misc

Question 1

What is APT?

Answer 1

Advanced Persistent Threat

Question 2

What is pivoting/daisy chaining?

Answer 2

An attacker who compromises a device on DMZ to launch further attacks from the DMZ

Question 3

What is doxing?

Answer 3

Publishing PII about someone

Question 4

What is a covert channel?

Answer 4

Transmitting information using methods not originally intended for data transmission

Question 5

What is source routing?

Answer 5

Allows sender of packet to specify route the packet takes through the network based on source IP address

Question 6

What is banner grabbing?

Answer 6

Identifies OS version / software in use

Question 7

How does MAC address spoofing work?

Answer 7

Only for UDP as TCP requires 3-way handshake

Question 8

What is active vs passive sniffing?

Answer 8

Active is on a switch

Passive is on a hub as all packets are sent on all ports

Question 9

How does a buffer overflow work?

Answer 9

Changing pointer address in stack to point at altered code from attacker (stack smashing)

Question 10

What is NoP/NoP sled?

Answer 10

Creating no operation statements in memory to make pointing to their code easier

Question 11

How can you protect against a buffer overflow attack with software?

Answer 11

HIPS/HIDS
Great/Secure Code boundary validation for R/W
Cookie (Canary Value) checks location for cookie
Stack guard (copy return address somewhere esle in memory to compare)
Code analysis for prevention

Question 12

How do you protect against a buffer overflow attack with hardware?

Answer 12

NX/XD
Execution Disabled (stops code being run in certain areas of memory)

Question 13

What is CVE and CVSS?

Answer 13

Common Vulnerabilities and Exposures

Common Vulnerability Scoring System