MODULE 13 - CERTIFICATION CYBER OPS ASSOCIATE Flashcards

1
Q

Who is Attacking Our Network?

Threat, Vulnerability, and Risk

We are under attack and attackers want access to our assets.

Assets are anything of value to an organization, such as data and other intellectual property, servers, computers, smart phones, tablets, and more.

A

To better understand any discussion of network security, it is important to know the following terms: :

– Threat

– Vulnerability

– Attack surface

– Exploit

– Risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

To better understand any discussion of network security, it is important to know the following terms: :

– Threat

– Vulnerability

– Attack surface

– Exploit

– Risk

A

Threat :

A potential danger to an asset such as data or the network itself.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

To better understand any discussion of network security, it is important to know the following terms: :

– Threat

– Vulnerability

– Attack surface

– Exploit

– Risk

A

Vulnerability :

A weakness in a system or its design that could be exploited by a threat.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

To better understand any discussion of network security, it is important to know the following terms: :

– Threat

– Vulnerability

– Attack surface

– Exploit

– Risk

A

Attack surface :

An attack surface is the total sum of the vulnerabilities in a given system that are accessible to an attacker.

The attack surface describes different points where an attacker could get into a system, and where they could get data out of the system.

For example, your operating system and web browser could both need security patches.

They are each vulnerable to attacks and are exposed on the network or the internet. Together, they create an attack surface that the threat actor can exploit.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

To better understand any discussion of network security, it is important to know the following terms: :

– Threat

– Vulnerability

– Attack surface

– Exploit

– Risk

A

Exploit :

The mechanism that is used to leverage a vulnerability to compromise an asset. Exploits may be remote or local. A remote exploit is one that works over the network without any prior access to the target system.

The attacker does not need an account in the end system to exploit the vulnerability.

In a local exploit, the threat actor has some type of user or administrative access to the end system. A local exploit does not necessarily mean that the attacker has physical access to the end system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

To better understand any discussion of network security, it is important to know the following terms: :

– Threat

– Vulnerability

– Attack surface

– Exploit

– Risk

A

Risk :

The likelihood that a particular threat will exploit a particular vulnerability of an asset and result in an undesirable consequence.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Risk management is the process that balances the operational costs of providing protective measures with the gains achieved by protecting the asset.

There are four common ways to manage risk, as shown in the table:

– Risk acceptance

– Risk avoidance

– Risk reduction

– Risk transfer

A

Risk acceptance :

This is when the cost of risk management options outweighs the cost of the risk itself.

The risk is accepted, and no action is taken.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Risk management is the process that balances the operational costs of providing protective measures with the gains achieved by protecting the asset.

There are four common ways to manage risk, as shown in the table:

– Risk acceptance

– Risk avoidance

– Risk reduction

– Risk transfer

A

Risk avoidance :

This means avoiding any exposure to the risk by eliminating the activity or device that presents the risk.

By eliminating an activity to avoid risk, any benefits that are possible from the activity are also lost.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Risk management is the process that balances the operational costs of providing protective measures with the gains achieved by protecting the asset.

There are four common ways to manage risk, as shown in the table:

– Risk acceptance

– Risk avoidance

– Risk reduction

– Risk transfer

A

Risk reduction :

This reduces exposure to risk or reducing the impact of risk by taking action to decrease the risk. It is the most commonly used risk mitigation strategy.

This strategy requires careful evaluation of the costs of loss, the mitigation strategy, and the benefits gained from the operation or activity that is at risk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Risk management is the process that balances the operational costs of providing protective measures with the gains achieved by protecting the asset.

There are four common ways to manage risk, as shown in the table:

– Risk acceptance

– Risk avoidance

– Risk reduction

– Risk transfer

A

Risk transfer :

Some or all of the risk is transferred to a willing third party such as an insurance company.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Other commonly used network security terms include: :

– Countermeasure

– Impact

A

Countermeasure :

The actions that are taken to protect assets by mitigating a threat or reducing risk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Other commonly used network security terms include: :

– Countermeasure

– Impact

A

Impact :

The potential damage to the organization that is caused by the threat.

Note: A local exploit requires inside network access such as a user with an account on the network.

A remote exploit does not require an account on the network to exploit that network’s vulnerability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Hacker vs. Threat Actor As we know, “hacker” is a common term used to describe a threat actor.

However, the term “hacker” has a variety of meanings, as follows: A clever programmer capable of developing new programs and coding changes to existing programs to make them more efficient.

A network professional that uses sophisticated programming skills to ensure that networks are not vulnerable to attack. A person who tries to gain unauthorized access to devices on the internet.

An individual who run programs to prevent or slow network access to a large number of users, or corrupt or wipe out data on servers.

https://snipboard.io/AOGko8.jpg https://snipboard.io/YmUgrc.jpg

A

As we know, “hacker” is a common term used to describe a threat actor. However, the term “hacker” has a variety of meanings, as follows:

A clever programmer capable of developing new programs and coding changes to existing programs to make them more efficient. A network professional that uses sophisticated programming skills to ensure that networks are not vulnerable to attack.

A person who tries to gain unauthorized access to devices on the internet. An individual who run programs to prevent or slow network access to a large number of users, or corrupt or wipe out data on servers.

https://snipboard.io/AOGko8.jpg https://snipboard.io/YmUgrc.jpg

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Good or bad, hacking is an important aspect of network security.

In this course, the term threat actor is used when referring to those individuals or groups that could be classified as gray or black hat hackers.

A

Good or bad, hacking is an important aspect of network security.

In this course, the term threat actor is used when referring to those individuals or groups that could be classified as gray or black hat hackers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Evolution of Threat Actors :

Hacking started in the 1960s with phone freaking, or phreaking, which refers to using various audio frequencies to manipulate phone systems.

At that time, telephone switches used various tones, or tone dialing, to indicate different functions.

Early threat actors realized that by mimicking a tone using a whistle, they could exploit the phone switches to make free long-distance calls.

A

In the mid-1980s, computer dial-up modems were used to connect computers to networks.

Threat actors wrote “war dialing” programs which dialed each telephone number in a given area in search of computers, bulletin board systems, and fax machines.

When a phone number was found, password-cracking programs were used to gain access. Since then, general threat actor profiles and motives have changed quite a bit. There are many different types of threat actors.

– Script Kiddies

– Vulnerability Brokers

– Hacktivists

– Cybercriminals

– State-sponsored

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

In the mid-1980s, computer dial-up modems were used to connect computers to networks.

Threat actors wrote “war dialing” programs which dialed each telephone number in a given area in search of computers, bulletin board systems, and fax machines.

When a phone number was found, password-cracking programs were used to gain access. Since then, general threat actor profiles and motives have changed quite a bit. There are many different types of threat actors.

– Script Kiddies

– Vulnerability Brokers

– Hacktivists

– Cybercriminals

– State-sponsored

A

Script Kiddies :

Script kiddies emerged in the 1990s and refers to teenagers or inexperienced threat actors running existing scripts, tools, and exploits, to cause harm, but typically not for profit.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

In the mid-1980s, computer dial-up modems were used to connect computers to networks.

Threat actors wrote “war dialing” programs which dialed each telephone number in a given area in search of computers, bulletin board systems, and fax machines.

When a phone number was found, password-cracking programs were used to gain access. Since then, general threat actor profiles and motives have changed quite a bit. There are many different types of threat actors.

– Script Kiddies

– Vulnerability Brokers

– Hacktivists

– Cybercriminals

– State-sponsored

A

Vulnerability Brokers :

Vulnerability brokers typically refers to grey hat hackers who attempt to discover exploits and report them to vendors, sometimes for prizes or rewards.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

In the mid-1980s, computer dial-up modems were used to connect computers to networks.

Threat actors wrote “war dialing” programs which dialed each telephone number in a given area in search of computers, bulletin board systems, and fax machines.

When a phone number was found, password-cracking programs were used to gain access. Since then, general threat actor profiles and motives have changed quite a bit. There are many different types of threat actors.

– Script Kiddies

– Vulnerability Brokers

– Hacktivists

– Cybercriminals

– State-sponsored

A

Hacktivists :

Hacktivists is a term that refers to grey hat hackers who rally and protest against different political and social ideas.

Hacktivists publicly protest against organizations or governments by posting articles, videos, leaking sensitive information, and performing distributed denial of service (DDoS) attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

In the mid-1980s, computer dial-up modems were used to connect computers to networks.

Threat actors wrote “war dialing” programs which dialed each telephone number in a given area in search of computers, bulletin board systems, and fax machines.

When a phone number was found, password-cracking programs were used to gain access. Since then, general threat actor profiles and motives have changed quite a bit. There are many different types of threat actors.

– Script Kiddies

– Vulnerability Brokers

– Hacktivists

– Cybercriminals

– State-sponsored

A

Cybercriminals :

Cybercriminal is a term for black hat hackers who are either self-employed or working for large cybercrime organizations.

Each year, cyber criminals are responsible for stealing billions of dollars from consumers and businesses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

In the mid-1980s, computer dial-up modems were used to connect computers to networks.

Threat actors wrote “war dialing” programs which dialed each telephone number in a given area in search of computers, bulletin board systems, and fax machines.

When a phone number was found, password-cracking programs were used to gain access. Since then, general threat actor profiles and motives have changed quite a bit. There are many different types of threat actors.

– Script Kiddies

– Vulnerability Brokers

– Hacktivists

– Cybercriminals

– State-sponsored

A

State-sponsored :

State-Sponsored hackers are threat actors who steal government secrets, gather intelligence, and sabotage networks of foreign governments, terrorist groups, and corporations.

Most countries in the world participate to some degree in state-sponsored hacking.

Depending on a person’s perspective, these are either white hat or black hat hackers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Cybercriminals

Cybercriminals are threat actors who are motivated to make money using any means necessary.

While sometimes cybercriminals work independently, they are more often financed and sponsored by criminal organizations.

It is estimated that globally, cybercriminals steal billions of dollars from consumers and businesses every year.

A

Cybercriminals operate in an underground economy where they buy, sell, and trade exploits and tools.

They also buy and sell the personal information and intellectual property that they steal from victims.

Cybercriminals target small businesses and consumers, as well as large enterprises and industries.

22
Q

Cybersecurity Tasks

Threat actors do not discriminate.

They target the vulnerable end devices of home users and small-to-medium sized businesses, as well as large public and private organizations.

A

To make the internet and networks safer and more secure, we must all develop good cybersecurity awareness. Cybersecurity is a shared responsibility which all users must practice.

For example, we must report cybercrime to the appropriate authorities, be aware of potential threats in email and the web, and guard important information from theft.

Organizations must take action and protect their assets, users, and customers. They must develop and practice cybersecurity tasks such as those listed in the figure.

https://snipboard.io/uHWfkq.jpg

23
Q

Cyber Threat Indicators Many network attacks can be prevented by sharing information about indicators of compromise (IOC).

Each attack has unique identifiable attributes. Indicators of compromise are the evidence that an attack has occurred. IOCs can be features that identify malware files, IP addresses of servers that are used in attacks, filenames, and characteristic changes made to end system software, among others.

IOCs help cybersecurity personnel identify what has happened in an attack and develop defenses against the attack. A summary of the IOC for a piece of malware is shown in the figure.

https://snipboard.io/4vzyeK.jpg

A

For instance, a user receives an email claiming they have won a big prize.

Clicking on the link in the email results in an attack.

The IOC could include the fact the user did not enter that contest, the IP address of the sender, the email subject line, the URL to click, or an attachment to download, among others.

24
Q

Indicators of attack (IOA) focus more on the motivation behind an attack and the potential means by which threat actors have, or will, compromise vulnerabilities to gain access to assets.

IOAs are concerned with the strategies that are used by attackers. For this reason, rather than informing response to a single threat, IOAs can help generate a proactive security approach.

This is because strategies can be reused in multiple contexts and multiple attacks. Defending against a strategy can therefore prevent future attacks that utilize the same, or similar strategy.

A

Indicators of attack (IOA) focus more on the motivation behind an attack and the potential means by which threat actors have, or will, compromise vulnerabilities to gain access to assets.

IOAs are concerned with the strategies that are used by attackers. For this reason, rather than informing response to a single threat, IOAs can help generate a proactive security approach.

This is because strategies can be reused in multiple contexts and multiple attacks. Defending against a strategy can therefore prevent future attacks that utilize the same, or similar strategy.

25
Q

Threat Sharing and Building Cybersecurity Awareness Governments are now actively promoting cybersecurity.

For instance, the US Cybersecurity Infrastructure and Security Agency (CISA) is leading efforts to automate the sharing of cybersecurity information with public and private organizations at no cost.

CISA use a system called Automated Indicator Sharing (AIS). AIS enables the sharing of attack indicators between the US government and the private sector as soon as threats are verified. CISA offers many resources that help to limit the size of the United States attack surface.

A

The CISA and the National Cyber Security Alliance (NCSA) promote cybersecurity to all users.

For example, they have an annual campaign in every October called “National Cybersecurity Awareness Month” (NCASM). This campaign was developed to promote and raise awareness about cybersecurity.

26
Q

The CISA and the National Cyber Security Alliance (NCSA) promote cybersecurity to all users.

For example, they have an annual campaign in every October called “National Cybersecurity Awareness Month” (NCASM).

This campaign was developed to promote and raise awareness about cybersecurity.

A

The theme for the NCASM for 2019 was “Own IT. Secure IT. Protect IT.” This campaign encouraged all citizens to be safer and more personally accountable for using security best practices online.

The campaign provides material on a wide variety of security topics including:

Social media safety

Updating privacy settings

Awareness of device app security

Keeping software up-to-date

Safe online shopping

Wi-Fi safety

Protecting customer data

The European Union Agency for Cybersecurity (ENISA) delivers advice and solutions for the cybersecurity challenges of the EU member states.

ENISA fills a role in Europe that is similar to the role of CISA in the US.

27
Q

Introduction of Attack Tools

To exploit a vulnerability, a threat actor must have a technique or tool.

Over the years, attack tools have become more sophisticated, and highly automated.

These new tools require less technical knowledge to implement.

A

In the figure, drag the white circle across the timeline to view the relationship between the sophistication of attack tools versus the technical knowledge required to use them.

Sophistication of Attack Tools vs. Technical Knowledge

The figure showed that with time the technical knowledge decreases whereas the sophistication of attack tools increases.

28
Q

Evolution of Security Tools Ethical hacking involves using many different types of tools to test the network and end devices.

To validate the security of a network and its systems, many network penetration testing tools have been developed.

However, many of these tools can also be used by threat actors for exploitation.

Threat actors have also created various hacking tools. These tools are explicitly written for nefarious reasons. Cybersecurity personnel must also know how to use these tools when performing network penetration tests.

A

Explore the categories of common network penetration testing tools. Notice how some tools are used by white hats and black hats.

Keep in mind that the list is not exhaustive as new tools are continually being developed.

Note: Many of these tools are UNIX or Linux based; therefore, a security professional should have a strong UNIX and Linux background. :

– password crackers

– wireless hacking tools

– network scanning and hacking tools

– packet crafting tools

– packet sniffers

– rootkit detectors

– fuzzers to search vulnerabilities

– forensic tools

– debuggers

– hacking operating systems

– encryption tools

– vulnerability exploitation tools

– vulnerability scanners

29
Q

Explore the categories of common network penetration testing tools. Notice how some tools are used by white hats and black hats.

Keep in mind that the list is not exhaustive as new tools are continually being developed.

Note: Many of these tools are UNIX or Linux based; therefore, a security professional should have a strong UNIX and Linux background. :

– password crackers

– wireless hacking tools

– network scanning and hacking tools

– packet crafting tools

– packet sniffers

– rootkit detectors

– fuzzers to search vulnerabilities

– forensic tools

– debuggers

– hacking operating systems

– encryption tools

– vulnerability exploitation tools

– vulnerability scanners

A

password crackers :

Passwords are the most vulnerable security threat.

Password cracking tools are often referred to as password recovery tools and can be used to crack or recover the password.

This is accomplished either by removing the original password, after bypassing the data encryption, or by outright discovery of the password.

Password crackers repeatedly make guesses in order to crack the password and access the system.

Examples of password cracking tools include John the Ripper, Ophcrack, L0phtCrack, THC Hydra, RainbowCrack, and Medusa.

30
Q

Explore the categories of common network penetration testing tools. Notice how some tools are used by white hats and black hats.

Keep in mind that the list is not exhaustive as new tools are continually being developed.

Note: Many of these tools are UNIX or Linux based; therefore, a security professional should have a strong UNIX and Linux background. :

– password crackers

– wireless hacking tools

– network scanning and hacking tools

– packet crafting tools

– packet sniffers

– rootkit detectors

– fuzzers to search vulnerabilities

– forensic tools

– debuggers

– hacking operating systems

– encryption tools

– vulnerability exploitation tools

– vulnerability scanners

A

wireless hacking tools :

Wireless networks are more susceptible to network security threats.

Wireless hacking tools are used to intentionally hack into a wireless network to detect security vulnerabilities.

Examples of wireless hacking tools include Aircrack-ng, Kismet, InSSIDer, KisMAC, Firesheep, and NetStumbler.

31
Q

Explore the categories of common network penetration testing tools. Notice how some tools are used by white hats and black hats.

Keep in mind that the list is not exhaustive as new tools are continually being developed.

Note: Many of these tools are UNIX or Linux based; therefore, a security professional should have a strong UNIX and Linux background. :

– password crackers

– wireless hacking tools

– network scanning and hacking tools

– packet crafting tools

– packet sniffers

– rootkit detectors

– fuzzers to search vulnerabilities

– forensic tools

– debuggers

– hacking operating systems

– encryption tools

– vulnerability exploitation tools

– vulnerability scanners

A

network scanning and hacking tools :

Network scanning tools are used to probe network devices, servers, and hosts for open TCP or UDP ports.

Examples of scanning tools include Nmap, SuperScan, Angry IP Scanner, and NetScanTools.

32
Q

Explore the categories of common network penetration testing tools. Notice how some tools are used by white hats and black hats.

Keep in mind that the list is not exhaustive as new tools are continually being developed.

Note: Many of these tools are UNIX or Linux based; therefore, a security professional should have a strong UNIX and Linux background. :

– password crackers

– wireless hacking tools

– network scanning and hacking tools

– packet crafting tools

– packet sniffers

– rootkit detectors

– fuzzers to search vulnerabilities

– forensic tools

– debuggers

– hacking operating systems

– encryption tools

– vulnerability exploitation tools

– vulnerability scanners

A

packet crafting tools :

Packet crafting tools are used to probe and test a firewall’s robustness using specially crafted forged packets.

Examples of such tools include Hping, Scapy, Socat, Yersinia, Netcat, Nping, and Nemesis.

33
Q

Explore the categories of common network penetration testing tools. Notice how some tools are used by white hats and black hats.

Keep in mind that the list is not exhaustive as new tools are continually being developed.

Note: Many of these tools are UNIX or Linux based; therefore, a security professional should have a strong UNIX and Linux background. :

– password crackers

– wireless hacking tools

– network scanning and hacking tools

– packet crafting tools

– packet sniffers

– rootkit detectors

– fuzzers to search vulnerabilities

– forensic tools

– debuggers

– hacking operating systems

– encryption tools

– vulnerability exploitation tools

– vulnerability scanners

A

packet sniffers :

Packet sniffers tools are used to capture and analyze packets within traditional Ethernet LANs or WLANs.

Tools include Wireshark, Tcpdump, Ettercap, Dsniff, EtherApe, Paros, Fiddler, Ratproxy, and SSLstrip.

34
Q

Explore the categories of common network penetration testing tools. Notice how some tools are used by white hats and black hats.

Keep in mind that the list is not exhaustive as new tools are continually being developed.

Note: Many of these tools are UNIX or Linux based; therefore, a security professional should have a strong UNIX and Linux background. :

– password crackers

– wireless hacking tools

– network scanning and hacking tools

– packet crafting tools

– packet sniffers

– rootkit detectors

– fuzzers to search vulnerabilities

– forensic tools

– debuggers

– hacking operating systems

– encryption tools

– vulnerability exploitation tools

– vulnerability scanners

A

rootkit detectors

A rootkit detector is a directory and file integrity checker used by white hats to detect installed root kits.

Example tools include AIDE, Netfilter, and PF: OpenBSD Packet Filter.

35
Q

Explore the categories of common network penetration testing tools. Notice how some tools are used by white hats and black hats.

Keep in mind that the list is not exhaustive as new tools are continually being developed.

Note: Many of these tools are UNIX or Linux based; therefore, a security professional should have a strong UNIX and Linux background. :

– password crackers

– wireless hacking tools

– network scanning and hacking tools

– packet crafting tools

– packet sniffers

– rootkit detectors

– fuzzers to search vulnerabilities

– forensic tools

– debuggers

– hacking operating systems

– encryption tools

– vulnerability exploitation tools

– vulnerability scanners

A

fuzzers to search vulnerabilities :

Fuzzers are tools used by threat actors when attempting to discover a computer system’s security vulnerabilities.

Examples of fuzzers include Skipfish, Wapiti, and W3af.

36
Q

Explore the categories of common network penetration testing tools. Notice how some tools are used by white hats and black hats.

Keep in mind that the list is not exhaustive as new tools are continually being developed.

Note: Many of these tools are UNIX or Linux based; therefore, a security professional should have a strong UNIX and Linux background. :

– password crackers

– wireless hacking tools

– network scanning and hacking tools

– packet crafting tools

– packet sniffers

– rootkit detectors

– fuzzers to search vulnerabilities

– forensic tools

– debuggers

– hacking operating systems

– encryption tools

– vulnerability exploitation tools

– vulnerability scanners

A

forensic tools :

White hat hackers use forensic tools to sniff out any trace of evidence existing in a particular computer system.

Example of tools include Sleuth Kit, Helix, Maltego, and Encase.

37
Q

Explore the categories of common network penetration testing tools. Notice how some tools are used by white hats and black hats.

Keep in mind that the list is not exhaustive as new tools are continually being developed.

Note: Many of these tools are UNIX or Linux based; therefore, a security professional should have a strong UNIX and Linux background. :

– password crackers

– wireless hacking tools

– network scanning and hacking tools

– packet crafting tools

– packet sniffers

– rootkit detectors

– fuzzers to search vulnerabilities

– forensic tools

– debuggers

– hacking operating systems

– encryption tools

– vulnerability exploitation tools

– vulnerability scanners

A

debuggers :

Debugger tools are used by black hats to reverse engineer binary files when writing exploits.

They are also used by white hats when analyzing malware.

Debugging tools include GDB, WinDbg, IDA Pro, and Immunity Debugger.

38
Q

Explore the categories of common network penetration testing tools. Notice how some tools are used by white hats and black hats.

Keep in mind that the list is not exhaustive as new tools are continually being developed.

Note: Many of these tools are UNIX or Linux based; therefore, a security professional should have a strong UNIX and Linux background. :

– password crackers

– wireless hacking tools

– network scanning and hacking tools

– packet crafting tools

– packet sniffers

– rootkit detectors

– fuzzers to search vulnerabilities

– forensic tools

– debuggers

– hacking operating systems

– encryption tools

– vulnerability exploitation tools

– vulnerability scanners

A

hacking operating systems :

Hacking operating systems are specially designed operating systems preloaded with tools and technologies optimized for hacking.

Examples of specially designed hacking operating systems include Kali Linux, SELinux, Knoppix, Parrot OS, and BackBox Linux.

39
Q

Explore the categories of common network penetration testing tools. Notice how some tools are used by white hats and black hats.

Keep in mind that the list is not exhaustive as new tools are continually being developed.

Note: Many of these tools are UNIX or Linux based; therefore, a security professional should have a strong UNIX and Linux background. :

– password crackers

– wireless hacking tools

– network scanning and hacking tools

– packet crafting tools

– packet sniffers

– rootkit detectors

– fuzzers to search vulnerabilities

– forensic tools

– debuggers

– hacking operating systems

– encryption tools

– vulnerability exploitation tools

– vulnerability scanners

A

encryption tools :

These tools safeguard the contents of an organization’s data when it is stored or transmitted.

Encryption tools use algorithm schemes to encode the data to prevent unauthorized access to the data.

Examples of these tools include VeraCrypt, CipherShed, Open SSH, OpenSSL, OpenVPN, and Stunnel.

40
Q

Explore the categories of common network penetration testing tools. Notice how some tools are used by white hats and black hats.

Keep in mind that the list is not exhaustive as new tools are continually being developed.

Note: Many of these tools are UNIX or Linux based; therefore, a security professional should have a strong UNIX and Linux background. :

– password crackers

– wireless hacking tools

– network scanning and hacking tools

– packet crafting tools

– packet sniffers

– rootkit detectors

– fuzzers to search vulnerabilities

– forensic tools

– debuggers

– hacking operating systems

– encryption tools

– vulnerability exploitation tools

– vulnerability scanners

A

vulnerability exploitation tools :

These tools identify whether a remote host is vulnerable to a security attack.

Examples of vulnerability exploitation tools include Metasploit, Core Impact, Sqlmap, Social Engineer Tool Kit, and Netsparker.

41
Q

Explore the categories of common network penetration testing tools. Notice how some tools are used by white hats and black hats.

Keep in mind that the list is not exhaustive as new tools are continually being developed.

Note: Many of these tools are UNIX or Linux based; therefore, a security professional should have a strong UNIX and Linux background. :

– password crackers

– wireless hacking tools

– network scanning and hacking tools

– packet crafting tools

– packet sniffers

– rootkit detectors

– fuzzers to search vulnerabilities

– forensic tools

– debuggers

– hacking operating systems

– encryption tools

– vulnerability exploitation tools

– vulnerability scanners

A

vulnerability scanners :

These tools scan a network or system to identify open ports. They can also be used to scan for known vulnerabilities and scan VMs, BYOD devices, and client databases.

Examples of these tools include Nipper, Securia PSI, Core Impact, Nessus, SAINT, and Open VAS.

42
Q

Categories of Attacks

Threat actors can use the previously mentioned tools or a combination of tools to create various attacks.

The table displays common types of attacks.

However, the list of attacks is not exhaustive as new ways to attack networks are continually being discovered.

A

It is important to understand that threat actors use a variety of security tools to carry out these attacks.

– eavesdropping attack

– data modification attack

– IP address spoofing attack

– password-based attacks

– denial-of-service (DoS) attack

– man-in-the-middle attack (MiTM)

– compromised key attack

– sniffer attack

43
Q

It is important to understand that threat actors use a variety of security tools to carry out these attacks.

– eavesdropping attack

– data modification attack

– IP address spoofing attack

– password-based attacks

– denial-of-service (DoS) attack

– man-in-the-middle attack (MiTM)

– compromised key attack

– sniffer attack

A

eavesdropping attack :

An eavesdropping attack is when a threat actor captures and listens to network traffic.

This attack is also referred to as sniffing or snooping.

44
Q

It is important to understand that threat actors use a variety of security tools to carry out these attacks.

– eavesdropping attack

– data modification attack

– IP address spoofing attack

– password-based attacks

– denial-of-service (DoS) attack

– man-in-the-middle attack (MiTM)

– compromised key attack

– sniffer attack

A

data modification attack :

Data modification attacks occur when a threat actor has captured enterprise traffic and has altered the data in the packets without the knowledge of the sender or receiver.

45
Q

It is important to understand that threat actors use a variety of security tools to carry out these attacks.

– eavesdropping attack

– data modification attack

– IP address spoofing attack

– password-based attacks

– denial-of-service (DoS) attack

– man-in-the-middle attack (MiTM)

– compromised key attack

– sniffer attack

A

IP address spoofing attack :

An IP address spoofing attack is when a threat actor constructs an IP packet that appears to originate from a valid address inside the corporate intranet.

46
Q

It is important to understand that threat actors use a variety of security tools to carry out these attacks.

– eavesdropping attack

– data modification attack

– IP address spoofing attack

– password-based attacks

– denial-of-service (DoS) attack

– man-in-the-middle attack (MiTM)

– compromised key attack

– sniffer attack

A

password-based attacks :

Password-based attacks occur when a threat actor obtains the credentials for a valid user account.

Threat actors then use that account to obtain lists of other users and network information.

They could also change server and network configurations, and modify, reroute, or delete data.

47
Q

It is important to understand that threat actors use a variety of security tools to carry out these attacks.

– eavesdropping attack

– data modification attack

– IP address spoofing attack

– password-based attacks

– denial-of-service (DoS) attack

– man-in-the-middle attack (MiTM)

– compromised key attack

– sniffer attack

A

denial-of-service (DoS) attack :

A DoS attack prevents normal use of a computer or network by valid users.

After gaining access to a network, a DoS attack can crash applications or network services.

A DoS attack can also flood a computer or the entire network with traffic until a shutdown occurs because of the overload.

A DoS attack can also block traffic, which results in a loss of access to network resources by authorized users.

48
Q

It is important to understand that threat actors use a variety of security tools to carry out these attacks.

– eavesdropping attack

– data modification attack

– IP address spoofing attack

– password-based attacks

– denial-of-service (DoS) attack

– man-in-the-middle attack (MiTM)

– compromised key attack

– sniffer attack

A

man-in-the-middle attack (MiTM) :

A MiTM attack occurs when threat actors have positioned themselves between a source and destination.

They can now actively monitor, capture, and control the communication transparently.

49
Q

It is important to understand that threat actors use a variety of security tools to carry out these attacks.

– eavesdropping attack

– data modification attack

– IP address spoofing attack

– password-based attacks

– denial-of-service (DoS) attack

– man-in-the-middle attack (MiTM)

– compromised key attack

– sniffer attack

A

compromised key attack :

A compromised-key attack occurs when a threat actor obtains a secret key.

This is referred to as a compromised key.

A compromised key can be used to gain access to a secured communication without the sender or receiver being aware of the attack.

50
Q

It is important to understand that threat actors use a variety of security tools to carry out these attacks.

– eavesdropping attack

– data modification attack

– IP address spoofing attack

– password-based attacks

– denial-of-service (DoS) attack

– man-in-the-middle attack (MiTM)

– compromised key attack

– sniffer attack

A

sniffer attack :

A sniffer is an application or device that can read, monitor, and capture network data exchanges and read network packets.

If the packets are not encrypted, a sniffer provides a full view of the data inside the packet.

Even encapsulated (tunneled) packets can be broken open and read unless they are encrypted and the threat actor does not have access to the key.