2.4

Question 1

How is phising usually delivered ?

Answer 1

Phone, sms or email

Question 2

What is phishing ?

Answer 2

Social engineering with a touch of spoofing.

Question 3

What is a good indication of phishing ?

Answer 3

Provided URL, dodgy font, graphics or spelling.

Question 4

What is Vishing ?

Answer 4

Vishing is done over phone (basically Caller ID is spoofed).

Question 5

Give an example of Vishing

Answer 5

Fake security checks or bank updates

Question 6

What is Wireless evil twins ?

Answer 6

Fraudulent Wi-Fi access point that appears to be legitimate but is set up to eavesdrop on wireless communications

Question 7

What is spear phishing ?

Answer 7

Going for a specific groups of users.

Question 8

What is a good resource for monitoring zero-day attacks ?

Answer 8

Checking hacker forums/websites

Question 9

What is spoofing ?

Answer 9

Masquerading as another user or device

Question 10

Give some examples of spoofing

Answer 10

Faking a Legitimate:
IP address.
MAC address.
Username/password.

Question 11

What is the result of a Structured Query Language (SQL) injection ?

Answer 11

Attacker gains acces to a database.

Question 12

What is good practice in preventing a wireless evil twin ?

Answer 12

Encrypt i.e. https and a VPN

Question 13

What does a anti-DDoS system do ?

Answer 13

Filter out traffic by looking for patterns associated with DDoS attacks.

Question 14

What are the two kinds of on path attacks ?

Answer 14

Network and browser
https://www.youtube.com/watch?v=pY20_7l8AKc

Question 15

ARP

Answer 15

Address Resolution Protocol

Question 16

What is a SQL injection ?

Answer 16

A web application security vulnerability that allows an attacker to inject malicious code into a SQL statement through user input.

Question 17

What is the difference between adware and spyware ?

Answer 17

Adware to generates revenue through the display of advertisements
Spyware is designed to collect sensitive information without the user’s knowledge or consent.

Question 18

What is ARP spoofing ?

Answer 18

MAC address is faked.

Question 19

What is an insider threat ?

Answer 19

Any current or former employee, contractor, or business partner who has or had authorized access and misused said access.

Question 20

What is phishing over sms sometimes referred to as ?

Answer 20

Smishing

Question 21

What is arp spoofing ?

Answer 21

Attacker spoofs the IP to MAC mapping usually to perform a man-in-the-middle attack

Question 22

What kind of attack is IP spoofing ?

Answer 22

On path attach

Question 23

What is arp poisoning ?

Answer 23

Sending fake ARP packets that link an attacker’s MAC address with an IP of a computer already on the LAN.