Information Security Threats and Vulnerability Assessment Flashcards
Jack, a professional hacker, was recruited by an agency to steal sensitive data from a rival company. From a remote location, he discovered vulnerabilities in the target company’s network using a vulnerability scanner. He exploited them to intrude into the network and steal confidential data.
External Threats: External attacks are performed by exploiting vulnerabilities that already exist in a network, without the assistance of insider employees. Therefore, the potential to perform an external attack depends on the severity of the identified network weaknesses. Attackers may perform such attacks for financial gain, to damage the reputation of the target organization, or simply for the sake of curiosity.
Elon, a disgruntled employee with access to sensitive data, intends to damage the organization’s reputation. He shares all the critical information and blueprints with the competitor and benefits financially.
Internal Threats: Most computer and Internet-related crimes are insiders or internal attacks. These threats are performed by insiders within the organization such as disgruntled or negligent employees and harm the organization intentionally or unintentionally. Most of these attacks are performed by privileged users of the network.
Sam recently joined as a network admin in an organization. He failed to comprehend all the security practices during his training but pretended to have acquired adequate skills. With mediocre knowledge, he left a few loopholes in the firewall implementation that eventually led to unwanted network intrusions.
Unintentional Threats are threats that exist due to the potential for unintentional errors occurring within the organization. Examples include insider-originating security breaches, negligence, operator errors, unskilled administrators, lazy or untrained employees, and accidents.
Mark, a professional hacker, scanned the target system to check for running services or open ports. After successful scanning, he discovered an open FTP port, exploited it to install malware, and performed malicious activities on the victim system. In which of the following ways did Mark install the malware in the victim system?
File sharing services: examples; Dropbox, Box, Google Drive, OneDrive
Joe, a professional hacker, initiated an attack against Bob by tricking him into downloading a free software program embedded with a keylogger labeled as trusted. As the program was labeled trusted, the antivirus software installed on Bob’s system failed to identify it as malicious software. As a result, the malicious software recorded all the keystrokes entered by Bob and transmitted them to Joe. Identify the application Joe employed in the above scenario to lure Bob into installing malicious software.
Rogue Applications: Rogue apps are mobile apps designed to impersonate trusted brands, with the goal of gaining unauthorized access to information that can be used to commit fraudulent transactions. These malicious apps can install malware, ransomware, or trick users into sending their payment details to attackers.
Identify the type of software vulnerability that occurs due to coding errors and allows the attackers to gain access to the target system.
Buffer overflow: Buffer overflows are common software vulnerabilities that happen due to coding errors that allow attackers to gain access to the target system.
Which one of the following vulnerabilities is NOT an example of misconfiguration vulnerability?
Running unnecessary services on a machine
Identify the severity of CVSS v3.0 ratings with a base score range of 9.0-10.0.
HIGH
Which of the following malware components hides the malware presence and protects the malware from reverse engineering, thus making it difficult to be detected by security solutions?
Crypter -Software that protects malware from undergoing reverse engineering or analysis
Which of the following Trojans can an attacker use for the auto-deletion of files, folders, and registry entries as well as local network drives to cause the operating system to fail?
Destructive Trojan: is a virus designed to destroy or delete files.