Security 1.2

Question 1

Phishing

Answer 1

Sending a false email pretending to be legitimate to steal valuable information from the user

Question 2

Spear phishing

Answer 2

Attacks that target specific users with inside information.

Question 3

Whaling

Answer 3

An attack on a powerful or wealthy individual like a CEO.

Question 4

Vishings

Answer 4

An attack through a phone or voice communications

Question 5

Tailgating

Answer 5

loosely following individuals with keys to get access to secure areas.

Question 6

Impersonation

Answer 6

aking on the identity of an individual to get access into the system or communications protocol

Question 7

Dumpster diving

Answer 7

Going through a business’s or person’s trash to find thrown away valuable information or possessions.

Question 8

Shoulder surfing

Answer 8

Watching as a person enters information.

Question 9

Hoax

Answer 9

False information that deceives the user into compromising security by making them believe they are at risk.

Question 10

Watering hole attack

Answer 10

A security attack that targets a specific highly secured group by infecting a commonly visited website by the group’s members.

Question 11

Social engineering

Answer 11

The practice of using social tactics to gain information from people or get people to do something.

Question 12

Authority

Answer 12

The actor acts as an individual of authority

Question 13

Intimidation

Answer 13

Frightening or threatening the victim

Question 14

Consensus

Answer 14

Convince based on what’s normally expected.

Question 15

Scarcity

Answer 15

Limited resources and time to act

Question 16

Familiarity

Answer 16

The victim is well known

Question 17

Trust

Answer 17

Gain their confidence, be their friend

Question 18

Urgency

Answer 18

Limited time to act, rush the victim

Question 19

DoS (Denial of Service)

Answer 19

Flooding a target machine or resource with many requests to overload the system and prevent use of its resources

Question 20

DDoS (Distributed Denial of Service)

Answer 20

DoS launched from multiple sources.

Question 21

Man-in-the-middle

Answer 21

The attacker alters the communication between two parties who believe they are directly communicating.

Question 22

Buffer overflow

Answer 22

A program attempts to write more data than can be held in a fixed block of memory.

Question 23

Injection

Answer 23

Occurs from processing invalid data, inserts code into the vulnerable computer program and changes the course of execution.

Question 24

Cross-site scripting (XXS):

Answer 24

Found in web applications, allows for an attacker to inject client-side scripts in web pages.

Question 25

Cross-site request forgery (XSRF)

Answer 25

Unauthorized commands are sent from a user that is trusted by the website. Allows the attacker to steal cookies and harvest password

Question 26

Privilege escalation

Answer 26

An attack that exploits a vulnerability that allows them to gain access to resources that they normally would be restricted from accessing

Question 27

ARP poisoning

Answer 27

The act of falsifying the IP-to-MAC address resolution system employed by TCP/IP

Question 28

Amplification

Answer 28

The amount of traffic sent by the attacker is originally small but then is repeatability multiplied to place a massive strain on the victim’s resources, in an attempt to cause it to fail or malfunction.

Question 29

DNS poisoning

Answer 29

Is a type of attack that exploits vulnerabilities in the domain name system (DNS) to divert Internet traffic away from legitimate servers and towards fake ones.

Question 30

DNS poisoning

Answer 30

Is a type of attack that exploits vulnerabilities in the domain name system (DNS) to divert Internet traffic away from legitimate servers and towards fake ones.

Question 31

Amplification process

Answer 31

- Bot C&C sends sends a message to the 
  botnet
- Botnet request a spoofed DNS message
  to the DNS open Resolver
 -DNS Resolvers sends amplified DNS
  Reponses to the Web server

Question 32

Domain hijacking

Answer 32

he act of changing the registration of a domain name without the permission of the victim.

Question 33

Man-in-the-browser

Answer 33

A proxy Trojan horse that infects web browsers and capture browser session data.

Question 34

Zero day

Answer 34

The aim is to exploit flaws or vulnerabilities in targeted systems that are unknown or undisclosed to the world in general. Meaning that there is no direct or specific defense to the attack; which puts most systems vulnerable assets at risk

Question 35

Replay

Answer 35

Is a network-based attack where a valid data transmission is rebroadcasted, repeated, or delayed

Question 36

Pass the hash

Answer 36

An authentication attack that captures and uses the hash of a password. The attacker then attempts to log on as the user with the stolen hash. This type of attack is commonly associated with the Microsoft NTLM (New Technology LAN Manager) protocol.

Question 37

Clickjacking

Answer 37

Deceives the user into clicking on a malicious link by adding the link to a transparent layer over what appears to be a legitimate web page.

Question 38

Session hijacking

Answer 38

An attack in which an attacker attempts to impersonate the user by using their legitimate session token.

Question 39

URL hijacking

Answer 39

Redirects the user to a false website based on misspelling the URL, is also referred to

Question 40

Drive manipulation

Answer 40

Shimming
Refactoring
Mac Spoofing
IP spoofing

Question 41

Shimming

Answer 41

The process of injecting alternate or compensation code into a system in order to alter its operations without changing the original or existing code

Question 42

Refactoring

Answer 42

Rewrites the internal processing of code without changing its behavior.

Question 43

Replay

Answer 43

This is a passive attack where the attacker captures wireless data, records it, and then sends it on to the original recipient without them being aware of the attacker’s presence.

Question 44

IV (Initialization Vector)

Answer 44

A random number used to increase security by reducing predictability and repeatability.

Question 45

Evil Twin

Answer 45

Has same SSID (Service Set Identifier) as a proper access point (AP). Once a user connects to it, all wireless traffic goes through it instead of the real AP

Question 46

Rogue AP (Access Point):

Answer 46

An unauthorized WAP (Wireless Access Point) or Wireless Router that allows for attackers to bypass many of the network security configurations and opens the network and its users to attacks.

Question 47

Jamming

Answer 47

Disabling a wireless frequency with noise to block the wireless traffic

Question 48

WPS( Wifi Protected Setup)

Answer 48

Allows users to easily configure a wireless network, sometimes by using only a PIN. The PIN can be found through a brute force attack

Question 49

BlueJacking

Answer 49

Sending unsolicited messages to the Bluebooth

Question 50

Bluesnarfing

Answer 50

Gaining unauthorized access to, or stealing information from a Bluetooth device

Question 51

RFID

Answer 51

Communicates with a tag placed in or attached to an object using radio signals. Can be jammed with noise interference, the blocking of radio signals, or removing/disabling the tags themselves.

Question 52

NFC (Near Field Communication)

Answer 52

A wireless technology that allows for smartphones and other devices to establish communication over a short distance.

Question 53

Disassociation

Answer 53

Removes clients from a wireless network

Question 54

crytographic attacks

Answer 54

(Attack that uses codes, ciphers, numbers, and crytographics)

• Birthday
• Text
• Rainbow attacks
• Dictionary
• Brute Force
• Collisions
• Downgrade
• weak implmentations

Question 55

Birthday

Answer 55

Used to find collisions in hashes and allows the attacker to be able to create the same hash as the user. Exploits that if the same mathematical function is performed on two values and the result is the same, then the original values are the same.

Question 56

Plain text

Answer 56

The attacker has both the plaintext and its encrypted version.

Question 57

Cipher text

Answer 57

he attacker has access only to the encrypted messages.

Question 58

Rainbow tables

Answer 58

Large pregenerated data sets of encrypted passwords used in password attacks

Question 59

Dictionary

Answer 59

A password attack that creates encrypted versions of common dictionary words and then compares them against those in a stolen password file. Guessing using a list of possible passwords.

Question 60

Brute force

Answer 60

A password-cracking program that tries every possible combination of characters through A to Z

Question 61

Collision

Answer 61

When two different inputs produce the same hash value.

Question 62

Downgrade

Answer 62

orces a system to lessen its security, this allows for the attacker to exploit the lesser security control. It is most often associated with cryptographic attacks due to weak implementations of cipher suite
ex -ssl attack

Question 63

Weak implementations

Answer 63

The main cause of failures in modern cryptography systems are because of poor or weak implementations instead of a failure caused by the algorithm itself.