Introduction to Ethical Hacking

Question 1

What is Eavesdropping?

Answer 1

Snooping on the communication between users or devices in order to record private information to launch passive attacks

Question 2

What is Session Hijacking?

Answer 2

An attack whereby an active session of the user is intercepted and stolen by an attacker

Question 3

What is Spoofing?

Answer 3

The process of fooling the target device or user by tampering the original message/request and pretending to be trusted origin.

Question 4

What is Privilege Escalation?

Answer 4

The process of leveraging OS or application’s bug, design flaw or misconfiguration in order to obtain elevated access to resources you otherwise wouldn’t be able to access.

Question 5

What is Psychological Warfare?

Answer 5

Psychological warfare is the use of various techniques such as propaganda and terror to demoralize one’s adversary in an attempt to succeed in battle

Question 6

What is Hacker Warfare?

Answer 6

Hacker warfare can vary from the shutdown of systems, data errors, theft of information, theft of services, system monitoring, false messaging, and access to data

Question 7

What is C2 (Command and Control) Warfare?

Answer 7

C2 warfare refers to the impact an attacker possesses over a compromised system or network that they control

Question 8

What is Electronic Warfare?

Answer 8

Electronic warfare uses radio-electronic and cryptographic techniques to degrade the communication

Question 9

What is Economic Warfare?

Answer 9

Economic warfare affects the economy of a business or nation by blocking the flow of information

Question 10

What is Intelligence-based Warfare?

Answer 10

Intelligence-based warfare is a sensor-based technology that directly corrupts technological systems

Question 11

What are the five elements of Information Security?

Answer 11

Confidentiality, Integrity, Availability, Authenticity and Non-Repudiation.

Question 12

What is Confidentiality defined as?

Answer 12

Assurance that the information is accessible only to those authorized to have access

Question 13

What is Integrity defined as?

Answer 13

The trustworthiness of data or resources in terms of preventing improper or unauthorized changes

Question 14

What is Availability defined as?

Answer 14

Assurance that the systems responsible for delivering, storing, and processing information are accessible when required by the authorized users

Question 15

What is Authenticity defined as?

Answer 15

Refers to the characteristic of a communication, document, or any data that ensures the quality of being genuine

Question 16

What is Non-Repudiation defined as?

Answer 16

A guarantee that the sender of a message cannot later deny having sent the message and that the recipient cannot deny having received the messag

Question 17

What is an Insider Attack?

Answer 17

Insider attacks involve using privileged access to violate rules or intentionally cause a threat to the organization’s information or information systems

Examples include theft of physical devices and planting keyloggers, backdoors, and malware

Question 18

What is a Distribution Attack?

Answer 18

Distribution attacks occur when attackers tamper with hardware or software prior to installation Attackers tamper with the hardware or software at its source or in transit

Attackers tamper with the hardware or software at its source or in transit

Question 19

What is a Passive Attack?

Answer 19

Passive attacks do not tamper with the data and involve intercepting and monitoring network traffic and data flow on the target network

Examples include sniffing and eavesdropping

Question 20

What is an Active Attack?

Answer 20

Active attacks tamper with the data in transit or disrupt the communication or services between the systems to bypass or break into secured systems

Examples include DoS, Man-in-the-Middle, session hijacking, and SQL injection

Question 21

What is a Close-in Attack?

Answer 21

Close-in attacks are performed when the attacker is in close physical proximity with the target system or network in order to gather, modify, or disrupt access to information

Examples include social engineering such as eavesdropping, shoulder surfing, and dumpster diving

Question 22

What is Cyberwarfare?

Answer 22

ibicki defines cyber warfare as the use of information systems against the virtual personas of individuals or groups. It is the broadest of all information warfare. It includes information terrorism, semantic attacks (similar to Hacker warfare, but instead of harming a system, it takes over the system while maintaining the perception that it is operating correctly), and simula-warfare (simulated war, for example, acquiring weapons for mere demonstration rather than actual use)

Question 23

What is Operational Threat Intelligence?

Answer 23

It provides contextual information about security events and incidents that help defenders disclose potential risks, provide greater insight into attacker methodologies, identify past malicious activities, and perform investigations on malicious activities in a more efficient way

Question 24

What is Strategic Threat Intelligence?

Answer 24

Strategic Threat Intelligence provides high-level information regarding cybersecurity posture, threats, details about the financial impact of various cyber activities, attack trends, and the impact of high-level business decisions

Question 25

What is Technical Threat Intelligence?

Answer 25

Technical Threat Intelligence provides rapid distribution and response to threats. For example, a piece of malware used to perform an attack is tactical threat intelligence, whereas the details related to the specific implementation of the malware come under technical threat intelligence.

Question 26

What is Tactical Threat Intelligence?

Answer 26

Tactical Threat Intelligence plays a major role in protected the resources of the organization. It provides information related to the TTPs (Techniques, Tactics, and Procedures) used by threat actors (attackers) to perform attacks

Question 27

What are the 4 steps of risk management (in order)?

Answer 27

Risk Identification -> Risk Assessment -> Risk Treatment -> Risk Tracking and Review

Question 28

What are the 5 steps of Threat Modeling (in order)?

Answer 28

Identify Security Objectives -> Application Overview -> Decompose the Application -> Identify Threats -> Identify Vulnerabilities

Question 29

What is Threat Modeling?

Answer 29

Threat modeling is a risk assessment approach for analyzing the security of an application by capturing, organizing, and analyzing all the information that affects it. The threat model consists of three major building blocks: understanding the adversary’s perspective, characterizing the security of the system, and determining threats

Question 30

What is Information Assurance?

Answer 30

Information Assurance refers to the assurance of the integrity, availability, confidentiality, and authenticity of information and information systems during the usage, processing, storage, and transmission of information. Security experts accomplish information assurance with the help of physical, technical, and administrative controls

Question 31

What is Incident Management?

Answer 31

Incident management is a set of defined processes to identify, analyze, prioritize, and resolve security incidents to restore the system to normal service operations as soon as possible, and prevent recurrence of the incident

Question 32

What is Defense-in-depth?

Answer 32

Defense-in-depth is a security strategy in which security professionals use several protection layers throughout an information system. This strategy uses the military principle that it is more difficult for an enemy to defeat a complex and multi-layered defense system than to penetrate a single barrier. Defense-in-depth helps to prevent direct attacks against an information system and its data because a break in one layer only leads the attacker to the next layer

Question 33

What are some preventative infosec processes?

Answer 33

Patch Management, Vulnerability Management, and IDS Deployment.

Question 34

What are some reactive infosec processes?

Answer 34

Incident Handling, Forensics and Disaster Recovery

Question 35

Which country has the Lanham (Trademark) Act?

Answer 35

The United States

Question 36

Which country has the Copyright, Etc. and Trademarks (Offenses And Enforcement) Act 2002?

Answer 36

UK

Question 37

Which country has The Patents (Amendment) Act, 1999, Trade Marks Act, 1999, The Copyright Act, 1957?

Answer 37

India