DOMAIN 1

Question 1

SOCIAL ENGINEERING

Answer 1

an attempt by an attacker to convince someone to provide info (like a password) or
perform an action they wouldn’t normally perform (such as clicking on a malicious link).

Question 2

PHISHING

Answer 2

commonly used to try to trick users into giving up personal information (such as user
accounts and passwords), click a malicious link, or open a malicious attachment.

Question 3

SPEAR PHISHING

Answer 3

targets specific groups of users

Question 4

WHALING

Answer 4

targets high level executives

Question 5

VISHING

Answer 5

(voice phishing) phone based

Question 6

SMISHING

Answer 6

uses SMS (text) messaging on mobile

Question 7

SPAM

Answer 7

Unsolicited email, generally
considered an irritant

Question 8

SPIM

Answer 8

SPAM over instant messaging, also
generally considered an irritant

Question 9

DUMPSTER DIVING

Answer 9

Gathering important details (intelligence) from
things that people have thrown out in their trash.

Question 10

TAILGATING

Answer 10

when an unauthorized individual might
follow you in through that open door
without badging in themselves.

Question 11

ELICITING INFORMATION

Answer 11

strategic use of casual conversation
to extract information without the
arousing suspicion of the target

Question 12

SHOULDER SURFING

Answer 12

a criminal practice where thieves
steal your personal data by spying
over your shoulder

Question 13

PHARMING

Answer 13

an online scam
similar to phishing, where
a website’s traffic is manipulated, and
confidential information is stolen.

Question 14

IDENTITY FRAUD

Answer 14

use of another person’s
personal information,
without authorization, to commit a crime or to
deceive or defraud that person or other 3rd party.

Question 15

PREPENDING

Answer 15

Prepending is adding words or phrases like “SAFE”
to a malicious file or suggesting topics via social
engineering to uncover information of interest.

Question 16

INVOICE SCAMS

Answer 16

fake invoices with a goal of receiving money or
by prompting a victim to put their credentials
into a fake login screen.

Question 17

CREDENTIAL HARVESTING

Answer 17

attackers trying to gain access to your
usernames and passwords that might be
stored on your local computer.

Question 18

PASIVE DISCOVERY

Answer 18

Techniques that DO NOT send packets to the target; like Google hacking, phone
calls, DNS and WHOIS lookups.

Question 19

SEMI-PASSIVE DISCOVERY

Answer 19

Touches the target with packets in a non
aggressive fashion to avoid raising
alarms of the target.

Question 20

ACTIVE DISCOVERY

Answer 20

More aggressive techniques likely to be noticed by the target, including port
scanning, and tools like nmap and Metaspoit.

Question 21

HOAXES

Answer 21

Intentional falsehoods coming in a variety of forms ranging from virus
hoaxes to fake news. Social media plays a prominent role in hoaxes today.

Question 22

IMPERSONATION

Answer 22

A form of fraud in which attackers pose as a known or trusted person to
dupe the user into sharing sensitive info, transferring money, etc.

Question 23

WATERING HOLE ATTACK

Answer 23

Attack strategy in which an attacker guesses or observes which websites an
organization often uses and infects one or more of them with malware.

Question 24

TYPOSQUATTING
aka “URL hijacking”

Answer 24

a form of cybersquatting (sitting on
sites under someone else’s brand or
copyright) targeting users who type
an incorrect website address

Question 25

PRESTEXTING

Answer 25

An attacker tries to convince a victim to give up information of value, or access to a service or system. The attacker develops a story, or pretext, in order to fool the victim.

Question 26

INFLUENCE CAMPAIGNS

Answer 26

A social engineering attack intended to manipulate the thoughts and minds of large groups of people.

Question 27

HYBRID WARFARE

Answer 27

Attack using a mixture of conventional and unconventional methods and resources to carry out the campaign. Including: - SOCIAL MEDIA: May use multiple social platforms leveraging multiple/many individuals to amplify the message, influencing credibility. May involve creating multiple fake accounts to post content and seed the spread. And may even include paid advertising.

Question 28

PRINCIPLES OF SOCIAL ENGINEERING

Answer 28

- Authority - Intimidation - Consensus - Scarcity - Familiarity aka "liking" - Trust - Urgency

Question 29

APPLICATION ATTACKS

Answer 29

attacks attackers use to exploit poorly written software .

Question 30

ROOTKIT (escalation of privilege)

Answer 30

freely available on the internet and exploit known vulnerabilities in various operating systems enabling attackers to elevate privilege. Countermeasures: keep security patches up to date anti malware software, EDR/XDR

Question 31

BACK DOOR

Answer 31

undocumented command sequences that allow individuals with knowledge of the back door to bypass normal access restrictions. often used in development and debugging. Countermeasures: firewalls, anti malware, network monitoring, code review.

Question 32

COMPUTER VIRUS

Answer 32

a type of malicious code or program written to alter the way a computer operates and is designed to spread from one computer to another.

Question 33

TYPES OF VIRUSES

Answer 33

Crypto-malware Hoaxes Logic Bombs Trojan Horse

Question 34

TYPES OF MALWARE

Answer 34

- Worm - Potentially Unwanted Programs (PUPs) - Keylogger - Spyware - Fileless virus - Command and control - Remote access trojan (RAT) - Ransomware

Question 35

FILELESS VIRUS

Answer 35

a type of malicious software that does not rely on virus laden files to infect a host. Instead, it exploits applications that are commonly used for legitimate and justified activity to execute malicious code in resident memory.

Question 36

COMMAND AND CONTROL

Answer 36

a computer controlled by an attacker or cybercriminal which is used to send commands to systems compromised by malware and receive stolen data from a target network.

Question 37

REMOTE ACCESS TROJAN

Answer 37

a malware program that gives an intruder administrative control over a target computer.

Question 38

RANSOMWARE

Answer 38

infects a target machine and then uses encryption technology to encrypt documents, spreadsheets, and other files stored on the system with a key known only to the malware creator. user is then unable to access their files and receives an ominous pop up message warning that the files will be permanently deleted unless a ransom is paid within a short period of time. * Ransomware is a trojan variant.

Question 39

RANSOMWARE OCUNTERMEASURES

Answer 39

- Back up your computer - Store backups separately - File auto versioning

Question 40

RANSOMWARE PREVENTION

Answer 40

- Update and patch computers - Use caution with web links - Use caution with email attachments - Verify email senders - Preventative software programs - User awareness training (Most important defense).

Question 41

PASSWORD ATTACKS

Answer 41

- Dictionary Attacks - Password Spraying - Offline - Online - Plaintext/unencrypted - Brute Force Attack - SALTS Cryptographic

Question 42

DICTIONARY ATTACKS

Answer 42

Use programs with built in dictionaries. They attempt all dictionary words to try and find the correct password, in the hope that a user would have used a standard dictionary word.

Question 43

PASSWORD SPRAYING

Answer 43

Attacker tries a password against many different accounts to avoid lockouts that typically come when brute forcing a single account. Succeeds when admin or application sets a default password for new users

Question 44

OFFLINE

Answer 44

Attempt to discover passwords from a captured database or captured packet scan.

Question 45

ONLINE

Answer 45

Attempts to discover a password from an online system. For example, an attacker trying to log on to an account by trying to guess a user’s password. *Most web and wi-fi attacks are online attacks.

Question 46

PLAINTEXT/UNENCRYPTED

Answer 46

Protocols and authentication methods that leave credentials unencrypted, like basic authentication and telnet.

Question 47

BRUTE FORCE ATTACK

Answer 47

Attempts to randomly find the correct cryptographic key attempting all possible combinations (trial and error). Password complexity and attacker resources will determine effectiveness of this attack.

Question 48

SALTS Cryptographic

Answer 48

Attackers may use rainbow tables , which contain precomputed values of cryptographic hash functions to identify commonly used passwords A salt is random data that is used as an additional input to a one way function that hashes data, a password or passphrase. Adding salts to the passwords before hashing them reduces the effectiveness of rainbow table attacks.

Question 49

MULTI-FACTOR AUTHENTICATION

Answer 49

- Something you KNOW (pin or password) - Something you HAVE (trusted device) - Something you ARE (biometric) *Multi-factor Authentication prevents: - Phishing - Spear phishing - Keyloggers - Credential stuffing - Brute force and reverse brute force attacks - Man-in-the-middle (MITM) attacks

Question 50

BOTS, BOTNETS, AND BOT HERDERS

Answer 50

Represent significant threats due to the massive number of computers that can launch attacks

Question 51

BOTNET

Answer 51

a collection of compromised computing devices (often called bots or zombies).

Question 52

BOT HERDER

Answer 52

criminal who uses a command and control server to remotely control the zombies often use the botnet to launch attacks on other systems, or to send spam or phishing emails.

Question 53

PHYSICAL ATTACKS

Answer 53

- Malicious Flash Drive - Malicious USB cable - Card cloning - Skimming

Question 54

MALICIOUS FLASH DRIVE

Answer 54

Attack c omes in two common forms Drives dropped where they are likely to be picked up. Sometime effectively a trojan, shipped with malware installed after leaving the factory.

Question 55

MALICIOUS USB CABLE

Answer 55

Less likely to be noticed than a flash drive. May be configured to show up as a human interface device (e.g. keyboard).

Question 56

CARD CLONING

Answer 56

Focuses on capturing info from cards used for access, like RFID and magnetic stripe cards.

Question 57

SKIMMING

Answer 57

Involve fake card readers or social engineering and handheld readers to capture (skim) cards, then clone so attacker may use for their own purposes. *Device ( skimmer) often installed at POS devices like ATM and gas pumps.

Question 58

ADVERSARIAL ARTIGICIAL INTELLIGENCE

Answer 58

A rapidly developing field targeting AI and Machine Learning (ML).

Question 59

TAINTED TRAINING DATA FOR MACHINE LEARNING (ML)

Answer 59

Data poisoning that supplies AI and ML algorithms with adversarial data that serves the attackers purposes, or attacks against privacy.

Question 60

SECURITY OF MACHINE LEARNING ALGORITHMS

Answer 60

Validate quality and security of the data sources. Secure infrastructure and environment where AI and ML is hosted. Review, test, and document changes to AI and ML algorithms.

Question 61

ARTIFICIAL INTELLIGENCE

Answer 61

Focuses on accomplishing “smart” tasks combining machine learning and deep learning to emulate human intelligence

Question 62

MACHINE LEARNING

Answer 62

A subset of AI, computer algorithms that improve automatically through experience and the use of data.

Question 63

DEEP LEARNING

Answer 63

a subfield of machine learning concerned with algorithms inspired by the structure and function of the brain called artificial neural networks.

Question 64

SUPPLY CHAIN ATTACKS

Answer 64

a cyber-attack that seeks to damage an organization by targeting less-secure elements in the supply chain. Often attempt to compromise devices, systems, or software before it reaches an organization.

Question 65

CLOUD-BASED ATTACKS

Answer 65

Data center is often more secure and less vulnerable to disruptive attacks (like DDoS) On the downside, you will not have facility level or physical system level audit access.

Question 66

ON-PREMISES ATTACKS

Answer 66

You do not benefit from the cloud’s shared responsibility model. You have more control but are responsible for security of the full stack.

Question 67

COLLISION ATTACK

Answer 67

attack on a cryptographic hash to find two inputs that produce the same hash value beat with collision resistant hashes

Question 68

DOWNGRADE ATTACK

Answer 68

when a protocol is downgraded from a higher mode or version to a low quality mode or lower version. *Commonly targets TLS.

Question 69

BIRTHDAY ATTACK

Answer 69

an attempt to find collisions in hash functions. *Commonly targets digital signatures

Question 70

REPLAY ATTACK

Answer 70

an attempt to reuse authentication requests. *Targets authentication ( often Kerberos).

Question 71

APPLICATION ATTACKS

Answer 71

A security hole created when code is executed with higher privileges than those of the user running it.

Question 72

PRIVILEGE ESCALATION

Answer 72

a type of injection using malicious scripts

Question 73

CROSS-SITE SCRIPTING (XXS)

Answer 73

A type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. Occur when an attacker uses a web application to send malicious code to a different end user.

Question 74

CROSS-SITE REQUEST FORGERY (XSRF OR CSRF)

Answer 74

similar to cross-site scripting attacks but exploits a different trust relationship. exploits trust a website has for your browser to execute code on the user’s computer.

Question 75

DYNAMIC-LINK LIBRARY (DLL)

Answer 75

Is a situation in which the malware tries to inject code into the memory process space of a library using a vulnerable/compromised DLL.

Question 76

LIGHTWEIGHT DIRECTORY ACCESS PROTOCOL (LDAP)

Answer 76

exploits weaknesses in LDAP implementations. This can occur when the user’s input is not properly filtered, and the result can be executed commands, modified content, or results returned to unauthorized queries.

Question 77

EXTENSIBLE MARKUP LANGUAGE (XML)

Answer 77

when users enter values that query XML (known as XPath) with values that take advantage of exploits, it is known as an XML injection attack. XPath works in a similar manner to SQL, except that it does not have the same levels of access control, so exploits can return entire documents.

Question 78

INJECTIONS (INJECTION ATTACKS)

Answer 78

used to compromise web front-end and backend databases.

Question 79

SQL INJECTION ATTACKS

Answer 79

Use unexpected input to a web application to gain unauthorized access to an underlying database. *NOT new and can be prevented through good code practices.

Question 80

POINTER/OBJECT DEREFERENCE

Answer 80

An attack that consists of finding null references in a target program and dereferencing them, causing an exception to be generated. *Dereferencing means taking away the reference and giving you what it was actually referring to. *GOOD coding is the best protection.