1.0

Question 1

Backdoor Testing

Answer 1

Backdoor testing refers to the process of evaluating a system or software application for the presence of hidden, undocumented, or unauthorized entry points known as “backdoors.” These backdoors can be intentionally or unintentionally created during development and may allow unauthorized access or control over the system.

Question 2

Passive footprinting

Answer 2

A technique used in cybersecurity and ethical hacking to gather information about a target system, network, or organization without directly interacting with it. Passive footprinting relies on publicly available information and data sources, Learn as much as you can from open sources.

Question 3

OS fingerprinting

Answer 3

A method used to identify the operating system running on a device in a network. It can be active, where specific packets are sent and responses analyzed, or passive, where network traffic is observed for OS characteristics. This information is valuable for network management, security assessments, and troubleshooting.

Question 4

SOAR

Answer 4

Security Orchestration, Automation, and Response
A system designed to facilitate responses in incident response situations. Automate routine (Signitures), tedious, and time intensive activities.

Question 5

Nation state

Answer 5

Often associated with advanced cyber capabilities and may engage in cyber espionage, cyber warfare, or other cyber activities for political, economic, or military purposes.
Governments
* National security, job security
* Always an external entity

Question 6

DLL injection

Answer 6

Dynamic Link Library Injection
An attack that uses the injection of a DLL onto a system, altering the processing of a program by in essence recoding it.

Question 7

Resource exhaustion

Answer 7

overloads the system’s resources and prevents legitimate users from accessing services on the target computer.

Question 8

Wireless disassociation

Answer 8

Attacks against a wireless system are attacks designed to disassociate a host from the wireless access point and from the wireless network.

Question 9

SIEM

Answer 9

Security Information and Event Management
Provides a centralized solution for collecting, analyzing, and managing data from multiple sources.

Question 10

False negatives

Answer 10

Occurs when an IDS or IPS fails to send an alarm or alert even though an attack is active.

Question 11

Credentialed

Answer 11

A type of security assessment or vulnerability scan that is conducted with privileged credentials, such as username and password combinations, to access and analyze the internal components of a system or network.

Question 12

Non-credentialed

Answer 12

Also known as external scans or unauthenticated scans, are security assessments or vulnerability scans conducted without using specific credentials to access the internal components of a system or network.

Question 13

DNS poisoning

Answer 13

Domain Name System poisoning
This is a type of attack where a DNS cache is manipulated to redirect domain name resolution to malicious IP addresses. The goal is to misdirect users to fake websites or servers controlled by attackers, leading to potential security breaches or data theft.

Question 14

Prepending

Answer 14

When information is added to the beginning of malicious data. Ex. https://pprofessormesser.com

Question 15

CSRF/XSRF

Answer 15

Cross-Site Request Forgery
An attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated.

Question 16

SSL Stripping

Answer 16

Secure Sockets Layer Stripping
An attack where the hacker is able to place themselves between the victim and a secure HTTPS site that the victim uses. “stripping” https:// URLs and turning them into http:// URLs.

Question 17

ARP poisoning

Answer 17

ARP poisoning, also known as ARP spoofing, is a type of cyber attack where the attacker targets the ARP cache of devices on a local network. In this attack, the attacker sends falsified ARP messages to associate their MAC address with the IP address of another device on the network, such as a router or a victim’s device. This can lead to traffic being redirected through the attacker’s device, allowing them to intercept, modify, or block network communication.

Question 18

Macros

Answer 18

Automated sequences of commands or actions in software applications, often used for repetitive tasks or to automate complex processes.

Question 19

Collision

Answer 19

When different inputs create the same hash, causing errors or data loss.

Question 20

Watering Hole

Answer 20

A cyberattack strategy where attackers target websites frequently visited by a specific group of users, exploiting vulnerabilities in those sites to infect visitors with malware.

Question 21

Typosquatting

Answer 21

A technique where attackers register domain names similar to popular ones, relying on users’ typographical errors to redirect them to malicious websites.

Question 22

Pretexting

Answer 22

A social engineering tactic where attackers create a false pretext or scenario to trick individuals into revealing sensitive information or performing actions they wouldn’t usually do.

Question 23

Session Replay

Answer 23

The unauthorized capturing and playback of user sessions (such as keystrokes, mouse clicks, and form entries) on websites or applications, often used for malicious purposes like stealing credentials.

Question 24

Backdoor

Answer 24

A hidden or undocumented entry point in software or systems, allowing unauthorized access for maintenance or exploitation by attackers.

Question 25

Rootkit

Answer 25

Malicious software designed to gain administrator-level control over a computer system while concealing its presence from detection by antivirus or security software.

Question 26

Script Kiddies

Answer 26

Inexperienced or unskilled individuals who use pre-made scripts or tools to launch cyberattacks, often without fully understanding the underlying technology or risks.

Question 27

APT (Advanced Persistent Threat)

Answer 27

A sophisticated and persistent cyberattack carried out by skilled and well-funded threat actors, usually targeting specific organizations or individuals over an extended period.

Question 28

Threat Hunting

Answer 28

Proactive and continuous process of searching for and identifying potential security threats or anomalies within a network or system, aiming to detect and mitigate them before they cause harm.

Question 29

Cross-site Scripting (XSS)

Answer 29

A type of web security vulnerability where attackers inject malicious scripts into web pages viewed by other users, allowing them to steal sensitive data or perform unauthorized actions.

Question 30

Password Spraying

Answer 30

A brute-force attack method where attackers attempt to access multiple user accounts by trying a few commonly used passwords against many usernames, reducing the risk of account lockout.

Question 31

XML Injection

Answer 31

A type of injection attack where attackers exploit vulnerabilities in XML input handling to manipulate XML data or execute malicious commands, potentially leading to data disclosure or system compromise.

Question 32

Pharming

Answer 32

A cyberattack that redirects website traffic to a fake or malicious website, often achieved through DNS spoofing or manipulation to trick users into disclosing sensitive information.

Question 33

Smurfing

Answer 33

A type of distributed denial-of-service (DDoS) attack where attackers flood a target network with ICMP echo request (ping) packets, often using IP spoofing to amplify the attack’s impact.

Question 34

Spim

Answer 34

Unsolicited and unwanted messages or spam sent through instant messaging (IM) platforms, similar to email spam but targeting IM users.

Question 35

Race Condition

Answer 35

A software vulnerability that occurs when the outcome of a program depends on the sequence or timing of multiple concurrent events, leading to unexpected or insecure behavior.

Question 36

NFC

Answer 36

Near Field Communication
A short-range wireless technology used for contactless data exchange between devices, commonly found in smartphones for mobile payments, access control, and data transfer.

Question 37

Session Hijacking

Answer 37

A cyberattack where an attacker takes control of an active session between a user and a system, often by stealing session tokens or exploiting session management vulnerabilities.

Question 38

Rules of Engagement

Answer 38

Guidelines or protocols that define the permitted actions, boundaries, and responsibilities of individuals or teams during vulnerability or penetration testing.

Question 39

Initialization Vector (IV)

Answer 39

A random or predetermined value used as an input in cryptographic algorithms, such as block ciphers, to ensure uniqueness and strengthen encryption against attacks like replay or ciphertext manipulation.

Question 40

Bluesnarfing

Answer 40

Unauthorized access to Bluetooth-enabled devices (such as phones or laptops) to steal data, access functions, or control the device’s settings without the owner’s knowledge or consent.

Question 41

Bluejacking

Answer 41

Sending unsolicited messages or data to Bluetooth-enabled devices, exploiting their discoverability feature without establishing a connection, often used for harmless pranks or marketing purposes.

Question 42

Credential Stuffing

Answer 42

A cyberattack method where attackers use stolen username-password pairs from one website to gain unauthorized access to accounts on other platforms, exploiting users’ reuse of credentials across multiple sites.

Question 43

Whaling

Answer 43

A targeted phishing attack that focuses on high-profile or executive-level individuals within organizations, aiming to steal sensitive information, credentials, or financial assets.

Question 44

Reconnaissance

Answer 44

The phase of a cyberattack where attackers gather information about a target system, network, or organization, including identifying vulnerabilities, system configurations, and potential entry points.

Question 45

Hybrid Warfare

Answer 45

A strategy that combines conventional military tactics with cyberattacks, information warfare, propaganda, and other non-traditional methods to achieve strategic objectives in conflicts.

Question 46

Birthday Attack

Answer 46

A cryptographic attack that exploits the probability of collisions in hash functions, allowing attackers to generate two different inputs with the same hash value, potentially compromising integrity or authentication mechanisms.

Question 47

Rainbow Table

Answer 47

A precomputed table of hash values for common passwords or inputs, used in password cracking attacks to quickly reverse hash functions and recover plaintext passwords.

Question 48

White-team

Answer 48

A group or team responsible for conducting security assessments, penetration testing, and evaluating defensive measures within an organization, often working collaboratively with blue teams and red teams.

Question 49

Purple-team

Answer 49

A collaborative approach in cybersecurity where red teams (offensive security) and blue teams (defensive security) work together to simulate attacks, test defenses, share knowledge, and improve overall security posture.

Question 50

MAC Spoofing

Answer 50

A technique where attackers forge or impersonate Media Access Control (MAC) addresses of network devices, such as computers or routers, to bypass access controls, gain unauthorized network access, or perform man-in-the-middle attacks.

Question 51

Active Footprinting

Answer 51

The process of directly interacting with a target system or network to gather information, such as scanning for open ports, conducting vulnerability assessments, or probing for weaknesses, with the goal of assessing security posture and identifying potential entry points for cyberattacks

Question 52

Lateral Movement

Answer 52

The process used by attackers to move deeper into a network to get to the target data.

Question 53

Pivoting

Answer 53

Occurs when you exploit one machine and use that as a basis to attack other systems.

Question 54

Attack Vector

Answer 54

A method used by attacker

Question 55

Jamming

Answer 55

Deliberate interference with wireless communications by transmitting a signal that disrupts the communication between devices.

Question 56

Attack Surface

Answer 56

Where the attack takes place

Question 57

OSINT

Answer 57

Open Source Intelligence
Gathering information from many open sources

Question 58

War flying

Answer 58

Using a drone or aircraft to fly over a facility and capture wireless network traffic

Question 59

War driving

Answer 59

Driving past points of access, mapping the access points, including geographic information

Question 60

Directory traversal

Answer 60

A specific type of injection attack that attempts to access a file by including the full directory path or traversing the directory structure on a computer

Question 61

Downgrade Attack

Answer 61

When security exploits where attackers force a connection to use older or less secure communication

Question 62

Skimming

Answer 62

Physical devices built to intercept a credit card. These devices are placed on credit card readers to skim the data from the card while passing it on to the legitimate reader.

Question 63

Command and Control

Answer 63

used by hackers to control malware that has been launched against targets.

Question 64

XML injection

Answer 64

Extensible Markup Language injection

XML- A set of rules for data transfer and storage

Injection-Modifying XML requests

Question 65

Initialization vector (IV)

Answer 65

It is a random value used with encryption to make sure that identical data does not get encrypted in the same way each time. This helps keep the encrypted data secure by making patterns harder to detect.

Question 66

MAC cloning / MAC spoofing

Answer 66

An attacker changes their MAC address to match the MAC address of an existing device

Question 67

Media Access Control (MAC) Flooding

Answer 67

a network attack technique where an attacker sends a large number of packets with different source MAC addresses to a switch, overwhelming its MAC address table. The switch then starts to behave like a hub, broadcasting traffic to all ports, which allows the attacker to capture network traffic.

Question 68

STIX

Answer 68

Structured Threat Information eXpression
– Describes cyber threat information
– Includes motivations

Question 69

TAXII

Answer 69

Trusted Automated eXchange of Indicator Information
– Securely shares STIX data

Question 70

Predictive analysis

Answer 70

Creates a forecast for potential attacks

Question 71

Amplification

Answer 71

An act of leveraging technology to increase the volume of an attack, such as pinging a network address to get all attached devices to respond.

Question 72

Open source threat intelligence

Answer 72

Threat intelligence that is acquired from publicly available sources.

Question 73

Pass the hash

Answer 73

When an attacker captures a password hash and then passes it through for authentication and lateral access.

Question 74

Refactoring

Answer 74

A set of techniques to identify flow and then modify the internal structure of the code while still appearing as its visible behavior.

Question 75

Shimming

Answer 75

Shim intercepts API calls
to handle request
change arguments
redirect the request

Question 76

Criminal syndicates

Answer 76

A group of individuals working together in criminal activities. Almost all their efforts can be traced back to greed with the goal of getting more money, regardless of how they get it.

Question 77

Predictive Analysis

Answer 77

A mix of automation and human intelligence to predict and prevent attacks before they hit

Question 78

RFC

Answer 78

Request for comments
a publication authored by security professionals to form a memorandum describing methods, behaviors, research, or innovations within internet and internet systems

Question 79

Intelligence Fusion

Answer 79

Involves industry and government to gather, analyze and share threat information.

Question 80

UEBA

Answer 80

User Entity Behavior Analysis