Module 4: Modern Network Security Threats Flashcards

1
Q

It is term that refers to policies and processes put in place by
companies to help prevent security incidents and data breaches as well as limit the extent of damage when security attacks do happen.

A

cyber security threat mitigation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Vectors of data loss

A

Email/Webmail
Unencrypted Devices
Cloud Storage Devices
Removable Media
Hard Copy
Improper Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

examples of outside perimeter security

A

On-premise security officers
Fences and gates
Continuous video surveillance
Security breach alarms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

examples of inside perimeter security

A

Electronic motion detectors
Security traps
Continuous video surveillance
Biometric access and exit sensors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the virtual machine threats?

A

hyperjacking
instant on activation
antivirus storm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

It is an is an attack in which a hacker takes malicious control over the hypervisor that creates the virtual environment within a VM host.

A

hyperjacking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A virtual attack where the attacks happen as soon as you activate them, meaning they have no activation frames.

A

instant on activation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

It is the demand on computing resources that occurs when antivirus software simultaneously scans multiple guest virtual machines on a single physical host.

A

antivirus storm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the different components of a secure data center for cloud and virtual networks?

A

secure segmentation
threat defense
visibility

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

what are the critical MDM (mobile device management) functions for BYOD (bring your own device) network?

A

Data encryption
PIN enforcement
Data wipe
Data loss prevention
Jailbreak/root detection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

One of the mobile device management method where it does not produce a certified report which is different to data erasure.

A

data wipe

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

One of the mobile device management method where it overwrites data without verification that the software was successful in overwriting to all sectors of the storage device.

A

data wipe

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

One of the mobile device management method where it produces an erasure report that the data is rendered unrecoverable and achieves data sanitization.

A

data erasure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

One of the mobile device management method where it overwrites data from any data storage device using zeros and ones onto all sectors of the device and verifying the data has been erased.

A

data erasure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

One of modern hacker title whose motivation is usually for personal or financial gain, but they can also be involved in cyber espionage, protest or perhaps are just addicted to the thrill of cybercrime

A

black hat hackers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

One of modern hacker title who are responsible for writing malware, which is a method used to gain access to these systems.

A

black hat hackers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

One of modern hacker title that works for companies as security specialists that attempt to find security holes via hacking.

A

White hat hackers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

One of the modern hacker titles, also known as ethical hackers, that employs the same methods of hacking as black hats, with one exception—they do it with permission from the owner of the system first, which makes the process completely legal.

A

White hat hackers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

One of modern hacker title that will look for vulnerabilities in a system without the owner’s permission or knowledge.

A

Grey hat hackers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

One of modern hacker title that have little to no coding skills, and rely on available tools or exploit kits to carry out an attack.

A

script kiddie

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

One of modern hacker title that is used to describe a person who uses scripts or codes developed by real hackers to attack a network or website.

A

script kiddie

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

One of modern hacker title where a person who gains unauthorized access to computer files or networks in order to further social or political ends.

A

hacktivist

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

One of modern hacker title that published several leaks containing hacking tools, including several zero-day exploits. These these exploits and vulnerabilities targeted enterprise firewalls, antivirus software, and Microsoft products.

A

shadow brokers / vulnerability broker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Give at least 5 penetration testing tools.

A
  • Password crackers
  • Wireless hacking
  • Network scanning and hacking
  • Packet crafting
  • Packet sniffers
  • Rootkit detectors
  • Fuzzers to search vulnerabilities
  • Forensic
  • Debuggers
  • Hacking operating systems
  • Encryption
  • Vulnerability exploitation
  • Vulnerability Scanners
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

It is a threat where it allows network administrators to probe firewall rule-sets by manually generating packets to test network devices and behaviour, instead of using existing network traffic.

A

packet crafting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

It is a threat where it examines streams of data packets that flow between computers on a network as well as between networked computers and the larger Internet.

A

packet sniffer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

It is a threat where a piece of hardware or software used to monitor network traffic.

A

packet sniffer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

It is a threat where it is generally associated with malware – such as Trojans, worms, viruses – that conceal their existence and actions from users and other system processes.

A

rootkit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

It is a threat where a computer program designed to provide continued privileged access to a computer while actively hiding its presence.

A

rootkit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Give at least 5 network hacking attacks.

A
  • Eavesdropping
  • Data modification
  • IP (internet protocol) address spoofing
  • Password-based
  • Denial-of-service
  • Man-in-the-middle
  • Compromised-key
  • Sniffer
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

A hacker uses tools to modify the source address in the packet header to make the receiving computer system think the packet is from a trusted source, such as another computer on a legitimate network, and accept it.

A

internet protocol spoofing (ip spoofing)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

It is an attack meant to shut down a machine or network by flooding the target with traffic, or sending it information that triggers a crash.

A

denial-of-service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

It is an attack meant to shut down a machine or network, making it inaccessible to its intended users.

A

denial-of-service attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

It is an attack where a malicious actor inserts him/herself into a conversation between two parties, impersonates both parties and gains access to information that the two parties were trying to send to each other.

A

man-in-the-middle attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

It is an attack that takes advantage of unsecured network communications to access data as it is being sent or received by its user.

A

eavesdropping attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

It is a theft of information as it is transmitted over a network by a computer, smartphone, or another connected device

A

eavesdropping attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

It is an attack that corresponds to theft or interception of data by capturing the network traffic using a sniffer

A

sniffing attack /
sniffer attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Give the Trojan horse classifications.

A

Security software disabler
Remote-access
Data-sending
Destructive
Proxy
File Transfer Protocol (FTP)
denial-of-service (DOS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

A type of trojan horse designed stop or kill security programs such as an antivirus program or firewall without the user knowing.

A

security software disabler trojan

40
Q

A type of trojan horse that is designed to destroy or delete files.

A

destructive trojan

41
Q

A type of trojan horse that is a malware program that includes a back door for administrative control over the target computer.

A

remote-access trojan

42
Q

A type of trojan horse that is usually downloaded invisibly with a user-requested program – such as a game – or sent as an email attachment.

A

remote-access trojan

43
Q

A type of trojan horse that relays sensitive information back to its owner.

A

Data-sending trojan

44
Q

This type of Trojan can be used to retrieve sensitive data, including credit card information, email addresses, passwords, instant messaging contact lists, log files and so on.

A

Data-sending trojan

45
Q

A type of trojan horse that creates proxy servers out of infected computers for staging anonymous attacks.

A

proxy trojan

46
Q

This trojan allows unauthorized parties to use the infected computer as a proxy server to anonymously access the Internet.

A

proxy trojan

47
Q

A type of trojan horse that is designed to open port 21 and lets the attacker connect to your computer.

A

File Transfer Protocol (FTP) trojan

48
Q

A type of trojan horse that involves sending numerous requests to the victim machine.

A

denial-of-service (DOS)

49
Q

A computer worm observed on the Internet on July 15, 2001 and was the first large scale, mixed threat attack to successfully target enterprise networks.

50
Q

What are worm components for propagation?

A
  • enabling vulnerability
  • propagation mechanism
  • payload
51
Q

A software that is specifically designed to disrupt, damage, or gain unauthorized access to a computer system

52
Q

What are the different types of malware?

A
  • virus
  • worm
  • trojan horse
53
Q

A type of malware that infects your computer and displays messages demanding a fee to be paid in order for your system to work again.

A

Ransomware

54
Q

A type of malware that designed to enter your computer device, gather data about you, and forward it to a third-party without your consent.

55
Q

A type of malware that displays unwanted advertisements on your computer.

56
Q

A type of malware that tricks computer users into visiting malware-infested websites. These appear as legitimate warnings from antivirus software companies, and they claim your computer’s files have been infected.

57
Q

A form of denial-of-service attack in which an attacker rapidly initiates a connection to a server without finalizing the connection.

58
Q

A distributed denial-of-service attack in which large numbers of Internet Control Message Protocol (ICMP) packets with the intended victim’s spoofed source IP are broadcast to a computer network using an IP broadcast address.

A

Smurf attack

59
Q

These are general knowledge gathering attacks.

A

Reconnaissance attacks

60
Q

An attack that typically involve some form of psychological manipulation, fooling otherwise unsuspecting users or employees into handing over confidential or sensitive data.

A

Social engineering attack

61
Q

It is an attack that involves email or other communication that invokes urgency, fear, or similar emotions in the victim, leading the victim to promptly reveal sensitive information, click a malicious link, or open a malicious file.

A

Social engineering attack

62
Q

It is an attack that involves involves a human element, preventing these attacks can be tricky for enterprises.

A

Social engineering attack

63
Q

Give Social Engineering attack.

A

Pretexting
Phishing
Spearphishing
Spam
Tailgating
Something for Something
Baiting

64
Q

A type of social engineering attack that attempts to steal sensitive information by acquiring personal details on the victim such as their friends, hometown, employer, locations they frequent, and what they have recently bought online.

A

Spearphishing

65
Q

A type of social engineering attack where the attacker promises an item or good used to entice victims.

66
Q

A type of social engineering attack where the attacker comes up with a story in order to fool the victim.

A

Pretexting

67
Q

A type of social engineering attack that uses physical media and relies on the curiosity or greed of the victim.

68
Q

A type of social engineering attack where attackers disguise themselves as a trustworthy friend or entity to acquire sensitive information, typically through email or other online messaging.

A

Spearphishing

69
Q

A type of social engineering attack where it uses messaging systems to send an unsolicited message to large numbers of recipients for the purpose of commercial advertising, for the purpose of non-commercial proselytizing, or for any prohibited purpose.

70
Q

A type of social engineering attack where a physical security breach in which an unauthorized person follows an authorized individual to enter a secured premise.

A

Tailgating

71
Q

Give some Network Security Professionals

A

chief information officer (CIO)
chief information security officer (CISO)
Security operations (SecOps) manager
chief security officer (CSO)
Security Manager
Network security engineer

72
Q

A network security professional which is the company executive responsible for the management, implementation, and usability of information and computer technologies.

A

chief information officer (CIO)

73
Q

A network security professional which is the senior-level executive within an organization responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected.

A

chief information security officer (CISO)

74
Q

A network security professional which is responsible for directing the activities of security personnel to ensure protection of an organization’s physical assets, properties, and resources.

A

Security operations (SecOps) manager

75
Q

A network security professional which is the organization’s most senior executive accountable for the development and oversight of policies and programs intended for the mitigation and/or reduction of compliance, operational, strategic, financial and reputational security risk strategies relating to the protection of people, intellectual assets and tangible property.

A

chief security officer (CSO)

76
Q

A network security professional which is responsible for monitoring the security operations for any organization or company.

A

Security Manager

77
Q

A network security professional that implement security policies, regulations, rules, and norms and make sure that the environment in their organization is safe for employers and visitors.

A

Security Manager

78
Q

A diverse group of researchers, software engineers, security analysts, and digital intelligence specialists working together to research security vulnerabilities in software products, contribute to long-term changes in networked systems, and develop cutting-edge information and training to improve the practice of cybersecurity.

A

CERT (Computer emergency response team)

79
Q

The most trusted and by far the largest source for information security training and security certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet’s early warning system - the Internet Storm Center.

A

SANS (SysAdmin, Audit, Network, and Security)

80
Q

What are worm components of cryptography?

A

confidentiality
integrity
availability

81
Q

A component of cryptography that uses encryption to encrypt and hide data.

A

confidentiality

82
Q

A component of cryptography that assures data is accessible.

A

availability

83
Q

A component of cryptography that uses hashing algorithms to ensure data is unaltered during operation.

84
Q

Give at least four network security domains.

A
  • Risk assessment
  • Security policy
  • Organization of information security
  • Asset management
  • Human resources security
  • Physical and environmental security
  • Communications and operations management
  • Information systems acquisition, development, and maintenance
  • Access control
  • Information security incident management
  • Business continuity management
  • Compliance
85
Q

A security device that combines firewall, antivirus, intrusion prevention, and virtual private network (VPN) capabilities.

A

Cisco Adaptive Security Appliance (ASA)

86
Q

A technology that keeps an eye on a network for any malicious activities attempting to exploit a known vulnerability.

A

Intrusion Prevention System (IPS)
a.k.a. intrusion detection prevention system (IDPS)

87
Q

It provides proactive threat defense that stops attacks before they spread through the network

A

Cisco Adaptive Security Appliance (ASA)

88
Q

SecureX Product Families

A
  • Server Edge and Branch
  • Secure Data Center and Virtualization
  • Secure Email and Web
  • Secure Mobility
  • Secure Access
89
Q

Cisco SecureX Architecture

A
  • Scanning engines
  • Delivery mechanisms
  • Security intelligence operations (SIO)
  • Policy management consoles
  • Next-generation endpoint
90
Q

five parameters that defines security policies

A
  • Type of device being used for access
  • Person’s identity
  • Application in use
  • Location
  • Time of access
91
Q

A framework designed by Cisco to logically group functions that occur on a network.

A

Network Foundation Protection (NFP)

92
Q

The framework combines a number of security techniques to secure routers and switches and ensure the availability of the network even when it is under attack.

A

Network Foundation Protection (NFP)

93
Q

Three basic sections of Network Foundation Protection (NFP) Framework

A

control plane
management plane
data plane

94
Q

A section of Network Foundation Protection (NFP) framework where the protocols and traffic that the network devices send between each other (without interaction from an administrator) for automatic network discovery and configuration are.

A

Control plane

95
Q

A section of Network Foundation Protection (NFP) framework where the protocols and traffic that a network administrator uses to configure network devices from his computer are.

A

management plane

96
Q

A section of Network Foundation Protection (NFP) framework where the end-user traffic is.

A

data plane