MOD1: Intro to Ethical Hacking Flashcards
Information accessed by those authorized to have access.
- Integrity
- Availability
- Non-repudiation
- Authenticity
- Confidentiality
Confidentiality.
Trustworthiness of data and resources (ex. HASH).
- Integrity
- Availability
- Non-repudiation
- Authenticity
- Confidentiality
Integrity.
Information being genuine (ex. Digital Signatures)
- Integrity
- Availability
- Non-repudiation
- Authenticity
- Confidentiality
Authenticity.
Information required for authorized users.
- Integrity
- Availability
- Non-repudiation
- Authenticity
- Confidentiality
Availability.
Guarantee that the sender of the message cannot later deny having sent / received the message.
- Integrity
- Availability
- Non-repudiation
- Authenticity
- Confidentiality
Non-repudiation.
Motive (goal) + Method + Vulnerability = ?
Attacks.
Classification of attacks: List the 5 types of attacks.
- Passive attack
- Active attack
- Close-in attack
- Insider attack
- Distribution attack
What is passive attack?
Gaining information (reconnaissance) about the target without engaging with victim. This is legal.
What is active attack?
Gaining information (reconnaissance) about the target while actively communicating with the target system. This is illegal.
What is Close-in attack?
Attacker is in close physical proximity basis with the systems/networks (ex. shoulder surfing, dumpster driving, eavesdropping)
What is an insider attack?
Already inside the organization (ex. backdoors, malware, theft of physical devices). This can be a current employee.
What is a distribution attack?
Attackers tamper with hardware /software prior to installation.
What are the phases of the Cyber Kill Chain Methodology?
Reconnaissance –> Weaponization –> Deliver –> Exploitation –> Installation –> Command & Control –> Actions on Objectives.
What does TTPs stand for and what is it?
Tactics, Techniques, Procedures.
Tactics = the guidelines
Techniques = the “how”
Procedures = how organizations do
IoCs (Indicators of Compromise) can fall into these 4 categories:
- Email indicators
- Network indicators
- Host-based indicators
- Behaviour indicators
8 Types of Hacker classes.
- Black hat (aka crackers)
- White hat
- Gray hat
- Suicide hackers (don’t care if they get caught)
- Script kiddies
- Cyber Terrorists
- State-sponsored hackers (ex. Cozy Bear)
- Hacktivists (political agenda)
5 Steps of Hacking.
- know this for exam
- Recon (passive vs active)
- Scanning (ex. port scanners)
- Gaining Access
- Maintaining Access
- Clearing tracks (ex. remove log files)
Ethical hacking = _________ + __________
Ethical hacking = permission + intent
List some technical skills of a hacker.
- knowledge of major OS environments
- networking
- expert
- knowledgeable in security
- “high technical” knowledge for launching sophisticated attacks
List some non-technical skills of a hacker.
- ability to learn quickly
- strong work ethics
- committed to organization’s security policies
- awareness of standards and law
What is information Assurance?
Assurance that the CIA + authenticity of information is protected during the usage, processing, storage, and transmission of information.
What are the 5 steps in the risk management cycle?
- Risk Identification
- Risk Assessment
- Risk Treatment
- Risk Tracking
- Risk Review
Role of AI and ML in cybersecurity?
AI/ML - mimicking decision making process and learning. Most of our security depends heavily on signature based detection.
Standards and Laws:
PCI DSS
It’s a standard, not a law.
Payment Card Industry Data Security Standard
Standards and Laws:
ISO/IEC 27001
ISO (International Organization for Standardization) and IEC (International Electrotechnical Commission)
Standards and Laws:
HIPAA
Health Insurance Portability and Accountability Act
Standards and Laws:
SOX
Sarbanes-Oxley Act
Standards and Laws:
DMCA
Defense Contract Management Agency
Standards and Laws:
FISMA
Federal Information Security Management Act