test2 Flashcards
1
Q
early macro-type virus, attach themselves into a document
A
Melisa
2
Q
virus for for stealing information
A
duqu
3
Q
Philippine students, spread by email
A
Love you
4
Q
characterized by a greater amount of planning, a longer period of time to conduct the activity, more financial backing to accomplish it, and the possible corruption of, or collusion with, insiders
A
Structured threat
5
Q
generally, is short-term in nature, does not involve a large group of individuals, does not have large financial backing, and does not include collusion with insiders
A
Unstructured threat
6
Q
characterized by a much longer period of preparation (years is not uncommon), tremendous financial backing, and a large and organized group of attackers.
A
highly structured threat
7
Q
In general terms, the methods, techniques, and tools used to ensure that a computersystem is secure.
A
Computer security
8
Q
A hacker who has the skill level necessary to discover and exploit new vulnerabilities
A
Elite hacker
9
Q
A hacker who uses his or her skills for political purposes
A
Hacktivist
10
Q
A hacker with little true technical skill and hence who uses only scripts that someone elsedeveloped.
A
Script kiddie
11
Q
The act of deliberately accessing computer systems and networks without authorization is generally know
A
Hacking
12
Q
CIA
A
Confidentiality + Integrity + Availability
13
Q
Protection
A
Prevention + ( Detection + Response)
14
Q
For many years, the focus of security was on
A
prevention
15
Q
the set of activities employed to establish a communication channel between two parties, identifying each in a manner that allows future activity without renewed authentication.
A
Session Management
16
Q
invocation of conditions that fall outside the normal sequence of operation
A
Exception Management
17
Q
to the proper operation of IT systems. IT systems are first and foremost systems, groups of elements that work together to achieve a desired resultant process. The proper configuration and provisioning of all of the components in a system is essential to the proper operation of the system. The design and operation of the elements to ensure the proper functional environment of a system
A
Configuration Management
18
Q
takes a granular view of security by focusing on protecting each computer and device individually instead of addressing protection of the network as a whole
A
Host Security
19
Q
an emphasis is placed on controlling access to internal computers from external entities
A
Network Security
20
Q
Use minimum privileges necessary to perform a task.
A
Least privilege
21
Q
Access should be based on more than one item.
A
Separation of privilege
22
Q
Deny by default (implicit deny) and only grant access with explicit permission
A
Fail-safe defaults
23
Q
Mechanisms should be small and simple
A
Economy of mechanism
24
Q
Protection mechanisms should cover every access to every object
A
Complete mediation
25
Protection mechanisms should not depend upon secrecy of the mechanism itself
Open design
26
Protection mechanisms should be shared to the least degree possible among users
Least common mechanism
27
Protection mechanisms should not impact users, or if they do, the impact should be minimal
Psychological acceptability
28
This is sometimes called default deny, and the common operational term for this approach
implicit deny.
29
An approach to security using the mechanism of hiding information to protect it.
Security through obscurity
30
Applying this principle to the people side of the security function results in the concept
separation of duties.
31
addresses data confidentiality in computer operating systems
Bell-LaPadula security model
32
defined by controlling read and write access based on conflict of interest rules
Brewer-Nash security model
33
instead of security classifications, integrity levels are used
The Biba Security Model
34
an integrity-based security model that bases its security on control of the processes that are allowed to modify critical data, referred to as constrained data items.
The Clark-Wilson Security Model
35
focuses on protecting each computer and device individually, whereas network security focuses on addressing protection of the network as a whole.
Host security
36
that multiple layers of differing, overlapping controls should be employed
defense in depth, or layered security
37
concept that complements the idea of various layers of security. It means to make the layers dissimilar so that if one layer is penetrated, the next layer can’t also be penetrated using the same method
Diversity of defense
38
the process of combining seemingly unimportant information with other pieces of information to divulge potentially sensitive information
phishing attack
39
The security principle used in the Bell-LaPadula security model that states that no subject can read from an object with a higher security classification
Simple Security Rule
40
agreed-upon formats for exchanging or transmitting data between systems, enable computers to communicate
protocol
41
physical arrangement of a network is typically called
network’s topology
42
When data is transmitted over a network, it is usually broken up into smaller pieces called
packets
43
connection oriented, requires the three-way handshake to initiate a connection, and provides guaranteed and reliable data delivery
TCP
44
connectionless, lightweight, and provides limited error checking and no delivery guarantee
UDP
45
group of two or more devices linked together to share data
network
46
Moving packets from source to destination across multiple networks
routing
47
three-way handshake sequence
SYN, SYN/ACK, ACK
48
extension of a selected portion of a company’s intranet to external partners
Extranet
49
describes a network that has the same functionality as the Internet for users but lies completely inside the trusted area of a network and is under the security control of the system and network administrators
Intranet
50
military term for ground separating two opposing forces, by agreement and for the purpose of acting as a buffer between the two sides
DMZ
51
networking equipment that connects devices that are using the same protocol at the physical layer of the OSI model
Hubs
52
networking equipment that connect devices using the same protocol at the data link layer of the OSI model
Bridges
53
forms the basis for connections in most Ethernet-based LANs
Switches
54
network traffic management device used to connect different network segments together
router
55
construct used to provide a secure communication channel between users across public networks such as the Internet
virtual private network (VPN)
56
The most common implementation of VPN is via IPsec, a protocol for IP security
true
57
Window communication protocol
NetBeui
58
10BASE2
thinnet, 10Mb/s, length 200m
59
10BASE5
500m
60
NAC
cisco
61
NAP
Microsoft
62
Coaxial cable carries how many physical channels
one
63
SSH
22
64
FTP
20-21
65
HTTP
80
66
SNMP
161
67
HTTPS
443
68
pieces of malware that require a file to infect a system
Viruses
69
pieces of malware that can exist without infecting a file
Worms
70
pieces of malware disguised as something else, something the user wants or finds useful
Trojan horses
71
specific events occur in code, allowing an attack to be timed against an event
Logic bombs
72
delayed malware designed to occur after a set period of time or on a specific date
Time bombs
73
malware designed to alter the lower-level functions of a system in a manner to escape detection
Rootkits
74
framework that enables attackers to exploit systems (bypass controls) and inject payloads (attack code) into a system.
Metasploit
75
the use of fraudulent e-mails or instant messages that appear to be genuine but are designed to trick users
Phishing
76
The goal of a phishing attack
to obtain from the user information that can be used in an attack, such as login credentials or other critical information.
Images
77
generally occurs when attackers are able to place themselves in the middle of two other hosts that are communicating. Ideally, this is done by ensuring that all communication going to or from the target host is routed through the attacker’s host (which can be accomplished if the attacker can compromise the router for the target host)
Man-in-the-Middle Attacks
78
refer to the process of taking control of an already existing session between a client and a server
TCP/IP Hijacking
79
attack designed to prevent a system or service from functioning normally
Denial-of-Service Attacks
80
example of a DoS attack that takes advantage of the way TCP/IP networks were designed to function, and it can be used to illustrate the basic principles of any DoS attack. SYN flooding uses the TCP three-way handshake that establishes a connection between two systems
SYN flooding
81
it illustrates the other type of attack—one targeted at a specific application or operating system, as opposed to SYN flooding, which targets a protocol
ping of death
82
Ping Of Dead
attacker sends an Internet Control Message Protocol (ICMP) ping packet equal to, or exceeding, 64KB. Certain older systems are not able to handle this size of packet, and the system will hang or crash
83
variation of phishing that uses voice communication technology to obtain the information the attacker is seeking(Calling)
Vishing
84
HTTPS
TCP 443
85
FPTS
```
TCP 990 (control)
TCP 989 (data in active mode)
```
86
HTTP
TCP 80
87
FTP
TCP 20+21
88
general-purpose protocol developed by Netscape for managing the encryption of information being transmitted over the Internet
SSL (Secure Sockets Layer)
89
ActiveX can be used for which of the following purposes
Add functionality to a browser
| B. Update the operating system
90
A small text file used in some HTTP exchanges
cookies
91
robust programming language that acts like a script in Microsoft Internet Explorer browsers to provide a rich programming environment. Some scripts or code elements can be called from the server side, creating the web environment of ASP.NET and PHP
ActiveX
92
pieces of code that can execute within the browser environment
Scripts
93
an attempt to bring the security of shrink-wrapped software to software downloaded from the Internet
Code signing
94
adding a digital signature and a digital certificate to a program file to demonstrate file integrity and authenticity
Code signing
95
scripting language developed by Netscape and designed to be operated within a browser instance
JavaScript
96
enable features such as validation of forms before they are submitted to the server
The primary purpose of JavaScript
97
SPOP3
TCP 995
98
SSMTP
465
99
This plug-in helps the browser maintain an HTTPS connection and warns when it is not present.
HTTPS Everywhere
100
application-level protocol that operates over a wide range of lower-level protocols.
embedded in most operating systems and provides a method of transferring files from a sender to a receiver
FTP
101
system that uses digital signatures and allows Windows users to determine who produced a specific piece of code and whether or not the code has been altered
authenticode
102
characterized by a multi step process in which steps follow each other in a linear, one-way fashion, like water over a waterfall
waterfall
103
characterized by iterative development, where requirements and solutions evolve through an ongoing collaboration between self-organizing cross-functional teams
agile model
104
iterative model designed to enable the construction of increasingly complex versions of a project
evolution model
105
steps in phases that execute in a spiral fashion, repeating at different levels with each revolution of the model
spiral model
106
Threat Modeling Steps
total = 9
107
Define scope. communicate what is in scope and out of scope
step 1
108
enumerate assets. list of all component part of the software being examined
step 2
109
decompose assets. break apart the software into small subsystem
step 3
110
Enumerate threat. list all threats to the software
step 4
111
classify threat
step 5
112
associate threats to assets
step 6
113
score and rank threat. most dangerous to least dangerous
step 7
114
create threat tree. create graphical representation of the required element for an attack vector
step 8
115
score the mitigation effort associated with each attack
step 9
116
Which of the following is not related to a buffer overflow
Canonicalization error
117
Which of the following is not involved with a code injection error
A pointer in the C language
118
Input validation is important to prevent what
Buffer overflow
119
the science of encrypting, or hiding, information—something people have sought to do since they began using language
cryptography
120
the process of analyzing available information in an attempt to return the encrypted message to its original form, required advances in computer technology for complex encryption methods
Cryptanalysis
121
comparing the input plaintext to the output ciphertext to try and determine the key used to encrypt the information
Differential cryptanalysis
122
it uses both plaintext and ciphertext, but it puts the plaintext through a simplified cipher to try and deduce what the key is likely to be in the full version of the cipher.
Linear cryptanalysis
123
defined as a set of every possible key value.
keyspace
124
The Vigenère cipher works as a polyalphabetic substitution cipher
true
125
What makes the one-time pad “perfect” is the size of the key
true
126
step by step recursive computational procedure for solving problem in a finite number of step
algorithm
127
an attacker finds two different messages that hash to the same value
collision attack
128
HASH
SHA
RIPEMD
MD5
129
1 key
symmetric
130
2 keys
asymmetric
131
Vigenere Cipher , Shift/Ceasar cipher
substitution cipher
132
DES, 3DES, AES, CAST, RC, Blowfish, Twofish, IDEA
symmetric
133
3DES, AES
block cipher
134
A5, RC4
steam cipher
135
Steganography
covered
136
good hash function is resistant to what?
collision attack
137
ARP display all
arp -a
138
ARP delete the host
arp -d
139
kali ARP column
arp -en
140
kali ARP no column
arp -an
141
kali gateway router address
netstat -nr
142
show IPv6 in cmd
netsh interface ipv6 show address
143
set IPv6 in cmd
netsh interface ipv6 set address
144
ICMP is also used to convey ___________________________ messages to enable autoconfiguration of IP-enabled device
Neighbor Discovery (ND) and Neighbor Solicitation (NS)
145
display connection and listening port
netstat -nr
146
display TCP
netstat -ny
147
display by protocol
netstat -p proto
148
netstat TPC
-t
149
netstat UDP
-u
150
netstat listening
-l
151
linux mail
helo localhost
mail from:
rcpt to:
data
end with . (perioid)
152
linux read mail
retr 1
153
linux delete mail
dele 1
154
Nmap to perform a ping scan
nmap –sn 192.168.100.*
155
tells Nmap to perform a TCP port scan
nmap –sT 192.168.100.202
156
Nmap to perform a TCP SYN stealth port scan.
nmap –sS 192.168.100.202
157
CVU and CVE
a dictionary of common names (i.e., CVE Identifiers) for publicly known cybersecurity vulnerabilities
158
When penetration testers discover potential vulnerabilities in the network, they may use tools to test whether the vulnerability is actually susceptible to attack. One popular tool is the _______________________, which is used to create code that can exploit vulnerabilities
MFS
159
an open source platform that is purposefully configured to be vulnerable for practicing penetration testing
Mutillidae
160
SQL injection attack
sqlmap
161
inject database
sqlmap -r /tmp/mutil_http --dbs
162
extract database
sqlmap -r /tmp/mutil_http -D owasp10 -tables
163
see credit database
sqlmap -r /tmp/mutil_http -D owasp10 -T credit_cards --dump
164
Most Trojan software has three main components.
Server editor
Server
Client
165
consists of two files—a server and a client. The server file is the program that gets deployed to the target computer. It listens for connections from a client and then executes the commands the client sends. Once it is installed, complete compromise of the data can take place. Keystrokes and screen captures can compromise the confidentiality of the data. An attacker could also create, modify, or delete files
NetBus
166
DarkComet
Remote Administration Tool (RAT)
| use to create trojan
167
lab 6 MITM tool
Ettercap
168
An attacking computer can send out replies that manipulate the target computer’s ARP cache
ARP poisoning
169
freely available program that can be used to exploit the weakness of the ARP protocol
Ettercap
170
hardening OS
1. Install the latest service pack.
2. Apply the latest patches.
3. Disable unnecessary services.
4. Remove unnecessary user accounts and rename the admin/root account.
5. Ensure the use of complex passwords.
6. Restrict permissions on files and access to the registry.
7. Enable logging of critical events.
8. Remove unnecessary programs.
171
Lab 8.1 what kind of encryption
GPG
172
free tool that implements public key encryption. It can be used to protect data both in transmission and in storage. It is available for both the Windows and Linux operating systems
GPG
