Network Threats and Attacks

Question 1

_______________ are sophisticated and targeted cyberattacks where a threat actor gains unauthorized access to a network or system and remains undetected for an extended period. These attackers often have specific objectives, such as stealing sensitive data or conducting espionage.

Answer 1

Advanced Persistent Threats (APTs)

Question 2

_______________ involve exploiting vulnerabilities in APIs to gain unauthorized access or manipulate data. Attackers can use these vulnerabilities to compromise the functionality and security of applications and services.

Answer 2

API (Application Programming Interface) Attacks

Question 3

_______________ attacks involve manipulating ARP tables to associate a legitimate IP address with a malicious MAC address. This can lead to network traffic being redirected to an attacker-controlled device.

Answer 3

ARP (Address Resolution Protocol) Spoofing & Poisoning

Question 4

Backdoors are hidden or unauthorized access points in a system or application that allow an attacker to bypass normal authentication and gain control over the system. They are often used for remote access and persistence.

Answer 4

Backdoors

Question 5

_______________ is a wireless technology used for short-range communication between devices. Bluetooth attacks involve exploiting vulnerabilities in Bluetooth connections to gain unauthorized access or control over connected devices.

Answer 5

Bluetooth

Question 6

_______________ involve systematically trying every possible combination of passwords or encryption keys until the correct one is found. These attacks are time-consuming but can be effective if passwords are weak.

Answer 6

Brute Force Attacks

Question 7

_______________ attacks involve impersonating a trusted individual or organization via email to manipulate employees into disclosing sensitive information or conducting fraudulent financial transactions.

Answer 7

Business Email Compromise (BEC)

Question 8

This refers to security measures and practices aimed at protecting user credentials (e.g., usernames and passwords) from being stolen by attackers.

Answer 8

Credential Theft Prevention

Question 9

_______________ is a web application vulnerability where malicious scripts are injected into web pages viewed by other users. These scripts can steal data or perform actions on behalf of the victim.

Answer 9

Cross-Site Scripting (XSS)

Question 10

_______________ is a criminal service where ransomware tools are offered as a service, enabling individuals with limited technical skills to launch ransomware attacks for financial gain.

Answer 10

Crypto Ransomware-as-a-Service (RaaS)

Question 11

_______________ is the unauthorized use of a victim’s computer or device to mine cryptocurrency. Attackers use malware or scripts to exploit the victim’s computing resources.

Answer 11

CryptoJacking

Question 12

_______________ is malicious software that encrypts a victim’s files and demands a ransom for decryption. Victims are typically forced to pay to regain access to their data.

Answer 12

Crypto-Malware Attacks

Question 13

Botnets are networks of compromised devices controlled by an attacker._______________ are used to collectively mine cryptocurrency using the computing power of the compromised devices.

Answer 13

Crypto-Mining Botnets

Question 14

_______________ involves unauthorized changes to data stored on systems or databases. Attackers may alter, delete, or corrupt data to achieve their objectives.

Answer 14

Data Manipulation

Question 15

_______________ attacks manipulate the Domain Name System (DNS) to redirect users to malicious websites or intercept their communications.

Answer 15

DNS Spoofing & Cache Poisoning

Question 16

DNS tunneling is a technique that uses DNS queries and responses to bypass network security controls and exfiltrate data.

Answer 16

DNS Tunneling

Question 17

_______________ involves attacking the security extensions of DNS to compromise the integrity and authenticity of DNS data.

Answer 17

DNSSEC (Domain Name System Security Extensions) Exploitation

Question 18

_______________ are algorithms used by malware to generate a large number of domain names dynamically. Attackers use DGAs to evade detection and establish communication with command and control servers.

Answer 18

Domain Generation Algorithms (DGA)

Question 19

_______________) attacks overload a target system or network with traffic, rendering it unavailable to legitimate users.

Answer 19

DoS & DDoS: Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS)

Question 20

_______________ occur when malware is automatically downloaded and installed on a user’s device when they visit a malicious website or interact with malicious content.

Answer 20

Drive-By Downloads

Question 21

_______________ is a type of attack where a user’s router settings are maliciously modified when they visit a compromised website, redirecting their traffic to attacker-controlled servers.

Answer 21

Drive-By Pharming

Question 22

_______________ involves intercepting and listening to communications without authorization. _______________ refers to capturing and analyzing network traffic to gain information or exploit vulnerabilities.

Answer 22

Eavesdropping, Sniffling

Question 23

_______________ in web applications allow attackers to upload malicious files, which can lead to remote code execution or other attacks.

Answer 23

File Upload Vulnerabilities

Question 24

_______________ operate in memory without leaving traces on disk. They leverage existing system tools and processes to carry out malicious activities.

Answer 24

Fileless Attacks

Question 25

_______________ are decoy systems or networks set up to attract and trap attackers. They help organizations gather information about attack techniques and the attacker's motives.

Answer 25

Honeypots

Question 26

_______________ involve individuals within an organization who misuse their access privileges to intentionally or unintentionally harm the organization's security.

Answer 26

Insider Threats

Question 27

_______________ are networks of compromised IoT devices used to launch attacks, such as DDoS attacks, against targets.

Answer 27

IoT (Internet of Things) Botnets

Question 28

_______________ are security weaknesses in Internet of Things devices and networks that can be exploited by attackers to gain control or access sensitive data.

Answer 28

IoT Vulnerabilities

Question 29

_______________ is the use of malicious advertisements to deliver malware to a user's device when they click on or interact with the ad.

Answer 29

Malvertising

Question 30

_______________, short for malicious software, encompasses various types of software designed to harm, compromise, or steal data from computer systems.

Answer 30

Malware

Question 31

_______________ Attacks involve intercepting and manipulating communications between two parties without their knowledge. Attackers can eavesdrop, modify, or impersonate either party.

Answer 31

Man-in-the-Middle (MitM)

Question 32

_______________ is the capture and analysis of network traffic to intercept sensitive data, such as passwords or confidential information.

Answer 32

Packet Sniffing

Question 33

_______________ involve attempting to crack or guess passwords through methods like brute force, dictionary attacks, or credential stuffing.

Answer 33

Password Attacks

Question 34

_______________ attacks aim to permanently damage or "brick" a device or system by overloading it with malicious actions or commands.

Answer 34

Permanent Denial-of-Service (PDoS)

Question 35

_______________ measures protect against attacks that manipulate DNS or network settings to redirect users to fake websites.

Answer 35

Pharming Prevention

Question 36

_______________ involves implementing security measures to prevent phishing attacks, where attackers trick individuals into revealing sensitive information or performing actions they shouldn't.

Answer 36

Phishing Protection

Question 37

_______________ is malicious software that encrypts a victim's files and demands a ransom for decryption.

Answer 37

Ransomware

Question 38

_______________ are unauthorized or unmanaged devices connected to a network, posing security risks and potential entry points for attackers.

Answer 38

Rogue Devices

Question 39

_______________ occurs when an attacker takes over an active user session to gain unauthorized access to a system or application.

Answer 39

Session Hijacking

Question 40

_______________ is a manipulation technique where attackers deceive individuals into revealing confidential information or performing actions that compromise security.

Answer 40

Social Engineering

Question 41

_______________ target individuals or organizations on social media platforms, often involving account compromise, impersonation, or spreading of malicious content.

Answer 41

Social Media Attacks

Question 42

_______________ is a web application vulnerability that allows attackers to execute arbitrary SQL queries on a database, potentially gaining unauthorized access or manipulating data.

Answer 42

SQL Injection

Question 43

_______________ is the practice of hiding information within digital files, such as images or audio, to conceal it from detection.

Answer 43

Steganography

Question 44

_______________ involve targeting an organization by compromising its suppliers or partners, with the goal of infiltrating the target organization through trusted connections.

Answer 44

Supply Chain Attacks

Question 45

_______________ attacks exploit vulnerabilities in USB devices to compromise a computer or network when a malicious USB device is connected.

Answer 45

USB-based

Question 46

_______________ is a type of phishing attack conducted over voice calls, where attackers impersonate trusted entities to deceive individuals into revealing sensitive information.

Answer 46

Vishing (Voice Phishing)

Question 47

_______________wireless networks, often for malicious purposes, such as unauthorized network access or data interception.

Answer 47

Wardriving

Question 48

_______________ attacks target websites or online locations frequently visited by a target group, infecting these sites to compromise the users who visit them.

Answer 48

Watering Hole

Question 49

_______________ are attacks that target vulnerabilities in software or systems that are not yet known to the vendor or have not been patched. They are called "zero-day" because there are zero days of protection against them when they are discovered.

Answer 49

Zero-Day Exploits