Module 02 - Threats, Vulnerabilities, and Mitigations

Question 1

What are the attack types?

Answer 1

Opportunistic and unstructured
Targeted and structured

Question 2

What’s shadow IT?

Answer 2

Is the use of unapproved or unsanctioned technology in a company

Question 3

What are the attributes of threat actors? Define the attributes

Answer 3

Internal/External => Degree of access of the actor
Sophistication/Capability => Ability to attack
Resources/Funding => Support to the attack

Question 4

What are the general strategies of threat actors?

Answer 4

1. Service disruption
2. Data exfiltration
3. Disinformation

Question 5

What are the motivations of threat actors?

Answer 5

1. Chaotic motivation
2. Financial motivation
3. Political motivation

Question 6

What kind of attack could be done when there’s a financial motivation?

Answer 6

1. Blackmail
2. Extortion
3. Fraud
4. Commercial espionage

Question 7

What’s the difference between Blackmail and Extortion?

Answer 7

Blackmail is when trying to prevent the release of confidential information.
Extortion is trying to prevent some type of attack

Question 8

What are the threat actor types?

Answer 8

1. Hackers
2. Unskilled hackers [Script Kiddie]
3. Hacker groups [Hacktivists]
4. Nation-state actors [APT]
5. Organized crime
6. Internal [Whitleblower]

Question 9

Acronym:
APT

Answer 9

Advanced Persistent Threat

Question 10

What’s a whistleblower?

Answer 10

Internal threat actor with an political motivation to release confidential information

Question 11

What are the steps of an attack?

Answer 11

1. Reconnaissance
2. Social Engineering
3. Technical approaches
4. Breach the system
5. Escalate privilege
6. Backdoor
7. Stage computers
8. Exploit vulnerabilities

Question 12

What’s reconnaissance?

Answer 12

The process of gathering information about an organization, its users, hardware and software

Question 13

What’s Social Engineering?

Answer 13

The process of manipulating others into providing sensitive information or doing unauthorized procedures

Question 14

What’s to stage computers?

Answer 14

The process of preparing computers to perform additional tasks in the attack

Question 15

List:
Defense security concepts

Answer 15

1. Layering [Defense in depth]
2. Principle of least privilege
3. Variety
4. Randomness
5. Simplicity

Question 16

Define the concept of layering (Defense in depth)

Answer 16

It’s the implementation of multiple security strategies to protect the same asset.

If one is bypassed, there’s multiple others to protect

Question 17

Define the concept of Variety

Answer 17

It’s the variety of methods in defensive layers, for the multiple use of the same method isn’t secure

Question 18

Define the concept of ‘Principle of least privilege’

Answer 18

Users have only the access they need to do their jobs and nothing more.

Question 19

Define the concept of ‘Radomness’

Answer 19

Constant change in personal habits, passwords, in order do prevent predictability

Question 20

What’s an attack surface?

Answer 20

Potential vector for attempting an intrusion

Question 20

How can vulnerabilities be exploited?

Answer 20

Remote and local.

Remote are exploited unauthenticated
Local are exploited with valid credentials

Question 21

What’s a secure network?

Answer 21

Identifies, authenticate, authorize and audit network users, hosts and traffic.

Question 21

What’s a threat vector?

Answer 21

A path an attacker might use to attack

Question 21

What’s the difference between threat vector and attack vector?

Answer 21

Threat vector is the potential path of an attack.
Attack vector is the path used in a successful attack

Question 21

What are the attack vector types?

Answer 21

1. Vulnerable software
2. Network vector
3. Lure-based vector
4. Message-based vectors
5. Supply chain
6. Human vector

Question 21

What are the network vectors?

Answer 21

1. Direct access (physical)
2. Wired network
3. Remote network
4. Cloud access
5. Bluetooth network
6. Default credentials
7. Open service ports

Question 21

What is the ‘Cloud access’ network vector?

Answer 21

The compromise of an administrative cloud account

Question 21

What’s the ‘Direct access’ network vector?

Answer 21

It’s the compromise the physical place where network devices are

Question 21

What’s the ‘Wired network’ network vector?

Answer 21

The attaching of unauthorized devices to the physical network, with permitted communication

Question 21

What’s the ‘Open service port’ network vector?

Answer 21

Being able to establish a unauthenticated connection in a TCP, or UDP, port

Question 21

What are lure-based vectors?

Answer 21

Are vectors that are attractive and fools users to go for it

Question 21

What’s a drop attack?

Answer 21

Threat actor leaves infected USB sticks on the floor, waiting one employee to plug it into a computer, initiating an attack

Question 22

What are message-based vectors?

Answer 22

The sending of infected files within messages that tricks users into opening.
[Phising]

Question 23

What’s the attack surface of message based vectors?

Answer 23

1. Email
2. Short Message Service - SMS
3. Instant Messaging - IM
4. Web and social media

Question 23

What’a zero-click exploit?

Answer 23

It’s an exploit triggered by no user action.

Question 24

What’s a supply chain?

Answer 24

End-to-end process of designing, manufacturing and distributing goods or services to customers

Question 25

What’s a ‘procurement management’ process?

Answer 25

The process of ensuring reliable sources are in the supply chain

Question 26

What’s social engineering?

Answer 26

Means of extracting information or to perform actions through the human factor.

Question 27

What are the manipulation techniques?

Answer 27

1. Moral obligation
2. Innate human trust
3. Threatening
4. Very little to nothing
5. Ignorance
6. Authority and fear
7. Social proof
8. Scarcity
9. Likeability
10. Urgency
11. Common ground

Question 28

What is the social engineering process?

Answer 28

1. Research
2. Development
   2.1 Selecting individuals
   2.2 Relating to the targets
3. Exploitation

Question 29

What’s footprinting?

Answer 29

The process of extracting information on any resource available

Question 30

What are the social engineering techniques?

Answer 30

1. Impersonation and pretexting
2. Phishing and pharming
3. Typosquatting
4. Brand impersonation and disinformation

Question 31

What’s a business email compromise?

Answer 31

It’s a sophisticated phishing attack where a valid account of vendor are spoofed or compromised.

Question 32

What’s the difference between disinformation and misinformation?

Answer 32

Disinformation is when the purpose is to deceive.

Misinformation is repeating false information without the intent to deceive.

Question 33

What’s a watering hole attack?

Answer 33

The compromise of a third-party resource used by the target’s system or by it’s employees.

(Supply chain attack)

Question 34

What’s a malware?

Answer 34

Software that does “bad things” in the system from the owner’s perspective

Question 35

What are the types of malware?

Answer 35

1. Virus and worms
2. Trojans
3. PUP/PUA

Question 36

What’s a virus?

Answer 36

It’s a type of malware designed to replicate and spread from computer to computer, executed only when a user performs an action

Question 37

What are the types of viruses?

Answer 37

1. Non-resident
2. Memory resident
3. Boot
4. Script and macro
5. Fileless

Question 38

What’s a polymorphic virus?

Answer 38

Virus that dynamically change, or obfuscate, their code to evade detection

Question 39

What’s a multipartite virus?

Answer 39

Viruses that use multiple vectors

Question 40

What’s a worm?

Answer 40

Virus that replicates and runs withou user intervention

Question 41

Acronym:
AVT

Answer 41

Advanced Volatile Threat

Question 42

What’s a AVT or APT virus kind?

Answer 42

It’s a fileless and live-off-the-land malware.

Question 43

What’s a spyware?

Answer 43

Malware that spies on the target’s system

Question 44

What are the most common spyware kinds of virus?

Answer 44

1. Adware
2. Keylogger
3. Tracking cookies
4. Supercookies
5. Beacons

Question 45

What’s a supercookie [Spyware]?

Answer 45

It’s the storing of tracking data without declaring or through header requests

Question 46

What are beacons [Spyware]?

Answer 46

Single-pixel image embedded into a site; When loaded, footprints, collects metadata and could even run scripts

Question 47

What’s a backdoor?

Answer 47

Access method that circumvents the usual authentication method.

Question 48

Acronym:
RAT

Answer 48

Remote Access Trojan

Question 49

What’s a RAT - Remote Access Trojan?

Answer 49

Backdoor malware that pretends to be a legitimate program

Question 50

What’s a zombie? In the context of RATs

Answer 50

A host controlled by a RAT

Question 51

What’s a botnet?

Answer 51

A group of computers under the control of the same malware instance.

Question 52

Acronym:
What C2 or C&C?

Answer 52

Command and Control

Question 53

What’s a Command and Control

Answer 53

Infrastructure of hosts and services where attacker distributes, direct and controls malwares over botnets

Question 54

What are the commonly used protocols in C2?

Answer 54

IRC, HTTP and DNS

Question 55

Acronym:
IRC [Protocol]

Answer 55

Internet Relay Chat

Question 56

What’s a rootkit?

Answer 56

Malware that runs with highest privilege on a system

Question 57

What’s a ransomware?

Answer 57

Extorts money from victims by making devices, or data, unavailable and demanding payment.

Question 58

What’s crypto-ransomware?

Answer 58

Ransomware that encrypts the data, the private encryption key is held by the attacker

Question 59

What’s a cryptojacking malware?

Answer 59

Steals physical resources to mine cryptocurrency.

Question 60

What’s a logic bomb?

Answer 60

Malicious code that waits a trigger to be executed.

Question 61

What are good strategies in malware prevention?

Answer 61

1. Patches
2. Anti-malware soluctions
3. Browser settings
4. Firewall
5. Training
6. Web filter