InfoSec Threats

Question 1

Examples of a Natural threat.

Answer 1

• Natural Disasters
• Power Failures

Question 2

What is a threat?

Answer 2

The potential occurence of an undesirable event that couyld cause damage or disruption to an organization.

Question 3

Examples of Unintentional Threats.

Answer 3

• Unskilled Admins
• Negligent workers
• Accidents
• Lazy/Untrained employees

Question 4

Examples of Intentional Internal Threats.

Answer 4

• Disgruntled Employees
• Fired Employees
• Service Providers
• Contractors

Question 5

Examples of Intentional ExternalThreats.

Answer 5

• Hackers
• Criminals
• Terrorists
• Foreign agencies
• Other corporations

Question 6

Describe the following Threat Actors/Agents
a) Black Hats
b) White Hats
c) Gray Hats
d) Suicide Hackers
e) Script Kiddies

Answer 6

a) Offensive hackers that intentionally cause malicious or destructive events.
b) Individuals who use hacking skills for protective purposes.
c) Individuals who work both offensively and defensively.
d) Individuals who want to cause destruction and aren’t worried about the consequences.
e) Unskilled hackers who use pre-built tools and scripts without real knowledge of what they are using.

Question 7

Describe Malware.

Answer 7

Malware is malicious software that damages and disables computer systems and also gives partial or full control of system to the malware creator.

Question 8

Describe these Common Technqiues to distribute malware:
a) Black hat SEO
b) Social Engineered Click-Jacking
c) Spear-Phishing Sites
d) Malvertising
e) Compromised Legitimate Websites
f) Drive-by Downloads
g) Spam Emails

Answer 8

a) Ranking malware sites highly in search results.
b) Tricking users to click on ‘innocent-looking’ web pages.
c) Mimic legitimite institutions to steal login credentials.
d) Embed malware into ad-netoworks.
e) Embed malware into legitimate websites
f) Exploits flaws in browers to install malware when visiting a page.
g) Coaxing recipients to click on emails that have embedded malware within links/attachments.

Question 9

Describe these components of Malware:
a) Crypter
b) Downloader
c) Dropper
d) Exploit
e) Injector
f) Obfuscator
g) Packer
h) Payload
i) Malicious Code

Answer 9

a) Encrypts malware to make reverse-engineering/analysis difficult.
b) Trojan that downloads other malware.
c) Trojan that covertly installs malware.
d) Is the code that breaches system vulnerabilities
e) A program that injects code into other processes.
f) A program that conceals its code, making it harder to detect.
g) A program that compresses malware files into a single executables to evade detection.
h) The software that allows control of a computer system after the exploit.
i) A command that defines the malware’s function.

Question 10

What is a Trojan?

Answer 10

It is a program that contains malicious code which is hidden inside another apparently harmless program.

Question 11

What is a Virus?

Answer 11

Is a self-replicating program that attaches itself to other files, boot sector or program.

Question 12

What is Ransomware?

Answer 12

A type of malware that restrict use and access of data. Demands an online payment to unlock restriction to data.

Question 13

What is a Worm?

Answer 13

A malicious program that replicates, spreads and executes without being attached to another file/document.

Question 14

What are Rootkits?

Answer 14

Hard to detect malware that replace OS system calls and utilities to avoid detection.

Question 15

What is Adware?

Answer 15

Programs that generate unsolicited ads and pop-ups.

Question 16

What is Spyware?

Answer 16

Stealth programs that records the user’s interaction without their knowledge.

Question 17

What is a Keylogger?

Answer 17

Programs that monitor the users keystrokes without their knowledge.

Question 18

What is a BotNet?

Answer 18

A collection of compromised computers that are connected to perform a distributed task.

Question 19

What is Fileless Malware?

Answer 19

Malware that resides in the systems RAM.

Question 20

What is a Vulnerability?

Answer 20

Is a weakness that can be exploited by threat agents.

Question 21

Describe these technological vulnerabilities:
a) TCP/IP protocols
b) OS
c) Network Device

Answer 21

a) HTTP, FTP, ICMP, SNMP and SMTP are weak protocols.
b) OS that is inherently weak or unpatched.
c) Routers, firewalls and swtiches are vulnerable due to weak passwords, lack of authentication and device vulnerabilities.

Question 22

Describe these Network Security Vulnerabilities:
a) User Account
b) System Account
c) Internet Service
d) Default Password
e) Network Device

Answer 22

a) Insecure transmission of user account details.
b) Weak password for system accounts.
c) Misconfiguration of Internet Services
d) Devices that store their default passwords and settings.
e) Misconfigured network devices

Question 23

Describe a Risk.

Answer 23

Refers to the potential loss or damage of an asset in the presence of a vulnerability.

Question 24

What is System Sprawl?

Answer 24

Undocumented or unrealized assets that exists within network systems.

Question 25

What is a Zero-Day

Answer 25

Unknown vulnerabilities that have not been patched.

Question 26

What are Legacy Platform Vulnerabilities?

Answer 26

Vulnerabilities in obsolete or familiar code.