Chapter 7

Question 1

DoS

Answer 1

Denial-of-Service is and attack from a single source that attempts to disrupt the services provided by the attacked system

Question 2

DDoS

Answer 2

Distributed Denial of Service is an attack on a system launched from multiple sources intended to make a computers resources or services unavailable to users

DDoS attacks typically include sustained, abnormally high network traffic

Question 3

Escalation

Answer 3

Filler

Question 4

Privilege

Answer 4

Filler

Question 5

MAC Spoofing

Answer 5

An attack that changes the source MAC address

Question 6

IP Spoofing

Answer 6

An attack that changes the source IP address

Question 7

MITM

Answer 7

Man-in-the-Middle is an attack using active interception or eavesdropping

It uses a third computer to capture traffic sent between two other systems

Question 8

ARP Poisoning

Answer 8

An attack that misleads systems about the actual MAC address of a system

Question 9

ARP Request

Answer 9

filler

Question 10

ARP Reply

Answer 10

filler

Question 11

DNS Poisoning

Answer 11

An attack that modifies or corrupts DNS results

DNSSEC helps prevent DNS poisoning

Question 12

DNSSEC

Answer 12

Domain Name System Security Extensions is a suite of extensions to DNS used to protect the integrity of DNS records and prevent some DNS attacks

Question 13

Amplification Attack

Answer 13

An attack that increases the amount of bandwidth sent to a victim

Question 14

Brute Force

Answer 14

A password attack that attempts to guess a password

Online brute force attacks guess passwords of online systems

Offline attacks guess passwords contained in a file or database

Question 15

Dictionary

Answer 15

A password attack that uses a file of words and character combinations

The attack tries every entry within the file when trying to guess a password

Question 16

Hash

Answer 16

A number created by executing a hashing algorithm against data, such as a file or message

Hashing is commonly used for integrity

Common hashing algorithms are MD5, SHA-1, and HMAC

Question 17

MD5

Answer 17

Message Digest 5 is a hashing function used to provide integrity

MD5 creates 128-bit hashes, which are also referred to as MD5 checksums

Experts consider MD5 cracked

Question 18

SHA

Answer 18

Secure Hash Algorithm is a hashing function used to provide integrity

Versions include SHA-1, SHA-2, and SHA-3

Question 19

Pass the Hash

Answer 19

A password attack that captures and uses the hash of a password

It attempts to log on as the user with the hash and is commonly associated with the Microsoft NTLM protocol

Question 20

Birthday

Answer 20

A password attack named after the birthday paradox in probability theory

The paradox states that for any random group of 23 people, there is a 50 percent chance that 2 of them have the same birthday

Question 21

Collision

Answer 21

A hash vulnerability that can be used to discover passwords

A hash collision occurs when two different passwords create the same hash

Question 22

Rainbow Table

Answer 22

A file containing precomputed hashes for character combinations

Rainbow tables are used to discover passwords

PBKDF2 and bcrypt thwart rainbow table attacks

Question 23

Salt

Answer 23

A random set of data added to a password when creating the hash

PBKDF2 and bcrypt are two protocols that use salts

Question 24

Replay Attack

Answer 24

An attack where the data is captured and replayed

Attackers typically modify data before replaying it

Question 25

Known Plaintext

Answer 25

A cryptographic attack that decrypts encrypted data In this attack, the attacker knows the plaintext used to create chiphertext

Question 26

Typo Squatting

Answer 26

The purchase of a domain name that is close to a legitimate domain name Attackers often try to trick users who inadvertently use the wrong domain name Also called URL hijacking

Question 27

Hosting a Malicious Website

Answer 27

filler

Question 28

Earning Ad Revenue

Answer 28

filler

Question 29

Reselling the domain

Answer 29

filler

Question 30

Clickjacking

Answer 30

An attack that tricks users into clicking something other than what they think they're clicking

Question 31

Session Hijacking

Answer 31

An attack that attempts to impersonate a user by capturing and using a session ID Session IDs are stored in cookies

Question 32

Domain Hijacking

Answer 32

An attack that changes the registration of a domain name without permission from the owner

Question 33

Man-in-the-Browser

Answer 33

An attack that infects vulnerable web browsers It can allow the attacker to capture browser session data, including keystrokes

Question 34

Shimming

Answer 34

A driver manipulation method It uses additional code to modify the behavior of a driver

Question 35

Refactoring

Answer 35

A driver manipulation method Developers rewrite the code without changing the driver's behavior

Question 36

Zero-day Vulnerability

Answer 36

A vulnerability or bug that is unknown to trusted sources but can be exploited by attackers Zero-day attacks take advantage of zero-day vulnerabilities

Question 37

Memory Leak

Answer 37

An application flaw that consumes memory without releasing it

Question 38

Integer Overflow

Answer 38

An application attack that attempts to use or create a numeric value that is too big for an application to handle Input handling and error handling thwart the attack

Question 39

Buffer Overflow

Answer 39

An error that occurs when an application receives more input, or different input, than it expects It exposes system memory that is normally inaccessible

Question 40

Pointer Deference

Answer 40

A programming practice that uses a pointer to reference a memory area A failed dereference operation can corrupt memory and sometimes even cause an application to crash

Question 41

DLL Injection

Answer 41

An attack that injects a Dynamic Link Library (DLL) into memory and runs it Attackers rewrite the DLL, inserting malicious code

Question 42

Compiled Code

Answer 42

Code that has been optimized by an application and converted into an executable file Compare with runtime code

Question 43

Runtime Code

Answer 43

Code that is interpreted when it is executed Compare with compiled code

Question 44

Input Validation

Answer 44

A programming process that verifies data is valid before using it

Question 45

Verifying Proper Characters

Answer 45

Filler

Question 46

Implementing Boundary or Range Checking

Answer 46

Filler

Question 47

Blocking HTML Code

Answer 47

Filler

Question 48

Preventing the use of certain characters

Answer 48

Filler

Question 49

Race Condition

Answer 49

A programming flaw that occurs when two sets of code attempt to access the same resource The first one to access the resource wins, which can result in inconsistent results

Question 50

Error-Handling

Answer 50

A programming process that handles errors gracefully

Question 51

Errors to users should be general

Answer 51

Fillers

Question 52

Detailed information should be logged

Answer 52

Filler

Question 53

Encryption

Answer 53

A process that scrambles, or ciphers, data to make it unreadable Encryption normally includes a public algorithm and a private key Compare with asymmetric and symmetric encryption

Question 54

Authentication

Answer 54

The process that occurs when a user proves an identity, such as with a password

Question 55

Dead Code

Answer 55

Code that is never executed or used It is often caused by logic errors

Question 56

obfuscation

Answer 56

An attempt to make something unclear or difficult to understand Steganography methods use obfuscation to hide data within data

Question 57

Static code analyzers

Answer 57

Filler

Question 58

Dynamic Anlysis

Answer 58

Filler

Question 59

Stress testing

Answer 59

Filler

Question 60

Sandboxing

Answer 60

The use of an isolated area on a system, typically for testing Virtual machines are often used to test patches in an isolated sandbox Application developers sometimes use the chroot command to change the root directory

Question 61

Model Verification

Answer 61

Filler

Question 62

Waterfall

Answer 62

A software development life cycle model using a top-down approach It uses multiple stages with each stage starting after the previous stage is complete Compare with agile

Question 63

Secure DevOps

Answer 63

A software development process using an agile-aligned methodology It considers security through the lifetime of the project

Question 64

Security Automation

Answer 64

Filler

Question 65

Continuous Integration

Answer 65

Filler

Question 66

Baselining

Answer 66

Filler

Question 67

Immutable System

Answer 67

Filler

Question 68

Infrastructure as Code

Answer 68

Filler

Question 69

Change Management

Answer 69

The process used to prevent unauthorized changes Unauthorized changes often result in unintended outages

Question 70

Version Control

Answer 70

A method of tracking changes to software as it is updated

Question 71

Apache

Answer 71

Filler

Question 72

Internet Information Services (IIS)

Answer 72

Filler

Question 73

Normalization

Answer 73

The process of organizing tables and columns in a database Normalization reduces redundant data and improves overall database performance

Question 74

Homer Simpson

Answer 74

Filler

Question 75

Stored Procedures

Answer 75

A group of SQL statements that execute as a whole, similar to a mini-program Developers use stored procedures to prevent SQL injection attacks

Question 76

Injection Attack

Answer 76

An attack that injects code or commands Common injection attacks are DLL injection, command injection, and SQL injection attacks

Question 77

XSS

Answer 77

A web application vulnerability Attackers embed malicious HTML or JavaScript code into a web site's code, which executes when a user visits the site

Question 78

XSRF

Answer 78

A web application attack XSRF attacks trick users into performing actions on web sites, such as making purchases, without their knowledge

Question 79

Framework

Answer 79

A structure used to provide a foundation Cyber security frameworks typically use a structure of basic concepts and provide guidance to professionals on how to implement security

Question 80

Regulatory

Answer 80

Filler

Question 81

Non-regulatory

Answer 81

Filler

Question 82

National Versus International

Answer 82

Filler

Question 83

Industry-Specific

Answer 83

Filler