4.4

Question 1

Whats DoS?

Answer 1

(Denial of service) It forces a service to fail and cause a system to be unavailable.

Question 2

Whats DDoS?

Answer 2

(Distributed Denial of Service) It’s a launch of an army of computers to bring down a service(use all bandwidth or resources and it’s the reason bad guys use botnets.)

Question 3

Whats DDoS amplification?

Answer 3

Turning a small attack into a big attack and uses protocols with little authentication or checks(like NTP, DNS, ICMP)

Question 4

What are social engineering principles?

Answer 4

1. Authority(social engineer is in charge)
2. Intimidation(there will be bad things if you dont help)
3. Consensus/Social proof(Convince based on whats normally expected.
4. Scarcity(the situation will not be this way for long)
5. Urgency(act quick, don’t think)
6. Familiarity/liking(we have common friends)
7. Trust(someone who is safe like from IT)

Question 5

Whats Insider threats?

Answer 5

IT happens when we give people tons of access they shouldn’t have. But sometimes it could be phishing scams or hacking scams.

Question 6

What are logic bombs?

Answer 6

A logic bomb is a very specific kind of malware that’s waiting for an event to occur(usually time, user event) and difficult to identify.

Question 7

Whats rouge access point

Answer 7

It’s a significant potential backdoor(huge security concerns) and they are very easy to plug in a wireless AP, or enable wireless sharing in your OS.

Question 8

What are wireless evil twins?

Answer 8

By using a wireless access point, the bad guys can configure it exactly the same way as an existing network(same SSID and security settings) WiFi hotspots are easy to feel(wifi in a hotel) and can be countered if you encrypt your communication by using HTTPS and a VPN.

Question 9

Whats Wadriving?

Answer 9

Gathering information about your network(huge amount of intel in a short period of time)

Question 10

Whats Phishing?

Answer 10

Phishing is a technique used by the bad guys to try to convince you to give up some personal information.(like username and password)

Question 11

Whats Vishing?

Answer 11

It’s phishing thats done over the phone(fake security check)

Question 12

Whats spear phishing?

Answer 12

it’s a way to really focus in on a narrow group of people and try to construct a front-end and a message that seems very legitimate to the end user.

Question 13

Whats ransomware?

Answer 13

It’s one where the bad guys want your money, and the best way to get the money from you is to take the data away from you.

Question 14

Whats crypto-malware?

Answer 14

This is ransomware that encrypts all of the data on your computer and holds that data for ransom.

Question 15

how can we protect against ransomware?

Answer 15

1. Always having a backup
2. Keep your system up-to-date
3. Keep your applications up-to-date
4. Keep your anti-virus/anti-malware signatures up-to-date.
5. Keep everything up-to-date

Question 16

Whats DNS poisoning?

Answer 16

is a type of attack that exploits vulnerabilities in the DNS to divert Internet traffic away from legitimate servers and towards fake ones.

Question 17

Whats spoofing?

Answer 17

It is a type of attack that exploits vulnerabilities in the domain name system (DNS) to divert Internet traffic away from legitimate servers and towards fake ones(Fake web server, fake dns)

Question 18

What are some examples of spoofing?

Answer 18

1. Email address(sending email address of an email isn’t really the sender)
2. Caller ID(the incoming call info is completely fake)
3. Man-in-the-middle attacks(Person in the middle of the conversation pretends to be both endpoints)

Question 19

Whats deauthentication?

Answer 19

It’s a significant wireless DoS attack.

Question 20

Whats brute force attack?

Answer 20

A brute force attack is an attempt to crack a password or username or find the key used to encrypt a message, using a trial and error approach and hoping, eventually, to guess correctly.

Question 21

What are the disadvantages of brute force attacks?

Answer 21

1. Very slow
2. Most accounts will lockout
3. Keep trying the login process.

Question 22

What are the two primary methods of VLAN hopping?

Answer 22

1. Switch spoofing

2. Double tagging

Question 23

Whats switch spoofing?

Answer 23

Switch spoofing is a type of VLAN hopping attack that works by taking advantage of an incorrectly configured trunk port(By default, trunk ports have access to all VLANs and pass traffic for multiple VLANs across the same physical link, generally between switches.)

Question 24

Whats double tagging?

Answer 24

An attacker connected to an 802.1Q-enabled port prepends two VLAN tags to a frame that it transmits. The frame (externally tagged with VLAN ID that the attacker’s port is really a member of) is forwarded without the first tag because it is the native VLAN of a trunk interface.

Question 25

Whats man-in-the-middle?

Answer 25

It’s an attack that occurs when a malicious actor inserts himself as a relay/proxy into a communication session between people or systems. A MITM attack exploits the real-time processing of transactions, conversations or transfer of other data.

Question 26

Why does ARP poisoning(spoofing) happen?

Answer 26

Because ARP has no security.

Question 27

Whats man-in-the-browser?

Answer 27

It’s when the calls are coming from the inside browser(malware/Trojan does all the proxy work). Man-in-the-browser waits for us to login to our account and then takes all the data but the everything looks normal to the victim.

Question 28

Whats vulnerability?

Answer 28

It’s a weakness in a system which allows bad guys to gain access.

Question 29

What methods of vulnerability are there?

Answer 29

1. Data injection
2. Broken authentication process
3. Sensitive data exposure
4. Security misconfiguration

Question 30

Whats exploit?

Answer 30

Taking advantage of a vulnerability(gain control, modify data, disable a service)