SG 8 - Study Notecards Flashcards

1
Q

What is the Purdue Model?

A

A layered approach to network design for Operational Technology Environments, segmenting fragile devices away from user-centric devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Setoolkit (SET)?

A

A program that uses Metasploit to automate social engineering attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is Serverless Computing?

A

A platform for developers to write functions that respond to events without relying on the creation of virtual machines or containers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is XXE ?

A
  • XXE is XML External Entity
  • Allows an attacker to send commands into an underlying operating system using XML-formatted data
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is REST ?

A

A way of allowing clients and servers to maintain state within an application since HTTP doesn’t maintain state

Representational State Transfer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is Grid Computing?

A

A way of using multipple computer systems at the same time to solve problems in a parallels fashion

Examples: Distributed.net and SETI@Home

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are TTPs ?

A
  • Actions attackers take against victims across the entire attack lifecycle
  • These TTPs can be identified by victims

Techniques, Tactics and Procedures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is an HMI ?

A

A device used in operational technology environments to allow users to operate Industrial Control Systems (ICS)

Human-Machine Interface

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is Fog Computing?

A
  • Used to describe providing computing resources that may be used to support on-premise devices like those in the Internet of Things (IoT).
  • It’s not cloud computing, nor on-premise (on the ground)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is EDR ?

A
  • Software that will monitor systems for malicious activity, including looking for the existance of malware
  • EDR will also allow for live investigation and isolation of endpoint systems

Endpoint Detection and Response

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the
MITRE ATT&CK Framework?

A

A taxonomy of techniques, tactics and procedures (TTPs) known to be used by attackers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is ARP Spoofing?

A

Process of sending gratuitous ARP responses to get systems on a local network to send traffic to the system performing the ARP spoofing

Address Resolution Protocol Spoofing

This is a Man in The Middle (MitM) Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is Credential Stuffing?

A
  • Using collections of known usernames and passwords to break into systems.
  • This doesn’t produce the same problem as brute-forcing network requests, which would generate a lot of failed attempts on a single account
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is Simultaneous Authentication of Equals (SAE)?

A
  • A protocol used in the wireless encryption and authentication protocol WPA3
  • Allowing both sides of the wireless communication (Ex: station and access point) to validate one another’s identity and share keying info
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is Bluebugging?

A

Using Bluetooth devices to listen in on audio activities like phone calls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is an XMAS Scan?

A

A method of port scanning that sends the FIN, PSH and URG flags in a TCP header