated solely for a single organization

Question 124

Public cloud infrastructure

Answer 124

services are rendered over a network that is open for public use

Question 125

Hybrid cloud

Answer 125

a composition of public cloud and private environment

Question 126

Infrastructure as a service

Answer 126

refers to online services that provide high-level APIs used to deref- erence various low-level details of underlying network infrastruc- ture like physical computing resources,location, data partitioning, scaling, security, backup etc.

Question 127

Platform as a service

Answer 127

consumer does not manage or control the underlying cloud infra- structure. This includes the network, servers, operating systems or storage. The user does control the deployed applications and possible the configuration settings for the application hosting en- vironment.

Question 128

Software as a Service (SaaS)

Answer 128

the applications are accessible via a thin client interface such as a web browser or program interface. The consumer does not manage or control the underlying cloud infrastructure, including network, servers, operating systems, storage and even individual application capabilities.

Question 129

Networking Security Logs

Answer 129

Primarily contain computer security-related information

Question 130

Operating System logs

Answer 130

contains system events and audit records

Question 131

Application logs

Answer 131

contains application level events or audit information

Question 132

Viruses

Answer 132

typically hidden within another seemingly innocuous program. It can create copies of itself and insert them into other programs and files to perform a harmful action. Uncommon today and comprises less than 10% of all malware

Question 133

Worms

Answer 133

distinctive trait is that it is self-replicating and can spread without user action. Viruses require the user to interact with the corrupt- ed/malicious file

Question 134

Trojan Horse

Answer 134

Masquerades as a legitimate program but contains malicious code. A trojan requires the user to execute the corrupted/malicious file. Typically spread via social engineering

Question 135

Ransomware

Answer 135

most ransomware programs are trojans, which means they must be spread through social engineering of some sort. Once the user executes the corrupted/malicious file, it looks for and encrypts the users’ files. The hacker then holds the files as hostage in exchange for a ransom. Can be prevented by creating a good backup. According to studies, about 25% of victims choose to pay the ransom while 30% do not get their files unlocked

Question 136

Rootkit

Answer 136

if you get infected with a Rootkit, you’re basically **ed. Rootkits allow the hacker to have “root” privilege and create/edit/delete files as they please. Rootkits can conceal themselves from anti-mal- ware systems and are very difficult to detect. This is because “root” privilege is greater than that of the victim/user. Rootkits are extraordinarily hard to create and only the most advanced attacks utilize them. Tech companies are very proactive about patching vulnerabilities that are susceptible to a Rootkit.

Question 137

Backdoor

Answer 137

a method of bypassing normal authentication procedures, typically over a connection to a network such as the internet. Backdoor allow the hacker to spy, invisibly, on the victims activities. May be installed by Trojan horses, worms, implants or “other methods”.

Question 138

Adware

Answer 138

attempts to expose the victim to unwanted and potentially ma- licious advertising. Common adware programs may re-direct a user’s browser searches to a copycat page that contains promo- tions for other products

Question 139

Botnet

Answer 139

a logical collection of internet-connected devices whose security has been compromised and control ceded to a third party. Each compromised device is known as “bot”. Botnets are rented out by cyber criminals as commodities for a variety of purposes (such as a DDoS attack)

Question 140

Signature Based Detection

Answer 140

many viruses have a “signature”, or a recognizable series of ones and zeros. Signature based anti-virus programs work by spotting these signatures and stopping the files before they can cause damage

Question 141

Behavior Based Detection

Answer 141

monitors system processes to determine if a program is attempt- ing to engage in malicious behavior against the operating system

Question 142

Quarantining Removal

Answer 142

the most common first step, works by moving the malicious file into a protected area on the hard drive. This area is separate from any other file that could activate the malicious software

Question 143

Startup Detection/Removal

Answer 143

aims to stop the initialization and spread of the virus during the start up process

Question 144

Restore points

Answer 144

Operating system “restore points” provides administrators with a known working point to which they can restore the settings back to.