Introduction To Cybersecurity Tools And Cyber Attacks Week Two Flashcards
What are the four main types of actors identified in the video ‘A brief overview of types of actors and their motives?’
Hackers, Hactivists, Governments, and Internal
Which of these common motivations is often attributed to a hacktivists?`
Political action and movements
In the video ‘Hacking organizations’, which three governments were called out as being active hackers?
China, United States, and Israel
Which four of the following are known hacking organizations?
Anonymous, Guardians of Peace, Syrian Electronic Army, and Fancy Bears
Which of these hacks resulted in over 100 million credit card numbers being stolen?
2015 Target Stores Hack
Which of the following statements is true?
Passive attacks are hard to detect because the original message is delivered unchanged and can pass an integrity check
The purpose of security services includes which three of the following?
Enhance security of data processing systems and information transfer
Often replicate functions found in physical documents
Are intended to counter security attacks
Which statement best describes access control?
Prevention of unauthorized use of a resource
The International Telecommunication Union (ITU) X.800 standard addresses which three of the following topics?
Access Control, Authentication, and Data Confidentiality
Protocol suppression, ID and authentication are examples of which?
Security Mechanism
The motivation for more security in open systems is driven by which three of the following factors?
Society’s increasing dependance on computers
The appearance of data protection legislation in several countries
The desire by a number of organizations to use OSI reccommendations
True or False: The accidental disclosure of confidential data by an employee is considered a legitimate organizational threat.
True
True or False: The accidental disclosure of confidential information by an employee is considered an attack.
False
A replay attack and a denial of service attack are examples of what?
Security Architecture Attack
True or False: An application that runs on your computer without your authorization but does no damage to the systems is not considered malware.
False
How would you classify a piece of malicious code designed to cause damage and spreads from one computer to another by attaching itself to files but requires human actions in order to replicate?
Virus
How would you classify a piece of malicious code designed collect data about a computer and its users and then report that back to a malicious actor?
Spyware
A large scale Denial of Service attack usually relies upon which of the following?
A botnet
Antivirus software can be classified as which form of threat control?
Technical Controls
Which of the following measures can be used to counter a mapping attack?
Record traffic entering the network
Look for suspicious activity like IP addresses or ports being scanned sequentially
Use a host scanner and keep an inventory of hosts on your network
In order for a network card (NIC) to engage in packet sniffing, it must be running in which mode?
Promiscuous
Which countermeasure can be helpful in combating an IP Spoofing attack?
Ingress filtering
Which two measures can be used to counter a Denial of Service (DOS) attack?
Use traceback to identify the source of the flooded packets
Implement a filter to remove flooded packets before they reach the host
Which countermeasure should be used again as a host insertion attack?
Maintain an accurate inventory of computer hosts by MAC address
Use a host scanning tool to match a list of discovered hosts against known hosts
Investigate newly discovered hosts.
Which is not one of the phases of the intrusion kill chain?
Activation
Which social engineering attack involves a person instead of a system such as an email server?
Vishing
Which of the following is an example of a social enginnering attack?
Calling an employee and telling him you are from IT support and must observe logging into his corporate account.
True or False: While many countries are preparing their military for a future cyberwar, there have been no ‘cyber battles’ to date.
False
Which tool did Javier say was crucial to his work as a SOC analyst?
SIEM (Security Information and Event Management)
Which hacker organization hacked into the Democratic National Convention and released Hillary Clinton’s emails?
Fancy Bears
What challenges are expected in the future?
Enhanced espionage from more countries
Far more advanced malware
New consumer technology to exploit
Why are cyber attacks using SWIFT so dangerous?
SWIFT is the protocol used by all banks to transfer money
Which statement best describes Authentication?
Assurance that the communicating entity is the one claimed
Trusted functionality, security labels, event detection, security audit trails and security recovery are all examples of which type of security mechanism?
Passive security mechanism
If an organization responds to an intentional threat, that threat is now classified as what?
An attack
An attack that is developed particularly for a specific customer and occurs over a long period of time is a form of what type of attack?
Advanced Persistent Threat
Which of these three approaches could be used by hackers as part of a Business Email Compromise attack?
Attorney impersonation
CEO Fraud, where CEO sends email to an employee
Account compromise
Which type of actor was not one of the four types of actors mentioned in the video A brief overview of types of actors and their motives?
Black Hats
A political motivation is often attributed to which type of actor?
Hactivist
The video Hacking organizations called out several countries with active government sponsored hacking operations in effect. Which one of these was among those named?
Israel
Which of these is not a known hacking organization?
The Ponemon Institute
Which type of actor hacked the 2016 US Presidential Elections?
Government
True or False: Passive attacks are easy to detect because the original messages are usually altered or undelivered.
False
True or False: Authentication, Access Control and Data Confidentiality are all addressed by the ITU X.800 standard.
True
Trusted functionality, security labels, event detection and security audit trails are all considered which?
Pervasive Security Mechanisms
Cryptography, digital signatures, access controls and routing controls considered which?
Specific Security Mechanisms
True or False: Only acts performed with intention to do harm can be classified as Organizational Threats
False
Traffic flow analysis is classified as which?
A Passive Attack
How would you classify a piece of malicious code designed to cause damage, can self-replicate and spreads from one computer to another by attaching itself to files?
Trojan Horse
Botnets can be used to orchestrate which form of attack?
Distribution of Spam
DDoS attacks
Phishing attacks
Distribution of Spyware
As a Malware launchpad
Policies and training can be classified as which form of threat control?
Administrative Controls
Which type of attack can be addressed using a switched Ethernet gateway and software on every host on your network that makes sure their NICs is not running in promiscuous mode.
Packet Sniffing
A flood of maliciously generated packets swamp a receiver’s network interface preventing it from responding to legitimate traffic. This is characteristic of which form of attack?
A Denial of Service (DOS) Attack
A person calls you at work and tells you he is a lawyer for your company and that you need to send him specific confidential company documents right away, or else! Assuming the caller is not really a lawyer for your company but a bad actor, what kind of attack is this?
A Social Engineering Attack
True or False: An individual hacks into a military computer and uses it to launch an attack on a target he personally dislikes. This is considered an act of cyberwarfare.
False