Linkedin Notes

Question 1

What are the 7 stages of cyber Kill chain

Answer 1

Reconnaissance
Weaponization
Delivery
Exploitation
Installation
Command and control
Actions

Question 2

What are the four tenants of zero trust?

Answer 2

1) Just in time access (jita)
2) Just enough access (jea)
3) Tokenisation or encryption
4) Adaptive policies

Question 3

At which country was Stuxnet targeted?

Answer 3

Iran. USA wanted to hinder their nuclear programme

Question 4

An exploit is called zero day until what occurs?

Answer 4

A patch is realised

Question 5

What is a PUP?

Answer 5

Potentially Unwanted Program

Question 6

What is the software that is used to store a payload onto a target computer?

Answer 6

dropper

Question 7

What is the main assumption in a zero trust approach?

Answer 7

The network perimeter has been breached.

Question 8

Mark Abene was, at different times, in both LOD and MOD. What was his internet nickname?

Answer 8

Phiber Optik

Question 9

Tasks can be run using mpcmdrun at the command line.

Answer 9

True

Question 10

Which variant of Linux had a keylogger maliciously installed?

Answer 10

Mint

Question 11

Does Windows Defender offers cloud protection.

Answer 11

True

Question 12

What is the EICAR string used for?

Answer 12

testing anti-virus software

Question 13

What are the three Windows Firewall network types?

Answer 13

domain, private, public

Question 14

Windows Firewall can mandate secure connections. What protocol does it enforce?

Answer 14

IPSec

Question 15

NATing is used to filter malware.

Answer 15

False

Question 16

Zedlan can read normal windows logs.

Answer 16

True

Question 17

Which iptables parameter do you use to instruct the firewall to block packets?

Answer 17

Drop

Question 19

What is the normal last command on a set of firewall rules?

Answer 19

Drop all packets

Question 20

What switch setting can you use to do both TCP and UDP scans?

Answer 20

sSU

Question 21

What switch setting do you use to do a network scan for active hosts?

Answer 21

sn

Question 22

Running netcat with only the IP address and port will put it into which mode?

Answer 22

Sender

Question 23

Which switch can you configure on a sender to set a timeout when doing a file transfer?

Answer 23

w

Question 24

Session connection can be automated.

Answer 24

True

Question 25

Netcat can detect the IP address of an incoming connection.

Answer 25

True

Question 26

Nessus can only scan a single system in a scan run.

Answer 26

False

Question 27

A web scanner cannot be used to proxy web traffic.

Answer 27

False

Question 28

Who or what is the victim of a cross-site scripting attack?

Answer 28

a visitor to the target website

Question 29

Scans can be run with or without credentials.

Answer 29

True

Question 30

Which company produces the annual Top Ten Web Threats?

Answer 30

OWASP
The Open Worldwide Application Security Project

Question 31

What logic clause can be injected to achieve an SQL injection attack?

Answer 31

True, 1=1, 0=0

Question 32

UDP traffic requires a three-way handshake.

Answer 32

False

Question 33

What kind of traffic does Wireshark capture?

Answer 33

UDP, TCP, Web

Question 34

HTTP traffic packets are obfuscated.

Answer 34

False