1.0 Attacks, Threats, and Vulnerabilities

Question 1

Social engineering with a touch of spoofing

Answer 1

Phishing

Question 2

A type of URL hijacking where attackers register intentionally misspelled domain names similar to popular domain names

Answer 2

Typosquatting

Question 3

Lying to get information. Adding a disclaimer or information text to the emails received from external domains

Answer 3

Pretexting

Question 4

Social engineering attack that targets individuals in an organization

Answer 4

Spear Phishing

Question 5

Social engineering attack that targets high-profiled individuals in an organization

Answer 5

Whaling

Question 6

Redirect a legit website to a bogus site

Answer 6

Pharming

Question 7

Voice phishing

Answer 7

Vishing

Question 8

SMS phishing

Answer 8

Smishing

Question 9

Gather information about the victim before phishing

Answer 9

Reconnaissance

Question 10

Attacker pretends to be someone they are not

Answer 10

Impersonation

Question 11

A threat that does not actually exist

Answer 11

Computer hoaxes

Question 12

Infect third-party site that is visited

Answer 12

Watering Hole Attack

Question 13

Having a layered defense

Answer 13

Defense-in-Depth

Question 14

Unsolicited messages

Answer 14

Spam

Question 15

Spam over Instant Messaging

Answer 15

SPIM

Question 16

Intentionally slow down the server conversation

Answer 16

Tarpitting

Question 17

Attacker collects login credentials

Answer 17

Credential Harvesting

Question 18

What are these a principle of?
1. Authority
2. Intimidation
3. Consensus/Social Proof
4. Scarcity
5. Urgency
6. Familiarity/Liking
7. Trust

Answer 18

Social Engineering Principles

Question 19

Malicious software

Answer 19

Malware

Question 20

Malware that can reproduce itself but needs you to execute a program

Answer 20

Virus

Question 21

Virus that is part of the application

Answer 21

Program Virus

Question 22

Virus that infects the boot sector

Answer 22

Boot Sector Virus

Question 23

Virus that is OS and browser-based

Answer 23

Script Virus

Question 24

Virus that is common in Microsoft Office

Answer 24

Macros Virus

Question 25

Virus that operates in memory inside RAM but is never installed in a file or application

Answer 25

Fileless Virus

Question 26

Malware that self-replicates

Answer 26

Worm

Question 27

Personal Identifiable Information

Answer 27

PII

Question 28

Attacker wants your money

Answer 28

Ransomware

Question 29

Malware encrypts your data files

Answer 29

Crypto-malware

Question 30

Software that pretends to be something else

Answer 30

Trojan Horse

Question 31

Undesirable software

Answer 31

PUP (Potentially Unwanted Program)

Question 32

Malware that has a backdoor

Answer 32

RAT (Remote Access Trojan)

Question 33

Modifies core system files and is part of the kernel which is invisible to the OS

Answer 33

Rootkits

Question 34

Software that displays online advertisement to users

Answer 34

Adware

Question 35

Malicious software that secretly collects and sends information about a person or organization to a third party

Answer 35

Spyware

Question 36

Group of bots (malware-infected computers) working together and controlled by a single attacking party

Answer 36

Botnets

Question 37

Malicious attack that makes online service, network resource, or host machine unavailable

Answer 37

DDoS (Distributed Denial of Service)

Question 38

Malicious piece of code that is secretly inserted into a computer network, operating system, or software application and lies dormant until a specific condition occurs

Answer 38

Logic Bomb

Question 39

Tries common passwords on multiple accounts a few times so that there are no lockouts, no alarms, and no alerts

Answer 39

Spraying Attack

Question 40

Try every possible password until the hash is matched

Answer 40

Brute Force

Question 41

Use dictionary to find common words and can substitute letters for numbers

Answer 41

Dictionary Attack

Question 42

Optimzed, pre-built set of hashes

Answer 42

Rainbow Tables

Question 43

Extra random data

Answer 43

Salt

Question 44

Doesn’t need extra rights or permissions. Like a keyboard or a mouse

Answer 44

HID (Human Interface Device)

Question 45

Stealing credit card info usually during a normal transaction

Answer 45

Skimming

Question 46

Compuers that identify patterns in data and improve their predictions with training data

Answer 46

Machine Learning

Question 47

Hash collision attack

Answer 47

Birthday Attack

Question 48

form of hashing that had many hash collisions

Answer 48

MD5 (Message Digest Algorithm 5)

Question 49

gain higher-level access to a system

Answer 49

TLS (Transport Layer Security)

Question 50

encrypted link between web server and web browser

Answer 50

SSL (Secure Sockets Layer)

Question 51

Gain higher level access

Answer 51

Privilege Escalation

Question 52

Only data in executable areas can run

Answer 52

Data Execution Prevention

Question 53

Takes advantage of trust a user has for a site

Answer 53

XSS (Cross-site Scripting)

Question 54

web site allows scripts to run in user input

Answer 54

Non-persistent (reflected) XSS Attack

Question 55

attacker posts a message to a social network, no specific target

Answer 55

Persistent (stored) XSS Attack

Question 56

modifying SQL (Structured Query Language) requests

Answer 56

SQL Injection

Question 57

Adding your own information to a data stream

Answer 57

Code Injection

Question 58

Modifying XML (Extensible Markup Language) requests

Answer 58

XML Injection

Question 59

Dynamic-Link library have an application run a program

Answer 59

DLL Injection (Dynamic-Link Library)

Question 60

Overwriting a buffer of memory

Answer 60

Buffer Overflows

Question 61

Attacker uses information gathered over network to to either delay or repeat it

Answer 61

Replay Attack

Question 62

Technique where attacker captures hash of a user and sends his own authentication request with captured credentials to access the same network

Answer 62

Pass the Hash Attack

Question 63

Code injection technique used to exploit web applications which could reveal sensitive user information or modify information, manipulates application results

Answer 63

LDAP Injection (Lightweight Directory Access Protocol)

Question 64

a piece of data from a website that is stored within a web browser that the website can retrieve at a later time

Answer 64

cookies

Question 65

Attacker intercepts the session ID and uses it to access the server with the victim’s credentials, doesn’t require username/password

Answer 65

Sidejacking (Session hijacking)

Question 66

An attack that attempts to have users unknowingly execute actions on a web application for which they are currently authenticated. One-click attack, session riding that takes advantage of trust that a web application has for an authenticated user

1. Cookie-based session handling.
2. No unpredictable request parameters
3. The user clicks the malicious URL.
4. The user must be logged in to the vulnerable web application.

Answer 66

XSRF, CSRF (Cross-site request forgery)

Question 67

Attacker finds vulnerable web applications and sends requests to a web server which performs the request on behalf of the attacker
1. Attacker sends a request that controls a web application
2. Web server sends request to another service (ex cloud file storage)
3. Cloud storage sends response to web server
4. Web server forwards response to attacker

Answer 67

SSRF (Server-side request forgery)

Question 68

Filling in the spaces between two objects, a middleman, Windows has its own shim to backwards compatibility with previous windows versions

Answer 68

Shimming

Question 69

metamorphic malware. A different program each time it’s downloaded. difficult to match with signature-based detection

Answer 69

refactoring

Answer 70

SSL Stripping/HTTP downgrade

Question 71

Time of check time of use

Answer 71

TOCTOU

Answer 72

memory leak

Answer 73

NULL Pointer dereference

Answer 74

Integer Overflow

Answer 75

Directory Traversal

Answer 76

API Attacks

Answer 77

Resource Exhaustion

Answer 78

ZIP bomb

Answer 79

DHCP Starvation

Answer 80

Rogue Access Points

Answer 81

Wireless Evil Twins

Answer 82

Bluejacking

Answer 83

Bluesnarfing

Answer 84

Wireless Disassociation

Answer 85

RFID Atacks

Answer 86

nonce

Answer 87

NFC

Answer 88

Initiazlization Vectors

Answer 89

On-path Network attack

Answer 90

ARP Poisioning

Answer 91

On-path browser attack

Answer 92

STP

Answer 93

MAC Flooding

Answer 94

MAC Cloning

Answer 95

DNS Poisoning

Answer 96

Domain Hijacking

Answer 97

DDOS

Answer 98

DDOS Amplification

Answer 99

Applicaiton DOS

Answer 100

OT DOS

Answer 101

Powershell

Answer 102

Python

Answer 103

Shell Script

Answer 104

Macros

Answer 105

VBA

Answer 106

Threat actors

Answer 107

APT

Answer 108

Nation states

Answer 109

Hacktivist

Answer 110

Script Kiddies

Answer 111

Organizes Crime

Answer 112

Shadow IT

Answer 113

Attack vectors

Answer 114

OSINT

Answer 115

CVE

Answer 116

NVD

Answer 117

IOC

Answer 118

RFC

Answer 119

TTP

Answer 120

Zero-day attacks

Answer 121

Unsecured root accounts

Question 122

Common Vulnerability Scoring system

Answer 122

CVSS

Question 123

logging of security events and information

Answer 123

Security Information and Event Management (SIEM)

Question 124

standard for message logging

Answer 124

Syslog

Question 125

simulate an attack

Answer 125

Pentest

Question 126

document that defines the purpose and scope of a pentest

Answer 126

Rules of engagement

Question 127

gather information before an atack

Answer 127

Reconaissance

Question 128

Reconnaissance through open source

Answer 128

Passive footprinting

Question 129

combine wifi monitoring and a gps

Answer 129

Wardriving/Warflying

Question 130

gathering info from many open sources

Answer 130

Open source Intelligence (OSINT)

Question 131

Offensive security team, ethical hacking, exploiting vulnerabilities, social engineering, web app scanning

Answer 131

Red Team

Question 132

defensive security team, protecting the data, daily security tasks, incidence response, threat hunting, digital forensics

Answer 132

Blue Team

Question 133

red and blue teams working together

Answer 133

Purple team

Question 134

Manages interactions between red team and blue team

Answer 134

White team