Threats and Vulnerabilities

Question 1

what is information security?

Answer 1

protects data and information from unathorized access.

Question 2

what is information system security?

Answer 2

protects the systems that hold and process critical data.

Question 3

what is CVE?

Answer 3

common vulnerabilites and exposures. a list of publicly disclosed computer security weaknesses.

Question 4

what is an exploit?

Answer 4

software code that takes advantage of a security flaw or vulnerability.

Question 5

what is the CIA triad?

Answer 5

confidentiality, integrity and availabilty

Question 6

what does confidentiality relate to?

Answer 6

encryption

Question 7

what does integrity relate to?

Answer 7

hashing

Question 8

what does availabilty relate to?

Answer 8

redundancy

Question 9

what is a non compliant system?

Answer 9

system that is not on the baseline of what is approved by the organization

Question 10

what is an unpatched system?

Answer 10

system without patches and updates

Question 11

what is an unprotected system?

Answer 11

system not protected by any anti virus or firewall

Question 12

what is End of Life (EOL)?

Answer 12

OS manufacturer stops providing security patches for any vulnerabilities.

Question 13

what is a Zero Day Vulnerability?

Answer 13

vulnerability that is discovered or exploited before the vendor can issue a patch to fix it.

Question 14

what is a Denial of Service (DoS) attack?

Answer 14

used to describe an attack that attempts to make a computer or servers resources unavailable.

Question 15

what is a Flood Attack?

Answer 15

specialized type of DoS that attempts to send more packets to a server or host

Question 16

what is a Ping Flood?

Answer 16

happens when too many pings (ICMP echo) are being sent.

Question 16

what is a SYN flood?

Answer 16

attacker initiates multiple TCP sessions but never completes the three way handshake.

Question 17

what is a permanent denial of service attack?

Answer 17

attack that exploits a security flaw to permanently break a networking device by reflashing its firmware

Question 18

what is a Fork Bomb?

Answer 18

attack that creates a large number of processes to use up the available processing power of a computer.

Question 19

what is a distributed denial of service attack?

Answer 19

uses lots of machines to attack a server to create a DoS.

Question 20

what is DNS amplification attack?

Answer 20

allows an attacker to send packets to flood the victims website to initiate DNS requests.

Question 21

what is blackholing/sinkholing?

Answer 21

identifies attacking IP addresses and routes them to a non existent server through a null interface.

Question 22

what is spoofing?

Answer 22

occurs when an attacker masquerades as another person by falsifying their identity.

Question 23

what is IP spoofing?

Answer 23

modifies the source address of an IP packet to hide the identity of the sender or impersenate another client

Question 24

what is MAC spoofing?

Answer 24

changing the MAC address to pretend the use of a different network interface card or device

Question 25

what is ARP spoofing?

Answer 25

sending falsified ARP messages over a local area network.

Question 26

what is an on path attack?

Answer 26

occurs when an attacker puts themself between the victim and the intended destination

Question 27

what is a replay?

Answer 27

occurs when valid data is captured by the attacker and then repeated immediately, or delayed and then repeated.

Question 28

what is a relay?

Answer 28

occurs when the attacker inserts themself inbetween the two hosts.

Question 28

what is SSL stripping?

Answer 28

occurs when an attacker tricks the encryption application into presenting the user with an HTTP connection instead of an HTTPS connection.

Question 29

what is a downgrade attack?

Answer 29

occurs when an attacker attempts to have a server or client abandon a higher security mode in favor of a lower mode.

Question 30

what is an SQL injection?

Answer 30

attack consisting of the insertion or injection of an SQL query via input data from the client to a web application.

Question 31

what is an injection attack?

Answer 31

insertion of additional information or code through data input from a client to an application.

Question 32

how can you prevent an SQL injection?

Answer 32

input validation

Question 33

what is cross site scripting (xss)?

Answer 33

occurs when an attacker embeds malicious scripting commands on a trusted website.

Question 34

what are the three types of XSS attacks?

Answer 34

stored/persistent, reflected and DOM based

Question 35

what is a stored/persistent XSS attack?

Answer 35

attempts to get data provided by the attacker to be saved on the web server by the victim.

Question 36

what is a reflected XSS attack?

Answer 36

attempts to have a non persistent effect activated by a victim clicking a link on the site.

Question 37

what is a DOM based attack?

Answer 37

attempt to exploit the victims web browser

Question 38

how can you prevent XSS?

Answer 38

with output encoding and proper input validation.

Question 39

what is cross site request forgery? (XSRF/CSRF)

Answer 39

occurs when an attacker forces a user to to execute actions on a web server for which they are already authenticated

Question 40

how can programmers prevent XSRF?

Answer 40

with tokens, encryption, XML file scanning and cookie verification.

Question 41

what is the password analysis tool?

Answer 41

used to test the strength of passwords to ensure password policies are being followed.

Question 42

what is a password cracker?

Answer 42

uses comparative analysis to break passwords and systemically continues guessing until the password is determined.

Question 43

what are the two most known password crackers?

Answer 43

Cain and Abel and John the Ripper

Question 44

what is a dictionary attack?

Answer 44

method where a program attempts to guess the password by using a list of possible passwords.

Question 45

what is a brute force attack?

Answer 45

method where a program attempts to try every possible combination until it cracks the password.

Question 46

what is a cryptonaylsis attack?

Answer 46

comparing a precomputed encrypted password to a value in a lookup table.