cyber security intro Flashcards
(62 cards)
1
Q
What is the correct order of a TCP three-way handshake?
A
Syn, syn-ack, ack
2
Q
Which command is used to display files in a directory under the Windows
OS?
A
dir
3
Q
What is a good example of a valid internal IP address?
A
- 192.168.21.05/24
- 24 = the number of subnets that can be on a class c address
- How many host are in a class c network - 254 usable with one being the gateway 255
4
Q
What is a good example of UDP protocol usage?
A
- Movie streaming
- Udp - no connection needed
- Tcp - needs a connection
- TCP is a connection-oriented protocol, whereas UDP is a connectionless protocol.
5
Q
Which of the following Windows accounts has the weakest permissions?
A
- Guest
6
Q
What is hping3?
A
- A Linux tool that sends multiple packets and can creates a DoS attack.
- If you type this in kali linux it will create havoc hping3 -1 –flood 192.168.1.23
7
Q
What are the differences between Information Security and Cyber Security?
A
- Cyber security protects against all types of cyber crimes, while information security protects the information itself.
8
Q
What could be the subnet mask of a class A network?
A
- Example:
- A = 255.0.0.0
- B = 255.255.0.0
- C = 255.255.255.0
- Professor example:
- 255.0.0.0
- 255.255.255.254
- 255.255.255.0
- 255.255.0.0
9
Q
What is the role of a DNS server?
A
- Translating common names to IP addresses.
10
Q
What is the difference between a hub and a router?
A
- A hub operates in layer 1, while a router operates in layer 3.
- Layer1: PhysicalLayer. Layer2: Data LinkLayer. Layer3: NetworkLayer. Layer4: TransportLayer. Layer5: SessionLayer. Layer6: PresentationLayer. Layer7: ApplicationLayer.
11
Q
Which of the following is not an example of a DDoS attack?
A
- Man in the middle
12
Q
Cyber defense services are needed for:
A
- Detection, prevention, recovery
13
Q
What is the best password option that can be set to harden one’s account?
A
- 99CSULBCru!SeIsDBest
- 2FA - two factor authentication
- MFA - multi factor authentication
14
Q
You open Google Chrome and search for a new Razer mouse. The computer
reacts slowly. What type of hardware might be causing this?
A
- ~Network card
- ~Motherboard
- ~CPU
- =All answers above are possible
15
Q
Which of the following is not a physical control?
A
- Anti-Virus
16
Q
What is the purpose of the DMZ?
A
- A sub-network that exposes an organization’s external facing service.
17
Q
What is the purpose of the Ping command?
A
- Send packets to check if a host is reachable.
18
Q
Which of the following is a DDoS tool?
A
- LOIC - Low Orbit Ion Canon
- DoS - an attack from a single source
- DDoS - an attack from multiple sources
19
Q
Ping of Death is an example of which attack?
A
- DoS attack
20
Q
If someone hacked into a Facebook manager account and demand payment or they will release sensitive information to the public, what type of hacker would probably be involved?
A
- Black Hat
21
Q
Which of the following statements is FALSE? Choose one
A
- MAC addresses change according to the network, while IP addresses are fixed per computer and have a unique identifier.
- False
- IP addresses operate in the third layer, while MAC addresses operate in the second layer of the OSI model.
- True
- Which of the following statements is FALSE? Choose one. * MAC addresses change according to the network, while IP addresses are fixed per computer and have a unique identifier.
- ~An example of an IP address is 192.168.0.1 and an example of a MAC
- address is 00-50-56-C0-00-08. * 00:11:22:33:44:55
22
Q
What is the difference between a virus and a worm?
A
- Worms self-replicate but viruses do not.
23
Q
Select the terms below that make up the CIA triad? Choose all correct
answers.
A
- confidentiality, integrity, availability
24
Q
Which of the following is the main concept of MITM?
A
- When an attacker is between two other hosts and intercepts the communication.
25
What is one difference between APT and Script Kiddies?
* APT is typically sponsored by a nation or state, while Script Kiddies are not well-funded.
26
What are the layers of the OSI model?
* All People Seem To need Data Processing
| * Application, Presentation, session, Transport, Network, Data Link, Physical
27
What are the advantages of using virtualization?
* Can provide a safe lab environment for testing and threat investigation.
* Allows a single hardware platform to provide resources for multiple servers.
28
What is the purpose of the kernel in the operating system?
Manages hardware resources and availability to the software
29
Which is true about threads and processes?
* Each process has a separate memory space, unlike threads that use the same memory space of their parent process.
30
What is the Windows Registry?
A database that holds different system and application configurations
31
Which type of attack exploits a vulnerability in the TCP/IP 3-way handshake process?
* SYN flood
32
Which of the following tools can be used for flooding a host with network traffic?
* Hping3
33
Which of the following is the least secure protocol to use when setting up a wireless network?
* WEP
34
What is MAC flooding?
* Flooding a switch with requests until it reverts to broadcast mode
35
Which of the following is a name of a tool that can be used in order to initiate a MITM attack?
* Ettercap
36
Which aspects of the CIA triad does evidence preservation help ensure? Select all correct answers
* Integrity, Confidentiality
37
Firewall
inspects, detects, and blocks traffic based on places and parameters (IP,Port,etc).
38
Antivirus
inspects, detects, and removes malware
39
Cyber space
the mutual area - refers to info shared by computer and network.
40
CIA
confidentiality - the act of sharing or revealing info only to authorized personnel.
Integrity - The ability to ensure that information or data remains unchanged and accurate.
Availability - ensuring data or service accessibility to those who require it, when they require it.
41
1. Dos
| 2. Ddos
1. is from a single attacker
| 2. comes from multiple sources
42
EternalBlue
is an exploit that allows cyber threat actors to remotely execute arbitrary code and
gain access to a network by sending specially crafted packets
43
URL
uniform resource locator
44
http
hyper text transfer protocol
45
ftp
file transfer protocol
46
Https
hyper text transfer protocol secure
47
SMB
server message block
48
What 5 ports would you test
- Port 445 smb
- Port 53 dns
- Port 88 tcp/udp
- Port 22 ssh
- Port 8080 proxy and caching port
49
What is more secure ftp or ssh
ssh is more secure
50
Fuzzdb ports
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
51
2g
| 5g
2g farther
| 5g if you are closer
52
two things needed to connect to the internet?
MAC address and an IP address
53
MAC address is in
| IP address in in
MAC address is in hex a decimal
| IP address in in decimal
54
Smtp
Simple Mail Transfer Protocol - port 25
55
ACL
access control list
56
iscovered a fundamental flaw in the Domain Name System (DNS) protocol.
dan kaminsky
The flaw could allow attackers to easily perform cache poisoning attacks on most nameservers
57
CTF
Capture the Flag
58
DMZ
Demilitarized Zone
59
Cd
.
..
change directory
one dot means here
two dots means go back to previous
60
dir
is going to show the current directory
61
ping
check if a host is reachable
62
Mac flooding
is when an attacker floods a switch until it reverts to broadcast mode.
