Red Flashcards
What are some common methods used for gaining initial access to a target network?
Phishing attacks
Exploiting software vulnerabilities (e.g., remote code execution)
Brute-force attacks on authentication mechanisms
Social engineering tactics
Can you explain the difference between phishing and spear phishing?
Phishing: A generic term for deceptive email messages aimed at tricking recipients into divulging sensitive information or installing malware.
Spear Phishing: A targeted form of phishing that tailors the attack to a specific individual or organization, often using personalized information to increase the chances of success.
How can an attacker exploit vulnerable services to gain initial access?
Attackers can exploit vulnerable services by targeting known vulnerabilities in software running on networked devices. This includes unpatched operating systems, outdated software versions, or misconfigured services exposed to the internet.
Describe a scenario where an attacker leverages social engineering for initial access.
In a social engineering scenario, an attacker might impersonate a trusted individual or organization to trick a victim into revealing login credentials, downloading malware disguised as legitimate software, or providing access to sensitive information.
Explain the role of DHCP, DNS, TCP/IP, and OSI in Windows networking.
DHCP is responsible for IP address allocation, DNS for name resolution, TCP/IP for communication, and OSI serves as a conceptual model.
Explain the role of DHCP in network configuration.
DHCP (Dynamic Host Configuration Protocol) automatically assigns IP addresses and other network configuration parameters to devices on a network, simplifying network setup and management.
How does DNS resolve domain names to IP addresses?
DNS (Domain Name System) translates human-readable domain names (e.g., example.com) into IP addresses that computers use to communicate over a network.
Describe the TCP/IP model and its layers.
The TCP/IP model consists of four layers: Application, Transport, Internet, and Network Interface. Each layer handles specific aspects of network communication, such as data formatting, routing, and error detection.
How does VPN enhance network security and privacy?
VPN (Virtual Private Network) encrypts network traffic between a user’s device and a VPN server, providing confidentiality and integrity for data transmitted over insecure networks like the internet
What is Active Directory, and what role does it play in a Windows network?
Active Directory is a directory service developed by Microsoft for managing network resources, including users, computers, and groups, in a Windows domain environment.
How are users and resources organized within an Active Directory structure?
Users and resources are organized into a hierarchical structure called a domain, which can contain organizational units (OUs) for further organization and delegation of administrative tasks.
Explain the process of authentication and authorization in Active Directory.
Authentication verifies the identity of users and computers accessing resources in the Active Directory domain, while authorization determines the permissions granted to authenticated users or groups.
What are some common Active Directory attack techniques, and how can they be mitigated?
Common attack techniques include pass-the-hash, golden ticket attacks, and Kerberoasting. Mitigation strategies include enforcing strong password policies, monitoring privileged account usage, and implementing least privilege access controls.
What are the main differences between C and C++?
C is a procedural programming language, while C++ is an object-oriented programming language that also supports procedural programming.
Why is Active Directory a prime target for attackers?
Active Directory centralizes authentication and authorization services, making it a valuable target for gaining control over a network.