Week 1

Question 1

CIA

Answer 1

Conformation, Integrity, and Availability

Question 2

Integrity

Answer 2

Keeping data accurate and untampered with

Question 3

Confidentiality

Answer 3

Keep data hidden. Only need to know basis for files.

Question 4

Availability

Answer 4

The information we have is readily accessible to those people that should have it

Question 5

Risk

Answer 5

The possibility of suffering a loss in the event of an attack on the system

Question 6

Vulnerability

Answer 6

A flaw in the system that could be exploited to compromise the system

Question 7

0-day vulnerability (zero day)

Answer 7

A vulnerability that is not known to the software developer or vendor, but is known to an attacker

Question 8

Exploit

Answer 8

Software that is used to take advantage of a security bug or vulnerability

Question 9

Threat

Answer 9

The possibility of danger that could exploit a vulnerability

Question 10

Hacker

Answer 10

Someone who attempts to break into or exploit a system

Question 11

Attack

Answer 11

An actual attempt at causing harm to a system

Question 12

Black hat hacker

Answer 12

Someone who exploits an vulnerability in a system for malicious purposes

Question 13

White hat hacker

Answer 13

Someone who exploits an vulnerability in a system to alert the devs so they can fix it before someone tries to exploit it.

Question 14

Malware

Answer 14

A type of malicious software that can be used to obtain your sensitive information, or delete or modify files

Question 15

Common types of malware

Answer 15

Viruses, worms, adware, spyware, Trojans, root kids, backdoors, botnets

Question 16

Adware

Answer 16

Software that displays advertisements and collects data

Question 17

Trojan

Answer 17

Malware that disguises itself as one thing but does something else

Question 18

Spyware

Answer 18

Malware meant to spy on you

Question 19

Keylogger

Answer 19

Common type of spy ware that’s used to record every keystroke you make

Question 20

Ransomware

Answer 20

Type of attack that holds your data or system hostage until you pay some sort of ransom

Question 21

Botnets

Answer 21

Designed to utilize the power of the internet connected machines to perform some distributed function

Question 22

Backdoor

Answer 22

A way to get into a system if the other methods to get into the system aren’t allowed

Question 23

Rootkit

Answer 23

A collection of software or tools that an Admin would use

Question 24

Logic bomb

Answer 24

Type of malware that’s intentionally installed

Question 25

DNS Cache Poisoning attack

Answer 25

Tricks a DNS server into accepting a fake DNS record that will point you to a compromised DNS server. Then it feeds you take DNS addresses when you try to access legitimate websites

It can spread to other networks

Question 26

Man in the middle attack

Answer 26

An attack that places the attacker in the middle of two hosts that think they’re communicating directly with each other

Question 27

Rogue AP

Answer 27

An access point that is installed on the network without the network administrator’s knowledge

A type of man in the middle attack

Question 28

Denial of Service (DoS) attack

Answer 28

An attack that tries to prevent access to a service for legitimate users by overwhelming the network or server

Question 29

Ping of death (POD)

Answer 29

A type of DoS attack where a malformed ping is sent to a computer. The ping is larger than what the internet protocol was made to handle, so a buffer overflow occurs, and this causes the system to crash and potentially allow the execution of malicious code

Question 30

Ping flood

Answer 30

Sends ICMP echo requests to a computer till it’s overwhelmed and taken down

Question 31

Distributed denial of service attack (DDoS)

Answer 31

A DoS attack using multiple systems

Question 32

Cross site scripting (XSS) attacks

Answer 32

A type of injection attack where the attacker can insert malicious code and target the user or the service

Question 33

Password attack

Answer 33

Utilize software like password-crackers that try and guess your password

Question 34

Social engineering

Answer 34

Am attack method that relies heavily on interactions with humans instead of computers

Question 35

Spoofing

Answer 35

A source is !masquerading around as something else

Question 36

Tailgating

Answer 36

Gaining access into a restricted area or building by following a real employee in