Quiz 1 Flashcards
Who was the main figure at Bletchley park that lead the effort to crack the Enigma codes and created the Bombe?
Alan Turing
He is considered one of the first hackers but was mostly a phreaker and adept in the art of social engineering
Kevin Mitnick
She studied under Charles Babbage and is the first person known to conceive of a reprogrammable computing device
Ada Lovelace
He is considered, by many, to be the creator of the internet because he lead the Advanced Research Project Agency that created ARPAnet, a precursor to the internet
Larry Roberts
He was another pivotal figure at Bletchley Park and his contributions include traffic analysis, a precursor to what Facebook and Google to with metadata today.
Gordon Welchman
The electro-mechanical rotor cipher used to encrypt day-to-day messages to the German troops
Enigma Machine
The first fully functional electric computer developed at the University of Pennsylvania
ENIAC
This was the first operating system developed with security in mind from the ground up
Multics
The two developments that shrunk computers and allowed for the decentralization of computing
Transistor and microprocessor
This pre-computer device was developed by Charles Babbage to help compute Bernoulli Numbers
Differencing Engine
What medium were the German codes being broadcast over during WWII?
Analog Radio Waves
The main storage medium used to transfer large amounts of data between facilities during the cold war era
Magnetic Tape
ARPAnet was the first to implement these protocols that we still use for many internet communications today; handshakes included
TCP / IP
Robert Metcalf developed these standards that allow machines to talk to each other over a LAN
Ethernet
Many of the problems we see with internet security today, stem from the early use of these standards rather than adopting industry standards that had been well vetted
“De facto”
The Tech Model Railroad club came up with this early “hacker dictionary” that is still in use today
The Jargon File
These were the two decades in which the primary development of the internet took place
1970s and 1980s
She is credited with finding the first computer “bug”
Grace Hopper
She is credited with conceptualizing and creating the first interpreter to ease the burdens of programming
Grace Hopper
This was the first computer security paper that detailed the need for security measures beyond that of physically locking down access to the machines
The Rand Report R-609
This term refers to an attacker gaining access to a target’s network
Infiltrate
This term refers to going through the garbage trying to find PII and/or confidential information
Dumpster Diving
This type of exploit is one for which there, currently, is no patch from the vendor
Zero day
Where were access numbers written for some of the first hackers to find and utilize?
Phone Booths
What network joined ARPAnet in 1986; the time when it was first referred to as “The Internet”
NSFNet
A substitution cipher is also somtimes referred to after this historical figure that achieved his encryption by shifting all letters 3 places to the right
Caesar
This general type of encryption uses the same key to encrypt and decrypt
Symmetric
This algorithm uses the binary representation of data
XOR
This cipher uses the numerical location of each letter within the alphabet
Vernam
This early encryption method was developed by the Spartans and involved wrapping a papyrus around a rod of a certain size
Scytale
What does the C of the CIA triangle of Information Security stand for?
Confidentiality
What do the I and A of the CIA triangle stand for?
Integrity and Availability
Something that has value to an individual and organization is known as this in technical terms
Asset
This specific person or entity that carries out an exploit is known as this
Threat Agent
What is the password software that we spoke of in class and can be utilized by an attacker to perpetrate pass the hash or ticket attacks?
Mimikatz
When speaking of encryption, this is the original [human readable] version of a message
Plaintext
When speaking of encryption, this is the encrypted version of a message; not human readable
Ciphertext or cryptogram
This term refers to the time it would take for cryptanalysis to successfully decrypt a message when the key is unknown
Work Factor
Asymmetric encryption is known as this type of encryption because two different keys are involved
Public Key
This type of cryptography involves hiding messages inside of something else, such as an image
Steganography
These people used non-standard hieroglyphs to create the first known form of encryption
Egyptians
This type of attack against a crypto system involves trying every possible combination for a given character set
Brute Force
During WWII, this group of Native Americans used their language in addition to new code words to create the only non-computer generated encryption to not be broken during either world war
Navajo Code Talkers
With private key encryption, when delivering the key, you want to deliver it by a different means from the ciphertext; also known as this…
Out of band
This term refers to the ability for PKI to enforce online transactions; the user can be held accountable with reasonable assurance that they carried out the transaction
Nonrepudiation
This command can be used to test network connectivity as well as tell if a system is active on the network
ICMP
This command shows you every hop a packet takes along its way to the destination
Traceroute
This command can be used to retrieve the MAC address of a client on the network; whether or not it is replying to PING requests
ARP
This command allows you to see all the ports actively connected or listening on the local machine
Netstat
We utilized this command to remotely scan another machine on the network and find information like open ports and potentially detect the OS
nmap / zenmap
This was the group we had to add our account to for it to become an administrator on the domain
Domain Admins
This is the name of Microsoft’s server role that allows for establishing a domain
Active Directory
This is the commandline environment we have been running commands in
powershell
This is the term that is used to refer to a server that is part of a domain, but NOT a domain controller
Member Server
This is the built-in Windows virtualization platform we are utilizing in class
Hyper-V
When setting what all will be entailed in the assessment, you are setting this
Scope
This should be the final step in your risk assessment
Documentation
This should be the 2nd step of a risk assessment
Identify Risks
You should consider these individuals in most risk assessments as they are often the biggest threat
Insiders / your own employees
If you have to follow rules set by a governing body because of the type of data you process, then it is said you must be in this…
Compliance
