Common Terms

Question 1

Hack Value

Answer 1

A term of describing how willing a hacker would be to invest their time/energy to crack a system, file, etc. and whether or not it’d be worth attempting.
(a file containing absolutely atrocious amounts of porn (low hack value/not hack value (probably; depending on the perpetrator) vs. a file containing someone’s passport and credit card information (high hack value/hack value)).

Question 2

Vulnerability

Answer 2

A weakness that could compromise a system (system: not just referring to a computer system, but any system. Corporation, household, government, etc.) and could be used as a possible means of attack.

Question 3

Exploit

Answer 3

A piece of code that takes advantage of a vulnerability to deliver malicious code.
Can also be defined as any way to take advantage of a vulnerability to attack a system.

Question 4

Payload

Answer 4

A malicious piece of code delivered through an exploit.

Question 5

R.A.T.

Answer 5

Remote Access Trojan
A program used by an intruder to take control of a victim’s computer remotely, giving them access to the computer’s files, allowing covert surveillance and a backdoor for administrative control

Question 6

ISP

Answer 6

Internet Service Provider

Question 7

NSP

Answer 7

Network Service Provider

Question 8

Hash

Answer 8

a hash is a function that converts one value to another.

Example:

keys-v/hash function-v/hash-v
John Smith ----\   [/---- ]-- 00
Chad Hecks ---/ \[/---- ]--  01
Dirk McFunkle -/ [\      ]   02
                             [  \---]-- 03

Question 9

Security Threat

Answer 9

A security - threat - is anything that has a potential of causing damage to a system/network.

Question 10

Security Attack

Answer 10

A security -attack - is an attempt to gain unauthorized access to a system/network.

Question 11

Attack Vector

Answer 11

An attack vector is a means by which a hacker delivers a payload to a system/network.

Question 12

DOS

Answer 12

Disk Operating System

Question 13

CPU

Answer 13

Central Processing Unit

Question 14

GPU

Answer 14

Graphics Processing Unit

Question 15

WPA

Answer 15

Wi-Fi Protected Access

Question 16

The “IP” in IP address

Answer 16

Internet Protocol

Question 17

SQL

Answer 17

Structured Query Language

Question 18

IDS

Answer 18

Intrusion Detection System

Question 19

DNS

Answer 19

Domain Name System

Question 20

ARP

Answer 20

Address Resolution Protocol

Question 21

IPS

Answer 21

Intrusion Prevention System

Question 22

Array

Answer 22

An array is a data structure, which can store a fixed-size collection of elements of the same data type. An array is used to store a collection of data, but it is often more useful to think of an array as a collection of variables of the same type.

Question 23

DDoS

Answer 23

Distributed Denial of Service

Question 24

PCI DSS

Answer 24

Payment Card Industry Data Security Standard

Question 25

HIPAA

Answer 25

Health Insurance Portability and Accountability Act

Question 26

SOX

Answer 26

Sarbanes Oxley Act

Question 27

DMCA

Answer 27

Digital Millennium Copyright Act

Question 28

WIPO

Answer 28

World Intellectual Property Organization

Question 29

FISMA

Answer 29

Federal Information Security Management Act

Question 30

DMZ

Answer 30

Demilitarized Zone

Question 31

Nonrepudiation

Answer 31

Nonrepudiation is the assurance that someone cannot deny something. Typically, nonrepudiation refers to the ability to ensure that a party to a contract or a communication cannot deny the authenticity of their signature on a document or the sending of a message that they originated. To repudiate means to deny.

Question 32

NDA

Answer 32

Non-disclosure Agreement

Question 33

VPN

Answer 33

Virtual Private Network

Question 34

Risk

Answer 34

Refers to the threat of damage or loss

Question 35

RAID

Answer 35

Redundant array of inexpensive(/independent) disks

RAID works by placing data on multiple disks and allowing input/output (I/O) operations to overlap in a balanced way, improving performance.

Question 36

OS

Answer 36

Operating System

Question 37

ROSI

Answer 37

Return Of Security Investment

Question 38

ICMP

Answer 38

ICMP (Internet Control Message Protocol) is an error-reporting protocol network devices like routers use to generate error messages to the source IP address when network problems prevent delivery of IP packets.

Question 39

Dictionary Attack

Answer 39

A dictionary attack is a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password. … Dictionary attacks work because many computer users and businesses insist on using ordinary words as passwords.

Question 40

ACE

Answer 40

In computer security, arbitrary code execution (ACE) is used to describe an attacker’s ability to execute arbitrary commands or code on a target machine or in a target process. … A program that is designed to exploit such a vulnerability is called an arbitrary code execution exploit.

Question 41

Buffer Overflow Attack:

Answer 41

Attackers exploit buffer overflow issues by overwriting the memory of an application. This changes the execution path of the program, triggering a response that damages files or exposes private information.

Question 42

The Difference Between DoS and DDos Attacks:

Answer 42

The DoS attack typically uses one computer and one Internet connection to flood a targeted system or resource. The DDoS attack uses multiple computers and Internet connections to flood the targeted resource. DDoS attacks are often global attacks, distributed via botnets.

Question 43

Trojan:

Answer 43

A Trojan horse or Trojan is a type of malware that is often disguised as legitimate software. Trojans can be employed by cyber-thieves and hackers trying to gain access to users’ systems. Users are typically tricked by some form of social engineering into loading and executing Trojans on their systems.

Question 44

Registry

Answer 44

The registry or Windows registry is a database of information, settings, options, and other values for software and hardware installed on all versions of Microsoft Windows operating systems. When a program is installed, a new subkey is created in the registry. This subkey contains settings specific to that program, such as its location, version, and primary executable.

Question 45

Rootkit

Answer 45

A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed (for example, to an unauthorized user) and often masks its existence or the existence of other software.

Question 46

Spyware

Answer 46

software that enables a user to obtain covert information about another’s computer activities by transmitting data covertly from their hard drive (most often without the user’s consent),

Question 47

Keylogger

Answer 47

Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording (logging) the keys struck on a keyboard, typically covertly, so that person using the keyboard is unaware that their actions are being monitored. Data can then be retrieved by the person operating the logging program. A keylogger can be either software or hardware.

While the programs themselves are legal,[1] with many of them being designed to allow employers to oversee the use of their computers, keyloggers are frequently used for stealing passwords and other confidential information.

Question 48

Security Audit:

Answer 48

Inspects if an organization is following security standards and policies.

Question 49

Vulnerability assessment:

Answer 49

Deals (only) with finding the vulnerabilities of a network.

Question 50

Penetration Testing:

Answer 50

Encompasses both security audit and vulnerability assessment. It also demonstrates how attackers can exploit the identified vulnerabilities.

Question 51

Blue team (red team vs. blue team):

Answer 51

Blue team is defender team and its role is to detect attackers and predict possible attacks.

Question 52

Red team (red team vs. blue team):

Answer 52

Red team is the attacker team and its role is to find vulnerabilities in the system and check the security as real attackers would.

Question 53

White box testing:

Answer 53

The penetration testers are given complete information about the client’s infrastructure.

(think “light vs. dark”. White = lots of information i.e. brighter/more visibility. Black = practically no information i.e. in the dark)

Question 54

Black box testing:

Answer 54

The penetration testers are given very little information about the client’s infrastructure.

(think “light vs. dark”. White = lots of information i.e. brighter/more visibility. Black = practically no information i.e. in the dark)

Question 55

Grey box testing:

Answer 55

This type of testing uses a combination of black box and white box testing and gives a full inspection of the system, simulating both outside and inside attacks.

Question 56

Pre-attack phase:

Answer 56

The pre-attack phase mainly includes activities such as preparation and planning, and information gathering. The objective is to gather as much information about the target as possible.

Question 57

Attack phase:

Answer 57

This is the phase where you compromise the target and exploit the vulnerabilities you’ve uncovered in the pre-attack phase using the information you’ve previously gathered.

Question 58

Post-attack phase:

Answer 58

In this phase, the tester restores the system to the pretest state (the state the system was in prior to the penetration).
The tester then reports all flaws and vulnerabilities of the system that they’ve uncovered.
All activities and results must be thoroughly documented.

Question 59

Steps to take when performing an attack:

Answer 59

1. Penetrate perimeter
2. Acquire target
3. Escalate privileges
4. Execute, implant, and retract

Question 60

Evaluating IDS and protocol filter rules // Checking access controls:

Answer 60

Techniques used to bypass IDS and firewalls.

Question 61

Reverse shell

Answer 61

A reverse shell is a shell initiated from the target host back to the attack box which is in a listening state to pick up the shell.

To gain control over a compromised system, an attacker usually aims to gain interactive shell access for arbitrary command execution. With such access, they can try to elevate their privileges to obtain full control of the operating system. However, most systems are behind firewalls and direct remote shell connections are impossible. One of the methods used to circumvent this limitation is a reverse shell.

Question 62

In which activity do ICMP probes, checking access controls, evaluating protocol filtering rules, and evaluating IDS take place ?

Answer 62

Bypassing firewall.

Question 63

Target acquisition:

Answer 63

Target acquisition involves vulnerability scans to find vulnerabilities which can be later exploited.

Question 64

Perimeter penetration:

Answer 64

Perimeter penetration is an activity in which a pen tester uses social engineering to test out the boundaries and find a way into the system.

Question 65

Footprinting:

Answer 65

The act of gathering information from and about a selected target.

Question 66

fedora:

Answer 66

fedora is a Linux based operating system which is a spin-off of red hat, used as a testing ground for new technologies which are later applied in red hat.

Question 67

“site:” means what in the Google browser ?

Answer 67

States that Google should search only within the confines of whichever domain follows “site:”. Ex: site:linuxacademy.com

Question 68

“intext:” means what in the Google browser ?

Answer 68

States that Google should search in the text of the website.

Question 69

When you place a term within quotation marks in the Google browser, what does the browser do ?

Answer 69

The Google browser searches only for sites that include that full term, and exactly that term (no modifications at all).
Ex: “please change your” will search only for websites that include the term “please change your”.

Question 70

”|” means what in the Google browser ?

Answer 70

It means “or”, essentially.

Ex: searching “sapien | ape” will search for all websites containing either “sapien” OR “ape”.

Question 71

”-“ means what in the Google browser ?

Answer 71

States that whatever follows “-“ will be excluded from search results.
Ex: searching “my pungent asshole -presence -of -god” will search for “my pungent asshole” and exclude any results including any presence of God.

Question 72

“file:” means what in the Google browser ?

Answer 72

Specifies the type of file that should be searched for.

Ex: searching “lack of human decency file:pdf” will search for any pdf files displaying a lack of basic human decency.

Question 73

Shodan

Answer 73

If you search a domain in Shodan, you might come across some good data (but Ermin doesn’t seem to approve) - IP’s in use, type of web server, what’s being hosted, what versions are being hosted, and which technologies are in use. “Keep in mind that these things can be fairly inaccurate”
- Ermin the all-knowing (not said with sass).
It’s usually going to be a better idea to conduct your own search with your own methods in order to get more consistent, reliable results.

Shodan is a search engine that lets the user find specific types of computers (webcams, routers, servers, etc.) connected to the internet using a variety of filters. … It was launched in 2009 by computer programmer John Matherly, who, in 2003, conceived the idea of searching devices linked to the Internet.

Question 74

Netcraft

Answer 74

Netcraft is a provider of cybercrime disruption services across a range of industries. In November 2016, Philip Hammond, Chancellor of the Exchequer, announced plans for the UK government to work with Netcraft to develop better automatic defences to reduce the impact of cyber-attacks affecting the UK.

Question 75

Cloudflare

Answer 75

Companies might hide their web servers and web services (and other services) behind Cloudflare so that you only ever know the domain and never the actual IP address.

• useful for DDoS protection, prevention of direct access, hiding the geographic location of company/servers.
• you’ll see the IP address of Cloudflare, but not the company’s actual IP address being Cloudflare

Question 76

DNS server (aka nameserver):

Answer 76

A DNS server is a computer server that contains a database of public IP addresses and their associated hostnames, and in most cases serves to resolve, or translate, those names to IP addresses as requested. DNS servers run special software and communicate with each other using special protocols.