Week 6 - Cyber Security/Ethical Hacking

Question 1

What is an Asset, Vulnerability and Threat?

Answer 1

Asset
- Anything that has value to the organisation and needs protection

Vulnerability
- a weakness of an asset or group of assets that may be exploited

Threat

• Cause of harm
• Can be intentional, accidental or environmental (power cut)

Question 2

Types of hackers

Answer 2

White Hat
- Ethical or pen testers etc

Black Hat
- Personal gain

Grey Hat
- Look for vulnerabilities without permission. Will report to owner sometimes for small fee. If not responded to then they may post the exploit online

Question 3

Give two models of Info Sec

Answer 3

CIA - Overall security

CAIN - Important for transport

Question 4

Define confidentiality

Answer 4

Confidentiality is the need to ensure that information is disclosed only to those authorised to see it (SANS)

Question 5

What makes privacy different from confidentiality?

Answer 5

Privacy refers to an individual’s desire to control who has access to his/her data

Confidentiality refers to the maintenance of a company agreement with the customer about how the customer’s identifiable data will be handled

Question 6

Define profiling

Answer 6

The process of constructing user profiles generated by computer data analysis.

Uses techniques to allow the discovery of patterns in large data

Question 7

Give threats to confidentiality

Answer 7

• Hackers
• SHoulder surfing
• Not disposing documents properly
• Malicious code
• Unauthorised activity
• Improper access control

Question 8

Define data integrity

Answer 8

Guarding against improper modification and includes ensuring data repudiation and authenticity

Question 9

Give some controls to protect data integrity

Answer 9

• Digital signatures
• File integrity verifier utilities
• Security trainign

Question 10

How can you ensure availability?

Answer 10

• Maintenance
• Backups
• Redundancy
• Cloud Computing

Question 11

Define DDOS in the context of security

Answer 11

Distributed Denial of Service is a distributed version of a Denial of Service attack.

The aim is to make a service unavailable to its legitimate users.

See the Team Lizard gaming console christmas attacks in 2014

Question 12

Give types of flooding attacks

Answer 12

1. ICMP flood - ICMP packets
2. UDP Flood
3. TCP SYN flood (connection requests)

Question 13

What is a smurf attack

Answer 13

A way of generating a lot of traffic:

• Sends a large amount of ping traffic with spoofed source IPs.
• If the routing device delivering traffic to those addresses delivers the IP broadcast to all hosts, most hosts on that net will take the ICMP echo request and reply to it, multiplying the traffic by the num of hosts responding

Question 14

Virus vs Worm vs Trojan Horse

Answer 14

Virus is a program that attaches itself to files and replicates

Worms are independent and can spread without the help of other programs.

Trojan horses are programs that look legit but contain malicious code.

Question 15

How to defend against DDOS pre attack?

Answer 15

• Enforce policy for resource consumption
• Provide backup resource on demand
• Turn off all unnecessary services of the web server

Question 16

How to defend against DDOS during attack?

Answer 16

Try to detect the attack at the beginning by looking for suspicious patterns of behaviour

Question 17

How to defend against DDOS post attack?

Answer 17

Identify the source and prevent future attacks from it

Question 18

What is a network scanner?

Answer 18

Network scanners check for vulnerabilities on your own system but can also check from outside the system.

Can therefore be used maliciously

Question 19

What is code injection?

Answer 19

Code injection is where hackers exploit vulnerable web code to run commands.

EG SQL injection is most frequent, or PHP injection where there is user input

Question 20

Give some of the acts that relate to hacking

Answer 20

COmputer Misuse Act 1990
Police and Justice Act 2006
Serious Crime Act 2015
EU Directive 2013/40/EU
Terrorism Act 2000
Telecoms Regulations 2000
GDPR 2018

Question 21

What are the offences in the computer misuse act 1990?

Answer 21

• Unauthorised access to computer material
• Unauthorised access with intent to commit or facilitate further offences
• Unauthorised acts with intent to impair, or with recklessness as to impairing, operation of a computer

Question 22

Give the penalty for unauthorised access only

Answer 22

Up to six months in prison and/or an up to £5k fine

Question 23

Give the penalty for unauthorised access with intent to commit a further crime or modification of data

Answer 23

Up to 5 year prison and/or unlimited fine

Question 24

Give the penalty for making, supplying or obtaining anything which can be used for computer misuse offences

Answer 24

Up to 10 year prison sentence and/or an unlimited fine

Question 25

According to the NCSC, define penetration testing?

Answer 25

“penetration testing is a method for gaining assurance in the security of an
IT system by attempting to breach some or all of that system’s security,
using the same tools and techniques as an adversary might.”

Question 26

What is threat modelling?

Answer 26

The process of thinking about how an adversary would attack a system based upon techniques of different threat actors

Question 27

Give potential threat actors

Answer 27

Cyber Criminals
State attackers
Insiders
Hacktivists

Question 28

Whitebox vs Blackbox testing

Answer 28

White Box Testing
- Full information about the target is shared. Reaffirms confidence in internal threat management

Black Box Testing
- No information is shared with the testers and emulates a hacker’s perspective on the system

Question 29

Give the steps of pen testing

Answer 29

Reconnaissance
Scanning
Gaining Access
Maintaining Access
Covering tracks

Question 30

Define reconnaissance

Answer 30

Information Gathering

Question 31

What is the scanning step?

Answer 31

Actively probing a system to find what is attackable.

eg entry points

Goal: Obtain a network map and find vulnerabilities

Question 32

Give the advantages of a firewall

Answer 32

• defines a single access point, easy to control
• protection from network scanners
• used to implement virtual private networks

Question 33

What is an IDS?

Answer 33

Intrusion Detection System

Software that scans the computer as it runs, alerting of any signs of break in or suspicious activity