Threats, Attacks, and Vulnerabilities 2

Question 1

1. A __________ _________ attack is where an attacker gains the same level of authorization as the administrator.

Answer 1

1. Privilege escalation

Question 2

2. _____________ is wireless authentication that starts off by inserting a password, meaning that you only need to press a button to gain access to the wireless network.

Answer 2

2. WPS

Question 3

3. ___________ ___________ is where an attacker will ring up a help desk and ask them to reset the password for a user account.

Answer 3

3. Active reconnaissance

Question 4

4. A ___________ is where an attacker will ask you to look into the Windows\System32 folder to find an icon, such as a bear. If you find this icon, they will then ask you to delete the bear, as it is a virus. But when you do this, you will, in fact, delete a system file.

Answer 4

4. Hoax

Question 5

5. XSS targets _________, while remote exploits target ______ ______ .

Answer 5

5. Servers, end users

Question 6

6. Digital signatures are susceptible to a ___________ _______, a hash-collision attack.

Answer 6

6. Birthday attack

Question 7

7. A ________ attack is an interception attack where the data is forwarded at a later time and can be prevented by using Kerberos authentication that uses updated sequence numbers and timestamps.

Answer 7

7. Replay

Question 8

8. An auditor discovers that 50 new desktops have not been hardened properly, and puts it down to the fact that __________ ___________ had not been implemented early in the deployment.

Answer 8

8. Security baseline

Question 9

9. __________ and _________ are both used for driver manipulation.

Answer 9

9. Shimming and refactoring

Question 10

10. My airplane was delayed and my free time on the wireless captive portal expired. I can use ________ _______ to bypass the captive portal for another session of free wireless access.

Answer 10

10. MAC spoofing

Question 11

11. A ___‐_____________ vulnerability scan can find only missing patches.

Answer 11

11. Non‐credentialed

Question 12

12. A ____________ vulnerability scan has the ability to audit files and find account vulnerabilities.

Answer 12

12. Credentialed

Question 13

13. A CEO instructs the finance team to urgently send payment to ABC Limited just before he boards an aircraft on a transatlantic flight. This is an example of a social engineering ___________ and a __________ attack.

Answer 13

13. Authority, urgency

Question 14

14. An ______‐__________ vulnerability scan will not cause damage to the computer system.

Answer 14

14. Non‐intrusive

Question 15

15. ______ _______ ___________ is a wireless payment system that only works from close range.

Answer 15

15. Near field communication

Question 16

16. An HVAC system that is no longer supported by the manufacturer is known as _____ of __.

Answer 16

16. End, life

Question 17

17. A ______ ___________ is where a monitoring system tells me that an exploit has been found on the system, but when a manual inspection is done, nothing is found.

Answer 17

17. False positive

Question 18

18. A __________virus accesses a computer system by using a password that has been there since the installation of the application.

Answer 18

18. Backdoor

Question 19

19. ___________ _______________is where an attacker will visit a company’s website and social media websites to collect information about the company.

Answer 19

19. Passive reconnaissance

Question 20

20. A _________ _____ can be used to stop data-processing emissions being intercepted by a third party.

Answer 20

20. Faraday cage

Question 21

21. Changing the _________ _____________ and preventing IoT devices from directly accessing the _________ will help protect home networks from attacks.

Answer 21

21. Default configuration, internet

Question 22

22. When a system has come to the end of its life, the vendor will have a lack of _________ ____________.

Answer 22

22. Vendor support

Question 23

23. ________ ________ threat actors have a level of sophistication and provide advanced persistent threats.

Answer 23

23. Nation State

Question 24

24. ____________ __________ can cause your internet bandwidth to be reduced and your server disk space to decrease.

Answer 24

24. Unauthorized software

Question 25

25. _____ is the most insecure method of wireless security and should never be used, as it can be easily attacked.

Answer 25

25. WEP

Question 26

26. __________ ________ threat actors are motivated by profits and may use blackmail.

Answer 26

26. Organized crime

Question 27

27. ______ ________ ___________ can be sourced from publicly available intelligence sources.

Answer 27

27. Open source intelligence

Question 28

28. ______ ____________ prevents SQL injection, buffer overflow, and integer overflow attacks.

Answer 28

28. Input validation

Question 29

29. A company keeps the keys to all of the offices in the reception area and the workers sign the keys in and out each day. This is known as ____ ______________, and it prevents people from taking the keys home with them.

Answer 29

29. Key management

Question 30

30. The policy of a company is to change the ________ ______________ of any new device that they purchase to ensure that it is more secure.

Answer 30

30. Default configurations

Question 31

31. _____ _______ suites are where the key size is less than 1024 bits, and should be avoided.

Answer 31

31. Weak cipher

Question 32

32. The Stuxnet virus is an example of a ___________ threat as it infected a computer system for about two years before it was discovered.

Answer 32

32. Persistent

Question 33

33. _____‐______ is the strongest form of wireless security.

Answer 33

33. WPA2‐CCMP

Question 34

34. _______ ___________ is what a pen tester will carry out first, based on the information they have.

Answer 34

34. Initial exploitation

Question 35

35. A store had small devices stolen over the last three months. They rolled out _______ to prevent the small devices from leaving the store undetected.

Answer 35

35. RFID

Question 36

36. Using SSL instead of TLS for data in transit could lead to a POODLE attack that is known as a ___________ attack.

Answer 36

36. Downgrade

Question 37

37. To protect data in transit, you should use encryption where plaintext is changed to ___________.

Answer 37

37. Ciphertext

Question 38

38. An attacker will try and log into your control panel to launch a ________
    __________ attack.

Answer 38

38. Domain hijacking

Question 39

39. A ___‐__‐____‐_______ attack is where a previously installed trojan intercepts your online banking transactions without changing the bank’s URL.

Answer 39

39. Man‐in‐the‐browser

Question 40

40. Both smurf attacks and DDoS attacks are known as _________ attacks.

Answer 40

40. Amplification

Question 41

41. _______ ________ password attacks can detect every available combination of characters and can be stopped by using an account lockout or by salting the password using bcrypt or PBKDF2.

Answer 41

41. Brute Force

Question 42

42. _____‐____ ________ ________attack is where a user is logged into a legitimate website and clicks on a link where an embedded program is located. This is also known as a one‐click attack, XRSF, or CSRF.

Answer 42

42. Cross-site reverse forgery

Question 43

43. A __________ attack uses a legitimate website with links—for example, a Like button, a Share button, a free trial, or an Isn’t This Funny? link.

Answer 43

43. Clickjacking

Question 44

44. A ____ ___________ is where two threads access the same data at the same time and either cause the computer to crash or give an illegal operation error.

Answer 44

44. Race condition

Question 45

45. _________ __________ is where an arithmetic calculation exceeds the maximum size an application can accept. It can be mitigated by using input validation.

Answer 45

45. Integer overflow

Question 46

46. _________ prevents duplicate passwords from being stored and slows down brute-force attacks.

Answer 46

46. Salting

Question 47

47. ____________ _______ on your network will not be patched and could be used for pivoting as they become vulnerable.

Answer 47

47. Undocumented assets

Question 48

48. __________ _____ could inadvertently violate security policies and become vulnerable to a cybercrime or phishing attack.

Answer 48

48. Untrained users

Question 49

49. __________ _______ is where proprietary code is tested by a consultant for security flaws.

Answer 49

49. Regression testing

Question 50

50. ______ ______ of failure is where one person, device, or service could cause damage to the company’s systems if it failed.

Answer 50

50. Single point