Module 3

Question 1

What are the 3 CIA Triad

Answer 1

Confidentiality, Integrity, Availability

Question 2

Anything of value to the organization. It includes people, equipment, resources, and data

Answer 2

Asset

Question 3

A weakness in a system, or its design, that could be exploited by a threat

Answer 3

vulnerability

Question 4

A potential danger to a company’s assets, data, or network functionality

Answer 4

threat

Question 5

A mechanism that takes advantage of a vulnerability

Answer 5

exploit

Question 6

Counter-measure that reduces the likelihood or severity of a potential threat or risk.

Answer 6

mitigation

Question 7

The likelihood of a threat to exploit the vulnerability of an asset, with the aim of negatively affecting an organization

Answer 7

risk

Question 8

A path by which a threat actor can gain access to a server, host, or network.

Answer 8

attack vector

Question 9

____ or data exfiltration is when data is intentionally or unintentionally lost, stolen, or leaked to the outside world

Answer 9

Data loss

Question 10

What should be done to confidential data no longer required by a company

Answer 10

shredded

Question 11

Hackers are also called as ____

Answer 11

threat actors

Question 12

Ethical hackers who use their programming skills for good, ethical, and legal purposes.

Answer 12

White Hat Hackers

Question 13

These are individuals who commit crimes and do arguably unethical things, but not for personal gain or to cause damage

Answer 13

Gray Hat Hackers

Question 14

These are unethical criminals who compromise computer and network security for personal gain, or for malicious reasons, such as attacking networks

Answer 14

Black Hat Hackers

Question 15

These are teenagers or inexperienced hackers running existing scripts, tools, and exploits, to cause harm, but typically not for profit.

Answer 15

Script Kiddies

Question 16

These are usually gray hat hackers who attempt to discover exploits and report them to vendors, sometimes for prizes or rewards

Answer 16

Vulnerability Broker

Question 17

These are gray hat hackers who publicly protest organizations or governments by posting articles, videos, leaking sensitive information, and performing network attacks.

Answer 17

Hacktivists

Question 18

These are black hat hackers who are either self-employed or working for large cybercrime organizations

Answer 18

Cyber criminals

Question 19

These are either white hat or black hat hackers who steal government secrets, gather intelligence, and sabotage networks. Their targets are foreign governments, terrorist groups, and corporations

Answer 19

State-Sponsored

Question 20

Penetration Testing Tool which repeatedly make guesses in order to crack the password

Answer 20

Password Crackers

Question 21

Penetration Testing Tool used to intentionally hack into a wireless network to detect security vulnerabilities.

Answer 21

Wireless Hacking Tools

Question 22

Tools that are used to probe network devices, servers, and hosts for open TCP or UDP ports.

Answer 22

Network Scanning and Hacking Tools

Question 23

These tools are used to probe and test a firewall’s robustness using specially crafted forged packets

Answer 23

Packet Crafting Tools

Question 24

These tools are used to capture and analyze packets within traditional Ethernet LANs or WLANs

Answer 24

Packet Sniffers

Question 25

Tools used by threat actors to discover a computer’s security vulnerabilities.

Answer 25

Fuzzers to Search Vulnerabilities

Question 26

These tools are used by white hat hackers to sniff out any trace of evidence existing in a computer.

Answer 26

Forensic Tools

Question 27

These tools are used by black hats to reverse engineer binary files when writing exploits.

Answer 27

Debuggers

Question 28

This is when a threat actor captures and “listens” to network traffic.

Answer 28

Eavesdropping Attack

Question 29

If threat actors have captured enterprise traffic, they can alter the data in the packet without the knowledge of the sender or receiver (type of threat actor attack)

Answer 29

Data Modification Attack

Question 30

This happens when a threat actor constructs an IP packet that appears to originate from a valid address inside the corporate intranet

Answer 30

IP Address Spoofing Attack

Question 31

Type of attack where threat actors could use a valid account to obtain lists of other users, network information, change server and network configurations, and modify, reroute, or delete data.

Answer 31

Password-Based Attacks

Question 32

A ___ attack prevents normal use of a computer or network by valid users. It can also flood a computer or the entire network with traffic until a shutdown occurs because of the overload.

Answer 32

Denial of Service Attack

Question 33

This attack occurs when threat actors have positioned themselves between a source and destination. They can now actively monitor, capture, and control the communication transparently

Answer 33

Man-in-the-Middle Attack

Question 34

If a threat actor obtains a secret key, that key is referred to as a compromised key. A compromised key can be used to gain access to a secured communication without the sender or receiver being aware of the attack

Answer 34

Compromised-Key Attack

Question 35

___ require human action to propagate and infect other computers.

Answer 35

viruses

Question 36

____ hides by attaching itself to computer code, software, or documents on the computer.

Answer 36

virus

Question 37

This type of malware is a program that looks useful but also carries malicious code. They are often provided with free online programs such as computer games.

Answer 37

trojan horses

Question 38

Type of malware that can display unsolicited advertising using pop-up web browser windows, new toolbars, or unexpectedly redirect a webpage to a different website

Answer 38

adware

Question 39

Type of malware that denies a user access to their files by encrypting the files and then displaying a message demanding a ransom for the decryption key.

Answer 39

ransomware

Question 40

Used by threat actors to gain administrator account-level access to a computer. They are very difficult to detect because they can alter firewall, antivirus protection, system files, and even OS commands to conceal their presence.

Answer 40

Rootkit

Question 41

Like adware but, used to gather information about the user and send to threat actors without the user’s consent.

Answer 41

spyware

Question 42

What does CVE stand for?

Answer 42

Common Vulnerabilities and Exposures

Question 43

A self-replicating program that propagates automatically without user actions by exploiting vulnerabilities in legitimate software. The intent of is usually to slow or disrupt network operations

Answer 43

worm

Question 44

What does CWE stand for?

Answer 44

Common Weaknesses Enumeration

Question 45

List of known instances of vulnerabilities within a product or a
system

Answer 45

Common Vulnerabilities and Exposures (CVE)

Question 46

Dictionary of weaknesses that may lead to vulnerability

Answer 46

Common Weaknesses Enumeration (CWE)

Question 47

Threat actors use this attack to do unauthorized discovery and mapping of systems, services, or vulnerabilities. This attack precedes access attacks or DoS attack

Answer 47

Reconnaissance Attacks

Question 48

This type of attack exploits known vulnerabilities in authentication services, FTP services, and web services. The purpose of is to gain entry to web accounts, confidential databases, and other sensitive information

Answer 48

access attacks

Question 49

In this attack, the threat actor attempts to discover critical system passwords using various methods

Answer 49

Password Attacks

Question 50

In this attack, the threat actor device attempts to pose as another device by falsifying data

Answer 50

spoofing attack

Question 51

_____ is an access attack that attempts to manipulate individuals into performing actions or divulging confidential information. Some techniques are performed in-person while others may use the telephone or internet

Answer 51

Social engineering

Question 52

A threat actor pretends to need personal or financial data to confirm the identity of the recipient.

Answer 52

Pretexting

Question 53

A threat actor sends fraudulent email which is disguised as being from a legitimate, trusted source to trick the recipient into installing malware on their device, or to share personal or financial information

Answer 53

Phishing

Question 54

A threat actor creates a targeted phishing attack tailored for a specific individual or organization.

Answer 54

Spear phishing

Question 55

Also known as junk mail, this is unsolicited email which often contains harmful links, malware, or deceptive content

Answer 55

Spam

Question 56

Sometimes called “Quid pro quo”, this is when a threat actor requests personal information from a party in exchange for something such as a gift

Answer 56

Something for Something

Question 57

A threat actor leaves a malware infected flash drive in a public location. A victim finds the drive and unsuspectingly inserts it into their laptop, unintentionally installing malware

Answer 57

Baiting

Question 58

This type of attack is where a threat actor pretends to be someone they are not to gain the trust of a victim.

Answer 58

Impersonation

Question 59

This is where a threat actor quickly follows an authorized person into a secure location to gain access to a secure area.

Answer 59

Tailgating

Question 60

This is where a threat actor inconspicuously looks over someone’s shoulder to steal their passwords or other information.

Answer 60

Shoulder surfing

Question 61

This is where a threat actor rummages through trash bins to discover confidential documents

Answer 61

Dumpster diving

Question 62

Similar to a DoS attack, but it originates from multiple, coordinated sources.

Answer 62

Distributed DoS Attack (DDoS)

Question 63

Two major types of DoS attacks

Answer 63

Overwhelming Quantity of Traffic and Maliciously Formatted Packets

Question 64

Threat actors use Internet Control Message Protocol (ICMP) echo packets (pings) to discover subnets and hosts on a protected network, to generate DoS flood attacks, and to alter host routing tables.

Answer 64

ICMP attacks

Question 65

Threat actors attempt to prevent legitimate users from accessing information or services using DoS and DDoS attacks.

Answer 65

Amplification and
reflection attacks

Question 66

Threat actors spoof the source IP address in an IP packet to perform blind spoofing or non-blind spoofing.

Answer 66

Address spoofing attacks

Question 67

Threat actors position themselves between a source and destination to transparently monitor, capture, and control the communication. They could eavesdrop by inspecting captured packets, or alter packets and forward them to their original destination.

Answer 67

Man-in-the-middle attack (MITM)

Question 68

Threat actors gain access to the physical network, and then use an MITM attack to hijack a session

Answer 68

Session hijacking

Question 69

This is used to perform host verification and DoS attacks. (ICMP Message)

Answer 69

ICMP echo request and echo reply

Question 70

This is used to perform network reconnaissance and scanning attacks (ICMP Message)

Answer 70

ICMP unreachable

Question 71

This is used to map an internal IP network. (ICMP Message)

Answer 71

ICMP mask reply

Question 72

This is used to lure a target host into sending all traffic through a compromised device and create a MITM attack (ICMP Message)

Answer 72

ICMP redirects

Question 73

This is used to inject bogus route entries into the routing table of a target host. (ICMP Message)

Answer 73

ICMP router discovery

Question 74

Address Spoofing Attack where the threat actor can see the traffic that is being sent between the host and the target.

Answer 74

Non-blind spoofing

Question 75

Address Spoofing Attack where the threat actor cannot see the traffic that is being sent between the host and the target; used in DoS attacks

Answer 75

Blind spoofing

Question 76

What does TCP stand for?

Answer 76

Transmission Control Protocol

Question 77

What does UDP stand for?

Answer 77

user datagram protocol

Question 78

3 TCP Services

Answer 78

Reliable delivery, flow control and stateful communication

Question 79

Protocol that defines an automated service that matches resource names, such as www.cisco.com, with the required numeric network address, such as the IPv4 or IPv6 address.

Answer 79

Domain Name Service (DNS)

Question 80

4 kinds of DNS attacks

Answer 80

*DNS open resolver attacks
*DNS stealth attacks
*DNS domain shadowing attacks
*DNS tunneling attacks

Question 81

Involves the threat actor gathering domain account credentials in order to silently create multiple sub-domains to be used during the attacks.

Answer 81

DNS Domain Shadowing Attacks

Question 82

Threat actors who use _______ place non-DNS traffic within DNS traffic

Answer 82

DNS tunneling

Question 83

Occurs when a rogue DHCP server is connected to the network and provides false IP configuration parameters to legitimate clients

Answer 83

DHCP spoofing attack

Question 84

Only authorized individuals, entities, or processes can access sensitive information. It may require using cryptographic encryption algorithms such as AES to encrypt and decrypt data. (CIA security triad)

Answer 84

Confidentiality

Question 85

Refers to protecting data from unauthorized alteration. It requires the use of cryptographic hashing algorithms such as SHA (CIA security triad)

Answer 85

Integrity

Question 86

Authorized users must have uninterrupted access to important resources and data. It requires implementing redundant services, gateways, and links. (CIA security triad)

Answer 86

Availability

Question 87

A system, or group of systems, that enforces an access control policy between networks

Answer 87

Firewalls

Question 88

What does ESA stand for?

Answer 88

Email Security Appliance

Question 89

What does SMTP stand for?

Answer 89

Simple Mail Transfer Protocol

Question 90

What does WSA stand for?

Answer 90

Web Security Appliance

Question 91

Guarantees that the sender cannot repudiate, or refute, the validity of a message sent.

Answer 91

Data Non-Repudiation

Question 92

___ functions are used to ensure the integrity of a message. They guarantee that message data has not changed accidentally or intentionally

Answer 92

Hash

Question 93

What are the three well-known hash functions?

Answer 93

MD5 with 128-bit Digest (Legacy)
SHA Hashing Algorithm (Legacy)
SHA-2

Question 94

HMAC

Answer 94

hash message authentication code

Question 95

Encryption class where they use the same pre-shared key, also called a secret key, to encrypt and decrypt data. A pre-shared key is known by the sender and receiver before any encrypted communications can take place.

Answer 95

Symmetric Encryption

Question 96

_____ algorithms, also called public-key algorithms, are designed so that the key that is used for encryption is different from the key that is used for decryption.

Answer 96

Asymmetric

Question 97

What does IKE stand for?

Answer 97

Internet Key Exchange

Question 98

What does SSL stand for?

Answer 98

Secure Socket Layer

Question 99

This protocol provides a secure remote access connection to network devices

Answer 99

Secure Shell (SSH)

Question 100

This computer program provides cryptographic privacy and authentication. It is often used to increase the security of email communications.

Answer 100

Pretty Good Privacy (PGP)

Question 101

An asymmetric mathematical algorithm where two computers generate an identical shared secret key without having communicated before. The new shared key is never actually exchanged between the sender and receiver.

Answer 101

Diffie-Hellman (DH)

Question 102

Role of the red team in pen testing?

Answer 102

Offensive team

Question 103

Role of the blue team in pen testing?

Answer 103

defense team

Question 104

Role of the purple team in pen testing?

Answer 104

offense and defense

Question 105

Role of the white team in pen testing?

Answer 105

arbiters

Question 106

Role of the yellow team in pen testing?

Answer 106

builders

Question 107

Role of the orange team in pen testing?

Answer 107

offensive and builders

Question 108

Role of the green team in pen testing?

Answer 108

defense and builders

Question 109

What does MFA mean?

Answer 109

Multi-Factor Authenticator

Question 110

Phishing in SMS

Answer 110

Smishing

Question 111

Phishing in voice or calls

Answer 111

vishing

Question 112

What does IP stand for?

Answer 112

Internet Protocol

Question 113

What does ARP stand for?

Answer 113

address resolution protocol

Question 114

What does DNS stand for?

Answer 114

domain name system/service

Question 115

What does DHCP stand for?

Answer 115

dynamic host configuration protocol

Question 116

What does FTP stand for?

Answer 116

file transfer protocol

Question 117

What does TFTP stand for?

Answer 117

trivial FTP

Question 118

What does NFS mean?

Answer 118

network file system

Question 119

What does VoIP mean?

Answer 119

voice over IP

Question 120

What does VoLTE stand for?

Answer 120

voice over long term evolution

Question 121

What does IPS stand for?

Answer 121

Intrusion Prevention System

Question 122

What does IDS stand for?

Answer 122

Intrusion Detection System