Vocabulary

Question 1

What are types of Malaware?

Answer 1

Ransomware, Trojans, Adware

Question 2

What is Ransomware?

Answer 2

Ransomware is a type of malware from cryptovirology that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid.

Question 3

Define Trojan

Answer 3

In computing, a Trojan horse, or trojan, is any malware which misleads users of its true intent. The term is derived from the Ancient Greek story of the deceptive Trojan Horse that led to the fall of the city of Troy.

Question 4

Define Adware

Answer 4

Adware, or advertising-supported software, is software that generates revenue for its developer by automatically generating online advertisements in the user interface of the software or on a screen presented to the user during the installation process.

Question 5

What are examples of Social Engineering?

Answer 5

Phishing, Vishing

Question 6

Define Phishing

Answer 6

Phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passwords and credit card details, by disguising oneself as a trustworthy entity in an electronic communication.

Question 7

Examples of Application Attacks

Answer 7

DDOS, Cross Site Scripting, DNS Poisening

Question 8

What is DDOS

Answer 8

In computing, a denial-of-service attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet

Question 9

Define Cross site Scripting

Answer 9

Cross-site scripting is a type of security vulnerability typically found in web applications. XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.

Question 10

What is DNS Poisening

Answer 10

DNS spoofing, also referred to as DNS cache poisoning, is a form of computer security hacking in which corrupt Domain Name System data is introduced into the DNS resolver’s cache, causing the name server to return an incorrect result record, e.g. an IP address

Question 11

Examples of Wireless Attacks

Answer 11

Bluejacking, Evil Twin

Question 12

What is Bluejacking?

Answer 12

Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field to another Bluetooth-enabled device via the OBEX protocol.

Question 13

Define Evil Twin

Answer 13

An evil twin is a fraudulent Wi-Fi access point that appears to be legitimate but is set up to eavesdrop on wireless communications. The evil twin is the wireless LAN equivalent of the phishing scam.

Question 14

Examples of Cryptographic Attacks

Answer 14

Birthday Attacks, Rainbow Tables

Question 15

What are Birthday Attacks?

Answer 15

A birthday attack is a type of cryptographic attack that exploits the mathematics behind the birthday problem in probability theory. This attack can be used to abuse communication between two or more parties.

Question 16

What are Rainbow Tables?

Answer 16

A rainbow table is a precomputed table for caching the output of cryptographic hash functions, usually for cracking password hashes. Tables are usually used in recovering a key derivation function up to a certain length consisting of a limited set of characters.

Question 17

Examples of Threat Actors

Answer 17

Script Kiddies, Hactivists

Question 18

What is a Script Kiddie?

Answer 18

In programming and hacking cultures, a script kiddie, skiddie, skid or haxor is an unskilled individual who uses scripts or programs, such as a web shell, developed by others to attack computer systems and networks and deface websites.

Question 19

What is a Hactivists?

Answer 19

In Internet activism, hacktivism, or hactivism, is the use of computer-based techniques such as hacking as a form of civil disobedience to promote a political agenda or social change.

Question 20

What is Vulnerability Scanning?

Answer 20

A vulnerability scanner is a computer program designed to assess computers, networks or applications for known weaknesses. In plain words, these scanners are used to discover the weaknesses of a given system.

Question 21

Examples of Vulnerability Scanning

Answer 21

ID-ing MisConfigurations, lack o f security controls

Question 22

Vulnerability Types?

Answer 22

Improper Input Handling, Improper Error Handling

Question 23

What is considered Improper Input Handling?

Answer 23

Improper Input Handling is the term used to describe functions such as validation, sanitization, filtering, or encoding and/or decoding of input data. Improper Input Handling is a leading cause of critical vulnerabilities that exist in today’s systems and applications.

Question 24

What is considered Improper Error Handling

Answer 24

Improper error handling results when security mechanisms fail to deny access until it’s specifically granted. This may occur as a result of a mismatch in policy and coding practice. It may also result from code that lacks appropriate error handling logic. For example, a system may grant access until it’s denied.

Question 25

What is a Rootkit?

Answer 25

A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed and often masks its existence or the existence of other software. The term rootkit is a compound from “root” and the word “kit”.

Question 26

What is a APT attack?

Answer 26

An advanced persistent threat is a stealthy threat actor, typically a nation state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period.

Question 27

Define Kill Chain?

Answer 27

The term kill chain was originally used as a military concept related to the structure of an attack; consisting of target identification, force dispatch to target, decision and order to attack the target, and finally the destruction of the target.

Question 28

Define Reconnaissance

Answer 28

Cyber Reconnaissance can be defined as the tracking, analysing, and countering of digital and cyber security threats. This type of cyber reconnaissance or cyber intelligence is a mixture if physical espionage and defense with modern information technology.

Question 29

What are some various external threat actors?

Answer 29

The Lone Hacker (Black Hat / Script kiddies), Organized Cyber Crime, Nation State / Advanced Persistent Threat (APT), Hacktivists, Competitor

Question 30

What are some various internal threat actors?

Answer 30

Inside threats are affiliated with the organization: staff, partners, stakeholders, etc.Motivations include: sabotage, revenge, financial or business gains.
nside actors are more likely to bypass technical controls, meaning strong operational and management controls are needed to mitigate threats, such as:
– Comprehensive on and off-boarding
– Mandatory vacations
– User awareness / training
– Principle of least privilege

Question 31

Which of the following threat actors or threat actor groups is most likely to have the best funding to hire and sustain a group of hackers?

Answer 31

NATION STATES
Organized crime
Script kiddies
Hacktivist groups

Question 32

What are nation states?

Answer 32

Nation states have tax revenues, backing from large companies, and/or wealthy benefactors who fund malicious activities.
Well-funded, organized crime does not have the resources of an entire
nation behind them.
Script kiddies do not have any funding because they are typically young
and inexperienced and do not qualify for any backing.
Hacktivist groups might have minor funding from opposing viewpoint factions but the funding is not significant nor comparable to nation states.

Question 33

Of the several types of threat actors, which one
is a novice with little experience as a hacker?
Insider
Script kiddie
Competitor
Hacktivist groups

Answer 33

Script kiddie

Question 34

Which threat actor is most likely to be highly skilled in launching attacks involving advanced persistent threats (APTs) against targets?
Script kiddie
Nation state
Insider
Organized crime

Answer 34

Nation state

Extended Explanation
A nation state has the most sophisticated and highly skilled hackers available for launching APTs.
A script kiddies is not highly skilled nor capable of launching APTs
against targets.
An insider can be highly skilled but does not use APTs because it would give away their positions and intent.
Organized crime rings are highly skilled but they do not launch APTs against a target.

Question 35

A group known as “Takedown” hacked into your political action committee website and defaced it. Which type of threat actor is most likely responsible for the attack?
Hacktivist
Script kiddie
Competitor
Insider

Answer 35

Hacktivist

“Takedown” is a hacktivist group. Its motivations seem political and it is interested in defacing websites of those who have opposing viewpoints from their own.
Script kiddies typically do not deface websites, but instead use scripts and applications to break into systems or applications with known vulnerabilities.
Although a malicious insider might have the ability to deface the site, it’s unlikely they would do so. Insiders usually exfiltrate data rather than deface sites.
It’s unlikely that a competitor would deface the site. They’d more likely look for a list of donors or other sensitive information

Question 36

What aspect of cybercrime often motivates script kiddies to hack into systems or into a company?
Confidential company information
Financial motivation and ability to sell information
Collaboration with government and other agencies
Bragging rights, publicity, or other form of notoriety

Answer 36

Bragging rights, publicity, or other form of notoriety

Extended Explanation
Script kiddies generally only want to be able to tell their friends that they have hacked some company or hear their names on the news.
Script kiddies are not generally profit seekers because they do not have
the resources for acquisition or the sale of these items.
Script kiddies are not involved with government entities or agencies and therefore do not seek this type of information or activity.
Private or secret information motivates insiders to become threats.
Script kiddies do not gain profits by having access to private or
secret information.

Question 37

Which of the following motivates a hacktivist
to perpetrate a website defacing or an
informational breach?

Answer 37

Reputational damage to the target

Extended Explanation
Hacktivists are interested in damaging or exposing their ideological opposites but not generally for monetary gain or other accolades.
Hacktivists are primarily concerned with damaging the reputations of
their targets.
Hacktivists have no interest in military tactics or political upheaval.
Their interest is purely ideological.
A boost in recognition is only important to script kiddies who want to
show off to friends or rival script kiddie groups.

Question 38

What is a virus?

Answer 38

A virus is a program that copies itself onto another computer systems.
When the user runs the infected application, the virus also runs and copies itself onto other applications on the system as well.

Question 39

Viruses can cause what

Answer 39

Slowing down the host
by using up a computer’s resources, such as
CPU and RAM.

Denial of Service Attacks (DoS):
Shutting down the host
by using up all of its resources or destroying
essential files

Ransomware:
“Scrambling” data on
the host so that users can’t read it, and demanding money to “unscramble” it.

Question 40

What is a vulnerability

Answer 40

An aspect of a business that can be exploited to compromise a systems CIA.

Question 41

What is a threat

Answer 41

An actor that might exploit a vulnerability

Question 42

Define Risk

Answer 42

The possibility of losing something valueable

Question 43

What is risk analysis

Answer 43

Understanding what risks face an organization, which are most severe, and which are most likely.

Question 44

What is risk management

Answer 44

Using the results of risk analysis to create a plan for preventing likely risks.

Question 45

What is threat modeling

Answer 45

Determining which attacks an organization is most likely to experience, who is most likely to launch them, and what actions can be done to prevent them.

Question 46

What is PASTA

Answer 46

PASTA: Process for Attack Simulation & Threat Analysis

PASTA focuses on aligning considerations of business objectives with technical requirements.

Question 47

What is STRIDE

Answer 47

STRIDE: Spoofing, Tampering, Repudiation, Information Disclosure, DoS (Denial of Service), Elevation of Privilege

STRIDE focuses on identifying what can fail in the system being modeled.

Question 48

What is OWASP

Answer 48

OWASP: Open Web Application Security Project
OWASP focuses on identifying possible threats, prioritizing risks, and planning mitigation strategies. It is mainly used with web and desktop applications.

Question 49

What are the Six steps to OWASP

Answer 49

Determine assessment scope
Identify threat agents
Identify potential attacks
Identify exploitable vulnerabilities
Prioritize identified risks
Mitigate Risks

Question 50

How do you determine the scope? (OWASP)

Answer 50

List the assets under consideration, determine their value, and define objectives for your threat modeling assessment.

Question 51

How do you determine threat agents? (OWASP)

Answer 51

Determine which attackers would be interested in the relevant assets.

Question 52

How do you identify potential attacks? (OWASP)

Answer 52

Identify the attacks each agent is likely to perform.

Question 53

How do you identify exploitable vulnerabilities? (OWASP)

Answer 53

Identify the most vulnerable points in a system, how the agent will deliver the attack, and where an attack is most likely to occur.

Question 54

What is Qualitative Analysis?

Answer 54

Evaluating risk based on intangible, unmeasurable factors.
Used when analysis leads to decisions without the need of cost-benefit analysis.Used when a complex evaluation of cost vs. benefit is unnecessary.

Question 55

What is Quantitative Analysis?

Answer 55

Evaluating each risk based on its measured likelihood and impact.
Likelihood: The probability an event will take place.
Impact: The measure of damage done if a risk takes place.

Question 56

What is exposure factor?

Answer 56

how much of an asset will be affected in the event of a breach.

Question 57

Define asset value

Answer 57

how much money an asset is worth in currency.

Question 58

WHat is SLE?

Answer 58

Single Loss Expectancy-Estimated cost of the risk occurring on a given asset.
SLE = AVE x EF

Question 59

What is AV?

Answer 59

AV = Asset Value

Question 60

What is EF?

Answer 60

EF = Exposure Factor

Question 61

What is ARO?

Answer 61

Annual Rate of Occurrence.

Estimated number of times the risk is likely to occur in a given year.

Question 62

What is ALE?

Answer 62

Annual Loss of Expectancy

ALE = SLE x ARO

Question 63

Define Governance

Answer 63

Codifying and enforcing proper behavior and operations. That is, establishing standards of “right” and “wrong,” and enforcing those standards.

Question 64

Define compliance

Answer 64

Enforcing the policies in order to meet those standards.

Question 65

What is Governance Framework?

Answer 65

defines the policies an organization must have in place.
Governance frameworks must comply with these frameworks in order to remain compliant with federal regulations and industry standards.

Question 66

What is GDPR

Answer 66

European Union Standard

Question 67

What is PCI

Answer 67

Card Processing standard

Question 68

What is Rule 30 of Regulation S-P (Safeguard Rule)

Answer 68

Mandated organizations to establish written policies and procedures designed to protect pi

Question 69

What is GDPR?

Answer 69

General Data Protection Regulation -protects the private data of all citizens of the EU and EEA

Question 70

What is the EU

Answer 70

European Union

Question 71

What is the EEA

Answer 71

European Economic Area

Question 72

What is HIPPA

Answer 72

Health Insurance Portability Accountability Act -mandates protection of medical information

Question 73

What is PCI DSS

Answer 73

Payment Card Industry Data Security Standard -requires that companies handling credit card transactions do so securely

Question 74

What is National Provider Identifier Standard:

Answer 74

Requires all healthcare entities (people, healthcare providers, health plans, and employers) to have an ID, called the National Provider Identifier (NID).

Question 75

Transactions and Code Set Standard:

Answer 75

Standardizes health insurance claims

Question 76

Define Incremental Backup

Answer 76

ncremental backups are completed after a full backup is performed on a system, only capturing what has changed since the last incremental backup.

Question 77

What is BCP and DR

Answer 77

Business Continuity Planning and Disaster Relief