Introduction To Ethical Hacking

Question 1

What is Information Security

Answer 1

Information security refers to the protection of information systems and data of an organization by mitigating information risks.

Question 2

Explain Confidentiality

Answer 2

Only Authorized people can see this data or access this system or network.

💡 Controls: * Encryption * classification * access control * proper disposal (e.g. of DVDs, CDs, etc.)

Question 3

Explain Integrity

Answer 3

The data has not been changed or modified in anyway specially unauthorized way

💡 Controls: * Hashing * access control

Question 4

Explain Availability

Answer 4

Authorized shall have access whenever they want
Think of DOS attack, if I shut down your ability to gain access to a website you availability is lost, is no longer available

💡 Controls: * redundancy* data back-ups * antivirus * DDoS prevention

Question 5

Explain Authenticity

Answer 5

transit or communication methods was used was authentic.

💡 Controls: * users (biometrics) * smart cards * data

Question 6

Non-Repudiation

Answer 6

Guarantee that the sender of a message cannot later deny having sent the message and that the recipient cannot deny having received the message.

💡 Controls: digital signatures, logging

Question 7

An attack depends on three components

Answer 7

Attack = Motive(Goal) + Vulnerability + Method (exploit)

Question 8

What are the Motives behind attacks

Answer 8

• Disrupting business continuity
• Information theft and manipulating data
• Financial loss to the target
• Taking revenge
• Demanding ransom

Question 9

What is threat

Answer 9

Threatmeans anything that has potential of causing damage to the system.

Question 10

What are Attack Classification

Answer 10

• Passive Attacks
• Active Attacks
• Close-In Attacks
• Insider Attacks
• Distribution Attacks

Question 11

What are Passive Attacks

Answer 11

Gain information about targeted computers and networkswithout direct interaction with the systems.
Google Search,
Public records,
Social Media,

Passive Attacks Example
- Packet Sniffing
- Network Traffic Analysis
- Decryption

Question 12

What are Active Attacks

Answer 12

Involves direct interaction with the target.
Make a phone call to the target,

Tools like:
Nmap, Nessus, OpenVAS, Nikto and Metasploit can be considered as Active Recon.

Question 13

What are Close-In Attacks

Answer 13

These attacks are possible through close proximity
1. Being physically near the target

Close-In Attacks
- Social Engineering attacks
- Shoulder surfing attacks
- Dumpster Diving attack
- Eavesdropping

Question 14

What are Insider Attacks

Answer 14

1. Assumed Level of trust
2. performed with a trusted person.
3. Physical access

Example of Insider Attacks
- Intellectual Property
- Customer PII
- Stolen devices
- Installing malware and Keyloggers

Question 15

What are Distribution Attack

Answer 15

Tamper with the hardware or software prior installation.
Aka Supply-Chain Attack
Compromising software and/or Hardware before customer installation

Examples of Distribution Attacks
- Solarwinds

Question 16

What is Information Warfare?

Answer 16

Attempting to gain a competitive advantage through attacks against target’s IT system

Weapons include
- viruses
- worms
- trojan horses
- electronic jamming

Question 17

C2 Warfare - (Command & Control Warefare)

Answer 17

The Control over compromised target system with centralized management

Question 18

Intelligence-Based Warfare

Answer 18

The design and protection of system that seek sufficient knowledge to dominate the battlespace and the denial of such knowledge to the adversary

Question 19

Electronic Warfare

Answer 19

I want to stop communications between advasary (Enemies)
AKA “Jamming”

Question 20

What is Psychological Warfare

Answer 20

Attacking the morale and mental resolve off opponent
Attempt to get the opponent to GIVE UP
- Propaganda
- Terrorism

Question 21

Hacker Warfare

Answer 21

Soldiers of Information Security’
Acquire information about subject A, sell it to subject B.
- Attack Targets System (DOS/DDOS)
- Theft of data and/or System
- Disinformation campaign

Question 22

Economic Warfare

Answer 22

Interfere with targets’s economic/Financial Capabilities
Weaken Target’s economy
- Theft of IP
- Reputational Influence

Question 23

Cyber Warfare

Answer 23

use of information systems against virtual personas
Similar to information warfare in it’s definition
- Includes
- Information Terrrorism
- Semantic Attacks
- Take over of target system by where the appearance of normal operation (stuxnet)

Question 24

Defensive Information Warfare

Answer 24

• use actions or strategies to defend against attacks.
• Detection/ Prevention
• Alerts
• Response
• Deterrents
• Emergency Preparedness

Question 25

Offensive Information Warfare

Answer 25

• Attacks against an opponent
• involve attacks against attackers.
• Web Attacks
• System Attacks
• MITM/ Replay/ Session Hijacking
• Malware Attacks

Question 26

What is Cyber Kill Chain

Answer 26

The Cyber Kill Chain is a framework that is used to for identification and prevention of cyber activity
Developed by LockHead-Martin around 2011
The seven steps of the Cyber Kill Chain, It provide greater insight into attack phase, which helps security professionals to understand the adversary’s tactics, techniques and procedures.

Question 27

7 Phases of Cyber Kill Chain

Answer 27

Reconnaissance
Weaponization
Delivery
Exploitation
Installation
Command & Controls
Actions and Objectives

Question 28

What is Tactics, Techniques & Procedures

Answer 28

TTPS; Tactics, Techniques and Procedures:- are helpful to analyze threats and threat actors that used to strengthen the security of the organization.
The purpose is to identify patterns of behavior which can be used to defend against specific strategies and threat vectors used by malicious actors.

Question 29

Explain Tactics

Answer 29

Guidelines that describe the way attackers perform their attacks from beginning to the end;

• I want to gather networking information about my target
• I want to find out what services my target is running
• What vulnerabilities does my target have

Question 30

Explain Techniques

Answer 30

The technical methods that attackers use to achieve their goals; help to identify vulnerabilities and implement measures in advance.
- Perform DNS queries using dig
- Perform network scan and banner grabbing
- Perform vulnerability scanning against my target

Question 31

Explain Procedures

Answer 31

Defines as the organizational approaches followed by threat actor to launch their attacks, help to identify what an attacker is looking for.

Question 32

Adversary Behaviors Identification

Answer 32

Adversary Behavioral identification involves the identification of the common methods or techniques to launch attacks to penetrate an organization’s network

Adversary Behaviors Identification is refers to identification of the techniques are that used to penetrate a system