Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CWO Block 8 > Student Text > Flashcards

Student Text Flashcards

1
Q

What is aimed to improve understanding of attackers TTPs?

A

Lockheed Martin’s Cyber Kill Chain

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the categories in Lockheed Martins Cyber Kill Chain

A
  • Reconnaissance
  • Weaponization
  • Delivery
  • Exploitation
  • Installation
  • Command & Control
  • Actions on Objectives
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What describes the actions an adversary would take against a target, is designed for network defenders, and has the later stages broken into 11 tactic categories?

A

MITRE ATT&CK Matrix

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the methods for footprinting?

A
  • whois
  • dig
  • nslookup
  • google
  • social networking sites
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

The Hacker Methodology

A
  • Footprinting
  • Scanning
  • Enumeration
  • Gaining access
  • Escalating privileges
  • Pilfering data
  • Covering tracks
  • Creating backdoors
  • Actions on objectives
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is passive collection of data about a target?

A

Footprinting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is bulk assessment and identification of target and includes direct interaction?

A

Scanning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the methods for scanning?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is aggressively probing and looking for vulnerabilities?

A

Enumeration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the methods of enumeration?

A
  • Service version detection
  • Operating system detection
  • Banner grabbing
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is establishing a foothold on the target system?

A

Gaining access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the methods for gaining access?

A
  • Username/passwords
  • Brute force password guessing
  • Remote code execution (metasploit/phishing)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is taking full control of a system?

A

Escalating privileges

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the methods for escalating privileges?

A
  • Hashdump
  • Password cracking
  • Phishing
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is gathering information for a target system?

A

Pilfering data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the methods for pilfering data?

A
  • Copy data don’t move
  • System configs
  • Shares
  • ARP tables
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is making sure users and admins don’t know we were there?

A

Covering tracks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the methods for covering tracks?

A
  • Log removal
  • Restarting crashed services
  • Timestomping
  • Removing uploaded/installed software
17
Q

What is persisting on the system called?

A

Creating backdoors?

18
Q

What are the methods for creating backdoors?

A
19
Q

What is performing the end goal on the target called?

A

Actions on objectives

20
Q

What are the methods ofactions on objectives?

A
21
Q

Title 10

A

War

22
Q

Title 50

A

Intelligence

23
Q

AF Policy

A

17-212 Cyber Operations
- CWO (Cyber Warfare Operations)

24
Q

JP 3-12

A

Joint Policy for Cyber
- CWO called CO (Cyber Operations)

25
Q

OCO

A

Project power in foreign cyberspace

26
Q

DCO

A

Protect DoDIN from threats

27
Q

Buffer

A

A region of memory while its moving

28
Q

Buffer Overflow Attack

A

Data entered that exceeds the size of the buffer and spills into other memory space

29
Q

Rootkits

A

The goal is to hide it’s presence from users/OS
- Can attach itself to security software to remain hidden
- Can be different types (hardware/firmware, bootloader, memory, application, kernel mode)

30
Q

Man in the Middle

A

Attacker inserts himself into the communication between two devices

31
Q

Triggering

A

Goal: Interact w/ a target to have a program perform a defined function for an attacker
- Could be accomplished through sending packets
- Functions could include running a command, starting a listener, starting a reverse connection

32
Q

Obfuscation

A

Goal: alter code of malware to evade anti-virus software
- makes it look new
- packers (compress malware, hides from av and makes it difficult to RE)
- crypters…

33
Q

Types of Ofuscation

A
  • Network traffic
  • Executables
  • Text
  • Steganographyq
34
Q

WEP

A
  • First
  • Uses RC4
  • Replaced by WPA…
34
Q

Social Engineering

A

Goal: Convince a target to take actions they normally would not
- pretexting
- baiting
- tailgating
- phishing

34
Q

WPA

A
  • Uses TKIP
  • Replaced by WPA2…
35
Q

WPA2

A

Deprecated WEP
- Uses AES-CCMP
- Prevents frame forgeries and replay attacks
- Never re-uses encryption keys

36
Q

WPS

A
  • 2 mandatory connection modes (push button, pin connect)
  • 2 optional connection modes (Near field communication, USB transfer)
37
Q

WPA3

A
  • Newest
  • Uses Simultaneous Authentication Equals (SAE) replaces WPA2 pre-shared key
  • Uses forward secrecy (minimal data is exposed)
  • Easy connect, enhanced open
38
Q

Wireless hacking methodology

A
  • Need to know SSID of WiFi Network
  • Need to be in the footprint of the access
  • Need a client…
39
Q
A

CWO Block 8 (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions