SG 4 - Study Notecards Flashcards

1
Q

What is sniffing?

A

Collecting network packets for decoding and analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is ARP ?

A

The Address Resolution Protocol

Used to convert IP addresses to MAC addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is ring 0 ?

A

The innermost security ring of a system. It has the most direct hardware access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is social engineering?

A

Getting an user to perform an action or give up info they shouldn’t

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is privilege escalation?

A

Trying to obtain more capabilities on a system than you currently have

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are rainbow tables?

A

Precomputed password hashes, which can make password cracking A LOT faster

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is persistence?

A

An attacker attempting to maintain access to a system after the initial compromise

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a rootkit?

A

A piece of software that may be used to obscure the existence of malware and may also provide backdoor access to a system for an attacker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is John the Ripper?

A

A password cracker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is malware?

A

Malicious software

There are multiple forms of malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a debugger?

A

A software program that can be used to analyze other programs and potentially reverse-engineer the software to understand its functionality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is disassembly?

A

Taking an executable program and converting it to assembly language to make it slightly more readable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a container?

A

A way of isolating applications into a separate memory space so it appears as though they are running on a completely different system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is C2 ?

A

Command and Control

Command-and-control servers are used by attackers to send commands to malware residing on endpoints

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is Spoofing?

A

Pretending to be a system or user other than the one you are

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a packet?

A

A method of compressing software to avoid detection from anti-malware systems

16
Q

What is a MAC address?

A

The physical address of a network interface

It has 6 octets