Vulnerabilities

Question 1

What is a threat?

Answer 1

A circumstance that has the potential to cause harm

Question 2

What is an exploit?

Answer 2

An activity that takes advantage of a vulnerability.

Question 3

What is malware?

Answer 3

Malicious software that encodes and exploit

Question 4

What is an attack?

Answer 4

A vector - mechanism or entry route for an exploit

Question 5

Why are international standards applied to systems?

Answer 5

Used to prove that risks have been accounted for and attempts to mitigate them have been made

COVER YOUR ASS

Question 6

What factors are taken into account in risk analysis?

Answer 6

Subject: Person or process
Object: The what, data, file, process
Mode: Way of access/exploiting
Policy: The how who/what/how and possibly when

Question 7

What forms can threats come in?

Answer 7

Malicious or non-malicious
Huiman or bot
Directed or random

Question 8

What are the four kinds of threats?

Answer 8

Interception
Interruption
Fabrication
Modification

Question 9

How can threats be reduced?

Answer 9

Multi-level authentication
Principle of least privilege
Fail securely
Use of security policies
Adherence of standards
Continuous risk assessment

Question 10

What is a virus?

Answer 10

Program that infects other programs or files, often also has a replication mechanism

Contains payload which can make changes to the user’s system, create backdoors or leak data

Question 11

What is a trojan virus?

Answer 11

Virus that poses as a legitimate application but is indeed a virus

Question 12

what is a logic bomb?

Answer 12

Virus that waits for a trigger, such as opening a file, at which point it violates a security policy

Question 13

What is a worm virus?

Answer 13

Virus that replicates and spread through a network

Question 14

What is a rabbit virus?

Answer 14

A virus that multiplies rapidly to fill up system resources ie IP tables, Ports

Question 15

What is a botnet?

Answer 15

A network in which a virus has allowed for a large number of connected devices to be controlled.

Question 16

What was the code red virus?

Answer 16

2001, exploited buffer overflow on IIS web servers to DoS the white house and create a backdoor

Question 17

What was the mydoom virus?

Answer 17

Affected 250,000 systems in a day

Files attached to infected messages which, once opened, created a TCP connection and caused a DDoS.

Question 18

What was the storm virus?

Answer 18

2007, spread by using headlines of articles. Created a backdoor and a P2P botnet that shared list of hosts.

Question 19

What is a boot sector infector?

Answer 19

Loads programs on boot by changing the config of a bootloader

Question 20

What is an executable infector?

Answer 20

Virus code inserted into a program that is executed propr to the execution of the actual code

Question 21

What is a TSR virus?

Answer 21

Stay in memory after the application has been exited. These can execute at random times and interfere with signal interrupts

Question 22

What is adware?

Answer 22

Advertisement virus that causes popups, and sometimes come with keyloggers and spyware

Question 23

What is spyware?

Answer 23

Monitor keystrokes and internet usage, privacy-invasive.

Question 24

What is spam?

Answer 24

Unsolicited and unprecedented amount of Email, IM and other post methods of communication

Question 25

What was the Marai botnet and how was it used?

Answer 25

Marai botnet infected IoT devices and used them to create point-to-point connections between the devices and the DYN systems.

Largest ever DOS attack on the Dyn servers that host a large amount of the world’s traffic.

Height of attack seen traffic of 620Gbps to the servers.

Question 26

What was the wannacry virus?

Answer 26

Exploit that took advantage of old windows installations. Encrypted the filetable and demanded payment for the decryption of the files and file table.

Massively impacted NHS trusts.

Spread ended when another hacker registered a domain that was used as a killswitch by the virus once calls could be made to it.