Module 3 Flashcards
(122 cards)
1
Q
What are the 3 CIA Triad
A
Confidentiality, Integrity, Availability
2
Q
Anything of value to the organization. It includes people, equipment, resources, and data
A
Asset
3
Q
A weakness in a system, or its design, that could be exploited by a threat
A
vulnerability
4
Q
A potential danger to a company’s assets, data, or network functionality
A
threat
5
Q
A mechanism that takes advantage of a vulnerability
A
exploit
6
Q
Counter-measure that reduces the likelihood or severity of a potential threat or risk.
A
mitigation
7
Q
The likelihood of a threat to exploit the vulnerability of an asset, with the aim of negatively affecting an organization
A
risk
8
Q
A path by which a threat actor can gain access to a server, host, or network.
A
attack vector
9
Q
____ or data exfiltration is when data is intentionally or unintentionally lost, stolen, or leaked to the outside world
A
Data loss
10
Q
What should be done to confidential data no longer required by a company
A
shredded
11
Q
Hackers are also called as ____
A
threat actors
12
Q
Ethical hackers who use their programming skills for good, ethical, and legal purposes.
A
White Hat Hackers
13
Q
These are individuals who commit crimes and do arguably unethical things, but not for personal gain or to cause damage
A
Gray Hat Hackers
14
Q
These are unethical criminals who compromise computer and network security for personal gain, or for malicious reasons, such as attacking networks
A
Black Hat Hackers
15
Q
These are teenagers or inexperienced hackers running existing scripts, tools, and exploits, to cause harm, but typically not for profit.
A
Script Kiddies
16
Q
These are usually gray hat hackers who attempt to discover exploits and report them to vendors, sometimes for prizes or rewards
A
Vulnerability Broker
17
Q
These are gray hat hackers who publicly protest organizations or governments by posting articles, videos, leaking sensitive information, and performing network attacks.
A
Hacktivists
18
Q
These are black hat hackers who are either self-employed or working for large cybercrime organizations
A
Cyber criminals
19
Q
These are either white hat or black hat hackers who steal government secrets, gather intelligence, and sabotage networks. Their targets are foreign governments, terrorist groups, and corporations
A
State-Sponsored
20
Q
Penetration Testing Tool which repeatedly make guesses in order to crack the password
A
Password Crackers
21
Q
Penetration Testing Tool used to intentionally hack into a wireless network to detect security vulnerabilities.
A
Wireless Hacking Tools
22
Q
Tools that are used to probe network devices, servers, and hosts for open TCP or UDP ports.
A
Network Scanning and Hacking Tools
23
Q
These tools are used to probe and test a firewall’s robustness using specially crafted forged packets
A
Packet Crafting Tools
24
Q
These tools are used to capture and analyze packets within traditional Ethernet LANs or WLANs
A
Packet Sniffers
25
Tools used by threat actors to discover a computer’s security vulnerabilities.
Fuzzers to Search Vulnerabilities
26
These tools are used by white hat hackers to sniff out any trace of evidence existing in a computer.
Forensic Tools
27
These tools are used by black hats to reverse engineer binary files when writing exploits.
Debuggers
28
This is when a threat actor captures and “listens” to network traffic.
Eavesdropping Attack
29
If threat actors have captured enterprise traffic, they can alter the data in the packet without the knowledge of the sender or receiver (type of threat actor attack)
Data Modification Attack
30
This happens when a threat actor constructs an IP packet that appears to originate from a valid address inside the corporate intranet
IP Address Spoofing Attack
31
Type of attack where threat actors could use a valid account to obtain lists of other users, network information, change server and network configurations, and modify, reroute, or delete data.
Password-Based Attacks
32
A ___ attack prevents normal use of a computer or network by valid users. It can also flood a computer or the entire network with traffic until a shutdown occurs because of the overload.
Denial of Service Attack
33
This attack occurs when threat actors have positioned themselves between a source and destination. They can now actively monitor, capture, and control the communication transparently
Man-in-the-Middle Attack
34
If a threat actor obtains a secret key, that key is referred to as a compromised key. A compromised key can be used to gain access to a secured communication without the sender or receiver being aware of the attack
Compromised-Key Attack
35
___ require human action to propagate and infect other computers.
viruses
36
____ hides by attaching itself to computer code, software, or documents on the computer.
virus
37
This type of malware is a program that looks useful but also carries malicious code. They are often provided with free online programs such as computer games.
trojan horses
38
Type of malware that can display unsolicited advertising using pop-up web browser windows, new toolbars, or unexpectedly redirect a webpage to a different website
adware
39
Type of malware that denies a user access to their files by encrypting the files and then displaying a message demanding a ransom for the decryption key.
ransomware
40
Used by threat actors to gain administrator account-level access to a computer. They are very difficult to detect because they can alter firewall, antivirus protection, system files, and even OS commands to conceal their presence.
Rootkit
41
Like adware but, used to gather information about the user and send to threat actors without the user’s consent.
spyware
42
What does CVE stand for?
Common Vulnerabilities and Exposures
43
A self-replicating program that propagates automatically without user actions by exploiting vulnerabilities in legitimate software. The intent of is usually to slow or disrupt network operations
worm
44
What does CWE stand for?
Common Weaknesses Enumeration
45
List of known instances of vulnerabilities within a product or a
system
Common Vulnerabilities and Exposures (CVE)
46
Dictionary of weaknesses that may lead to vulnerability
Common Weaknesses Enumeration (CWE)
47
Threat actors use this attack to do unauthorized discovery and mapping of systems, services, or vulnerabilities. This attack precedes access attacks or DoS attack
Reconnaissance Attacks
48
This type of attack exploits known vulnerabilities in authentication services, FTP services, and web services. The purpose of is to gain entry to web accounts, confidential databases, and other sensitive information
access attacks
49
In this attack, the threat actor attempts to discover critical system passwords using various methods
Password Attacks
50
In this attack, the threat actor device attempts to pose as another device by falsifying data
spoofing attack
51
_____ is an access attack that attempts to manipulate individuals into performing actions or divulging confidential information. Some techniques are performed in-person while others may use the telephone or internet
Social engineering
52
A threat actor pretends to need personal or financial data to confirm the identity of the recipient.
Pretexting
53
A threat actor sends fraudulent email which is disguised as being from a legitimate, trusted source to trick the recipient into installing malware on their device, or to share personal or financial information
Phishing
54
A threat actor creates a targeted phishing attack tailored for a specific individual or organization.
Spear phishing
55
Also known as junk mail, this is unsolicited email which often contains harmful links, malware, or deceptive content
Spam
56
Sometimes called “Quid pro quo”, this is when a threat actor requests personal information from a party in exchange for something such as a gift
Something for Something
57
A threat actor leaves a malware infected flash drive in a public location. A victim finds the drive and unsuspectingly inserts it into their laptop, unintentionally installing malware
Baiting
58
This type of attack is where a threat actor pretends to be someone they are not to gain the trust of a victim.
Impersonation
59
This is where a threat actor quickly follows an authorized person into a secure location to gain access to a secure area.
Tailgating
60
This is where a threat actor inconspicuously looks over someone’s shoulder to steal their passwords or other information.
Shoulder surfing
61
This is where a threat actor rummages through trash bins to discover confidential documents
Dumpster diving
62
Similar to a DoS attack, but it originates from multiple, coordinated sources.
Distributed DoS Attack (DDoS)
63
Two major types of DoS attacks
Overwhelming Quantity of Traffic and Maliciously Formatted Packets
64
Threat actors use Internet Control Message Protocol (ICMP) echo packets (pings) to discover subnets and hosts on a protected network, to generate DoS flood attacks, and to alter host routing tables.
ICMP attacks
65
Threat actors attempt to prevent legitimate users from accessing information or services using DoS and DDoS attacks.
Amplification and
reflection attacks
66
Threat actors spoof the source IP address in an IP packet to perform blind spoofing or non-blind spoofing.
Address spoofing attacks
67
Threat actors position themselves between a source and destination to transparently monitor, capture, and control the communication. They could eavesdrop by inspecting captured packets, or alter packets and forward them to their original destination.
Man-in-the-middle attack (MITM)
68
Threat actors gain access to the physical network, and then use an MITM attack to hijack a session
Session hijacking
69
This is used to perform host verification and DoS attacks. (ICMP Message)
ICMP echo request and echo reply
70
This is used to perform network reconnaissance and scanning attacks (ICMP Message)
ICMP unreachable
71
This is used to map an internal IP network. (ICMP Message)
ICMP mask reply
72
This is used to lure a target host into sending all traffic through a compromised device and create a MITM attack (ICMP Message)
ICMP redirects
73
This is used to inject bogus route entries into the routing table of a target host. (ICMP Message)
ICMP router discovery
74
Address Spoofing Attack where the threat actor can see the traffic that is being sent between the host and the target.
Non-blind spoofing
75
Address Spoofing Attack where the threat actor cannot see the traffic that is being sent between the host and the target; used in DoS attacks
Blind spoofing
76
What does TCP stand for?
Transmission Control Protocol
77
What does UDP stand for?
user datagram protocol
78
3 TCP Services
Reliable delivery, flow control and stateful communication
79
Protocol that defines an automated service that matches resource names, such as www.cisco.com, with the required numeric network address, such as the IPv4 or IPv6 address.
Domain Name Service (DNS)
80
4 kinds of DNS attacks
*DNS open resolver attacks
*DNS stealth attacks
*DNS domain shadowing attacks
*DNS tunneling attacks
81
Involves the threat actor gathering domain account credentials in order to silently create multiple sub-domains to be used during the attacks.
DNS Domain Shadowing Attacks
82
Threat actors who use _______ place non-DNS traffic within DNS traffic
DNS tunneling
83
Occurs when a rogue DHCP server is connected to the network and provides false IP configuration parameters to legitimate clients
DHCP spoofing attack
84
Only authorized individuals, entities, or processes can access sensitive information. It may require using cryptographic encryption algorithms such as AES to encrypt and decrypt data. (CIA security triad)
Confidentiality
85
Refers to protecting data from unauthorized alteration. It requires the use of cryptographic hashing algorithms such as SHA (CIA security triad)
Integrity
86
Authorized users must have uninterrupted access to important resources and data. It requires implementing redundant services, gateways, and links. (CIA security triad)
Availability
87
A system, or group of systems, that enforces an access control policy between networks
Firewalls
88
What does ESA stand for?
Email Security Appliance
89
What does SMTP stand for?
Simple Mail Transfer Protocol
90
What does WSA stand for?
Web Security Appliance
91
Guarantees that the sender cannot repudiate, or refute, the validity of a message sent.
Data Non-Repudiation
92
___ functions are used to ensure the integrity of a message. They guarantee that message data has not changed accidentally or intentionally
Hash
93
What are the three well-known hash functions?
MD5 with 128-bit Digest (Legacy)
SHA Hashing Algorithm (Legacy)
SHA-2
94
HMAC
hash message authentication code
95
Encryption class where they use the same pre-shared key, also called a secret key, to encrypt and decrypt data. A pre-shared key is known by the sender and receiver before any encrypted communications can take place.
Symmetric Encryption
96
_____ algorithms, also called public-key algorithms, are designed so that the key that is used for encryption is different from the key that is used for decryption.
Asymmetric
97
What does IKE stand for?
Internet Key Exchange
98
What does SSL stand for?
Secure Socket Layer
99
This protocol provides a secure remote access connection to network devices
Secure Shell (SSH)
100
This computer program provides cryptographic privacy and authentication. It is often used to increase the security of email communications.
Pretty Good Privacy (PGP)
101
An asymmetric mathematical algorithm where two computers generate an identical shared secret key without having communicated before. The new shared key is never actually exchanged between the sender and receiver.
Diffie-Hellman (DH)
102
Role of the red team in pen testing?
Offensive team
103
Role of the blue team in pen testing?
defense team
104
Role of the purple team in pen testing?
offense and defense
105
Role of the white team in pen testing?
arbiters
106
Role of the yellow team in pen testing?
builders
107
Role of the orange team in pen testing?
offensive and builders
108
Role of the green team in pen testing?
defense and builders
109
What does MFA mean?
Multi-Factor Authenticator
110
Phishing in SMS
Smishing
111
Phishing in voice or calls
vishing
112
What does IP stand for?
Internet Protocol
113
What does ARP stand for?
address resolution protocol
114
What does DNS stand for?
domain name system/service
115
What does DHCP stand for?
dynamic host configuration protocol
116
What does FTP stand for?
file transfer protocol
117
What does TFTP stand for?
trivial FTP
118
What does NFS mean?
network file system
119
What does VoIP mean?
voice over IP
120
What does VoLTE stand for?
voice over long term evolution
121
What does IPS stand for?
Intrusion Prevention System
122
What does IDS stand for?
Intrusion Detection System
