Lecture 8a

Question 2

What do threat actors prioritize in their attacks?

Answer 2

Targeting networks

Question 3

What can exploiting a single network vulnerability expose?

Answer 3

Hundreds or thousands of devices

Question 4

What are some attacks that target a network or processes relying on a network?

Answer 4

Interception attacks Layer 2 attacks DNS attacks Distributed denial of service attacks Malicious coding and scripting attacks

Question 5

What is a Man-in-the-Middle (MITM) attack?

Answer 5

A threat actor positioned between two parties to eavesdrop or impersonate

Question 6

What are the two phases of a typical MITM attack?

Answer 6

Intercepting traffic and decrypting transmissions

Question 7

What does a replay attack do?

Answer 7

Makes a copy of a legitimate transmission and uses it later

Question 8

What techniques do threat actors use to steal an active session ID?

Answer 8

Network attacks endpoint attacks and Man-in-the-Browser (MITB)

Question 9

What is a Man-in-the-Browser (MITB) attack?

Answer 9

An attack intercepting communication between a browser and computer to steal or manipulate data

Question 10

What is Layer 2 in the OSI model responsible for?

Answer 10

Dividing data into packets

Question 11

What is ARP poisoning?

Answer 11

Manipulating the Address Resolution Protocol to link IP addresses to wrong MAC addresses

Question 12

What are common MAC spoofing attacks?

Answer 12

MAC cloning and MAC flooding

Question 13

What happens in a MAC cloning attack?

Answer 13

Attacker spoofs a valid MAC address and the switch updates its MAC table incorrectly

Question 14

What happens in a MAC flooding attack?

Answer 14

Attacker overflows switch MAC table with fake MAC addresses to disrupt normal traffic

Question 15

What does DNS stand for?

Answer 15

Domain Name System

Question 16

What happens in a DNS-based attack?

Answer 16

A DNS address is substituted to redirect a computer to a malicious device

Question 17

What are two consequences of a successful DNS attack?

Answer 17

URL redirection and damage to domain reputation

Question 18

What is DNS poisoning?

Answer 18

Modifying a local DNS lookup table to point to a malicious domain

Question 19

Where can DNS poisoning occur?

Answer 19

Local host table or external DNS server

Question 20

What is DNS hijacking?

Answer 20

Infecting an external DNS server with malicious IP addresses to redirect users

Question 21

How do attackers exploit DNS hijacking?

Answer 21

By exploiting protocol flaws to insert fraudulent DNS entries into authentic DNS servers

Question 22

What is a denial of service attack?

Answer 22

An attack to prevent authorized users from accessing a system by overwhelming it with requests

Question 23

What is a distributed denial of service (DDoS) attack?

Answer 23

A DoS attack using many infected devices to flood a server with requests

Question 24

What types of languages are used in malicious coding and scripting attacks?

Answer 24

PowerShell VBA Python and Bash

Question 25

What is PowerShell used for in attacks?

Answer 25

Injecting code into processes bypassing security without storing code on disk

Question 26

What is VBA commonly used for in attacks?

Answer 26

Creating malicious macros to automate harmful tasks

Question 27

What protections has Microsoft implemented against VBA macro malware?

Answer 27

Protected View Trusted Documents and Trusted Location

Question 28

What precautions should be taken when using Python to avoid vulnerabilities?

Answer 28

Use latest Python version keep updated on vulnerabilities careful string formatting and use vetted libraries

Question 29

What is Bash?

Answer 29

The command language interpreter for Linux and UNIX used for scripting

Question 30

What do network reconnaissance and discovery tools do?

Answer 30

Determine the strength and weaknesses of a network

Question 31

Name a Kali Linux tool that gathers information about emails usernames and subdomains.

Answer 31

theHarvester

Question 32

What is dnsenum used for?

Answer 32

Listing DNS information of a domain

Question 33

What does the tool Nessus do?

Answer 33

Vulnerability assessment

Question 34

What does the Linux command head do?

Answer 34

Displays the first 10 lines of a file

Question 35

What does the Linux command tail do?

Answer 35

Displays the last 10 lines of a file

Question 36

What does the Linux command grep do?

Answer 36

Searches for a keyword in files

Question 37

What is PowerShell?

Answer 37

A powerful scripting tool for task automation and configuration management

Question 38

What is Wireshark?

Answer 38

A GUI tool for capturing and analyzing network packets

Question 39

What is Tcpdump?

Answer 39

A command line packet analyzer

Question 40

What is a Faraday cage used for in hardware security?

Answer 40

Preventing electromagnetic spying by blocking electromagnetic fields

Question 41

What are some physical security controls?

Answer 41

External perimeter defenses internal physical security controls and computer hardware security

Question 42

What is industrial camouflage in physical security?

Answer 42

Making a building's presence nondescript to prevent detection

Question 43

What is a bollard used for?

Answer 43

A sturdy post blocking vehicles from entering secured areas

Question 44

What are examples of personnel used in external perimeter defense?

Answer 44

Security guards CCTV monitoring drones and robot sentries

Question 45

What is a mantrap in internal physical security?

Answer 45

A device controlling two interlocking doors to create an air gap between secure and nonsecure areas

Question 46

What is Protected Cable Distribution?

Answer 46

Cable conduits designed to protect classified data transmissions between secure areas

Question 47

Why is water not recommended for fire suppression in data centers?

Answer 47

It can contaminate electronic equipment

Question 48

What is a dry chemical fire suppression system?

Answer 48

A system dispersing fine powder to extinguish fires

Question 49

What does a clean agent fire suppression system do?

Answer 49

Extinguishes fires by reducing heat removing oxygen or inhibiting chemical reactions

Question 50

How can a laptop be physically secured?

Answer 50

Using a cable lock or placing it in a safe or vault

Question 51

What is electromagnetic interference (EMI)?

Answer 51

Interference caused by electromagnetic fields emitted by electronic devices

Question 52

What is the importance of physical security in network defense?

Answer 52

Prevents threat actors from physically accessing the network as well as remotely

Question 53

What is a demilitarized zone (DMZ) in cybersecurity physical security?

Answer 53

A physical area separating threat actors from defenders to protect network assets