NSE 1 - Information Security Awareness

Question 1

What is ATP ? social engineering attack

Answer 1

Advance Threat Protection
ATP-relies on multiple types of security technologies, products, and research, each performing a different role, but still working seamlessly together to combat attacks from the core of the network to the end user device. The three-part framework is conceptually simple—prevent, detect, mitigate; however, it covers a broad set of both advanced and traditional tools for network, application and endpoint security, threat detection, and

Question 2

What is Threat ?

Answer 2

A threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include computer viruses, data breaches, Denial of Service (DoS) attacks, and other attack vectors

Question 3

What is Attack ?

Answer 3

An attack, is the actual act of exploiting the information security system’s weaknesses.

Question 4

What is APT ?

Answer 4

A network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time. Typically, their intention is to steal data rather than to cause
damage to the network or organization. These attacks target organizations in sectors with high-value information,such as national defense, manufacturing, and the financial industry.

Question 5

What is AV/AM ?

Answer 5

Antivirus & Antimalware , Antivirus is an subset of AM.

Question 6

What is Attack Signature ?

Answer 6

Indentification File used by OS.
A file containing a data sequence used to identify an attack on the network, typically using an operating system or application vulnerability.
What type attack is .

Question 7

What is Attack Surface ?

Answer 7

Digital Platform used by attackers to attack .

Question 8

What is Authentication ?

Answer 8

A file containing a data sequence used to identify an attack on the network, typically using an operating system or application vulnerability.

Question 9

What is Authentication Token ?

Answer 9

The token is used in addition to or in place of a password for stronger authentication, to prove that the person is who they claim to be.
he server then validates them based on values registered in its credentials database. If the credentials are confirmed, the server responds with an authentication token (which is also kept in the database).
When the same user sends requests to access secured resources in the future, the requests can be authorized with the authentication token, rather than the username and password. The server validates the token against the registered token in the database and grants access. Authentication can be carried out using various types of tokens like OAuth and JSON Web Tokens (JWT).

Question 10

What is Authorization ?

Answer 10

Authorization is the process of giving someone the ability to access a resource.
A security mechanism used to determine user/client privileges or access levels related to system
resources, including computer programs, files, services, data, and application features. Authorization is normally
preceded by authentication for user identity verification.

Question 11

What is Baiting ?

Answer 11

The threat actor leaves behind a portable storage device, such as a USB stick, with an enticing label and in a
public area. When the victim inserts the device into their computer, it becomes infected.

Question 12

What is Behavior Monitoring ?

Answer 12

Observing activities of users, information systems, and processes and measuring the
activities against organizational policies and rule, baselines of normal activity, thresholds, and trends.

Question 13

What is Bot/Botnet ?

Answer 13

Network of private computers infected with malicious software and controlled as a group without the
owner’s knowledge, and used to perform a DDoS attack, steal data, or send spam. The threat actor controlling a
botnet is sometimes referred to as a “bot-herder”.

Question 14

What is Breach ?

Answer 14

The moment a hacker successfully exploits a vulnerability in a computer or device, and gains access to its
files and network.

Question 15

What is BEC ?

Answer 15

Business Email Compromise , Its a type of Social Engineering Attack

Question 16

List types of Social Engineering & Elaborate?

Answer 16

SpearPhishing , CEO Fraud,whaling,BEC
A form of Social Engineering Attack , attacker somehow redirects a user to phake identical website .

Attack that is targeted to victims who have an existing digital relationship with an online entity such as a bank or retail
website. A spear phishing message is often an e-mail although there are also text message and VoIP spear phishing attacks as well, which looks exactly like a legitimate communication from a trusted entity. The attack tricks the victim into clicking on a hyperlink to visit a company website only to be re-directed to a false version of the website operated
by attackers. The false website will often look and operate similarly to the legitimate site and focus on having the victim provide their logon credentials and potentially other personal identity information such as answers to their security questions, an account number, their social security number, mailing address, email address and/or phone
number. The goal of a spear phishing attack is to steal identity information for the purpose of account takeover or
identity theft.

Question 17

What is CEO Fraud ?

Answer 17

A form of Social Engineering Attack
(See Spearphishing)

Question 18

What is Cipher ?

Answer 18

In general term hiding data in some code
a cryptographic algorithm used to encrypt data or information.Some are AES,DES etc

Question 19

What is Spearphishing ?

Answer 19

Type Social Engineering Attack

Question 20

What is Clickbait ?

Answer 20

An online advertisement , and whose main purpose is to attract users to another website. Sometimes this website or the advertisement itself contains malware.

Question 21

What is Credential (or account) harvesting

Answer 21

Targeted attack to steal large number of credentials & emails.
Stealing of Credentials & Emal IDs b targeted attack .
A targeted attack that steals a large number of usernames, passwords, and email addresses.

Question 22

What is Credential Stuffing ?

Answer 22

Credential stuffing is a cyberattack method in which attackers use lists of compromised user credentials to breach into a system. The attack uses bots for automation and scale and is based on the assumption that many users reuse usernames and passwords across multiple services.

Question 23

What is XSS ?

Answer 23

Cross-site scripting - The process of adding malicious code to a genuine website to gather user information with a malicious intent. XSS attacks are possible through security vulnerabilities found in Web applications and are commonly exploited by injecting a client-side script. Although JavaScript is usually employed, some attackers also use VBScript, ActiveX or Flash.

Question 24

What is DDos Attack ?

Answer 24

Distributed denial of Services or DDoS Attack means “Distributed Denial-of-Service (DDoS) Attack” and it is a cybercrime in which the attacker floods a server with internet traffic to .
The systematic orchestration of a large number of compromised
systems spread across the Internet (see Botnets), each rapidly generating network requests to a target system. This flood of requests overwhelms the target server, resulting in the server’s inability to respond to legitimate requests

Question 25

What is DPI ?

Answer 25

Deep Packet Inspection is the act of examining the payload or data portion of a network packet as it passes through a firewall or other security device. DPI identifies and classifies network traffic based on signatures in the
payload. It examines packets for protocol errors, viruses, spam, intrusions, or policy violations.

Question 26

What is Deepfake ?

Answer 26

thetic media in which a person in an existing image or video is replaced with someone else’s .
An audio or video clip that has been edited and manipulated to seem real or believable. They can easily convince people into believing a certain story or theory that may have political or financial consequences.
A video of a person in which their face or body has been digitally altered so that they appear to be someone else, typically used maliciously or to spread false information.
AI is used to replace voice , audio and video

Question 27

What is Drive-by ?

Answer 27

A drive-by download attack refers to the unintentional download of malicious code to your computer or mobile device that leaves you open to a cyberattack. You don’t have to click on anything, press download, or open a malicious email attachment to become infected.

Question 28

What is Encryption ?

Answer 28

The process of converting readable information into unintelligible code in order to protect the privacy of the data.

In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decipher a ciphertext back to plaintext and access the original information.

Question 29

What is Exploit ?

Answer 29

a malicious application or script that can be used to take advantage of a computer’s vulnerability

To use something or to treat somebody unfairly for your own advantage

An exploit is a code that takes advantage of a software vulnerability or security flaw. It is written either by security researchers as a proof-of-concept threat or by malicious actors for use in their operations.

Question 30

What is an Firewall ?

Answer 30

A firewall is a Hardware Device or Software Application or network security device that monitors incoming and outgoing network traffic and permits or blocks data packets based on a set of security .

A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization’s previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

Question 31

What is Identity Theft or Identity Fraud ?

Answer 31

steals Personally Identifiable Information (PII), typically for economic gain.
Identity thieves usually obtain personal information such as passwords, ID numbers, credit card numbers or social security numbers, and misuse them to act fraudulently in the victim’s name. These sensitive details can be used for various illegal purposes including applying for loans, making online purchases, or accessing victim’s medical and financial data.

Question 32

What is PII ?

Answer 32

Personally Identifiable Information - Personally identifiable information (PII) is any data that could potentially identify a specific individual , like aadhar card etc . Which proves an individual identity.

Question 33

What is Impersonator ?

Answer 33

a person who pretends to be someone else for entertainment or fraud.
Social media impersonation is a type of identity theft scam. It usually involves the creation of a fake account on any of the popular social media platforms …

Question 34

What is IDS ?

Answer 34

An Intrusion Detection System (IDS) is a monitoring system that detects suspicious activities and generates alerts when they are detected.

Question 35

What is IPS ?

Answer 35

Intrusion prevention system (IPS) – IPS is a system that monitors a network for malicious activities, logs the information,attempts to block the activity, and reports it.

Question 36

What is Juice jacking ?

Answer 36

A security exploit in which an infected USB charging station is used to compromise connected devices.

Question 37

What is Keylogger ?

Answer 37

Keylogger –a computer program that records every keystroke made by a computer user, especially in order to gain fraudulent access to passwords and other confidential information.

Question 38

What is Malware ?

Answer 38

Software that brings harm to a computer system. Types of malware include worms, viruses,
Trojans, spyware, adware, and ransomware.

Question 39

What is NGFW ?

Answer 39

Next generation firewall (NGFW) – a class of firewall, as software or hardware, that is capable of detecting and blocking complicated attacks by enforcing security measures at the protocol, port, and application level

Question 40

What is Passive Attack ?

Answer 40

A passive attack is a network attack in which a system is monitored and sometimes scanned for open ports and vulnerabilities. The purpose of a passive attack is to gain information about the system being targeted; it does not involve any direct action on the target.

Question 41

What is confidentiality ?

Answer 41

Protection of Data from unauthorized access

Question 42

What is Integrity

Answer 42

Data Remains unchanged , untampered data

Question 43

Data Origin Authentication

Answer 43

xyz

Question 44

What is it called when a fraudulent email masquerades as a legitimate communication in an attempt to get a user to reveal sensitive information?

Answer 44

Phishing

Question 45

Attacking systems by exploiting unknown and unpatched vulnerabilities is also known as:

Answer 45

Zero-day exploits

Question 46

What is a common technique used by bad actors to steal credentials or to compromise computers?

Answer 46

Phishing

Question 47

What is the name of the malware that takes over a computer system and holds hostage the disk drives or other data?

Answer 47

Ransonware

Question 48

What is the primary motivation of the “Cyber Warrior”?

Answer 48

The political interest of their country’s government

Question 49

What is Espionage ?

Answer 49

Espionage, spying, or intelligence gathering जासूसी

Question 50

What is phishing ?

Answer 50

trick people into telling me their account names and passwords
directly. It can be done by creating identical web pages like the original website ,

Question 51

How phishing is done

Answer 51

Creating a web page, then send it specifically crafted email, email looks like it was sent by the real system

Question 52

Who is an hacker or hacktivist ?

Answer 52

Hacker or Hactivist relates to ddos attack by using botnets
Hacker are motivated by political, social, or moral outrage

Question 53

What is attack vector ?

Answer 53

Path of an attacker to enter in a system or network,
An attack vector is a path or means by which an attacker or hacker can gain access to a computer or network server in order to deliver a payload or

Question 54

What is confidentiality ?

Answer 54

Protecting data from unauthorised access

Question 55

What is ciphertext

Answer 55

Encoded string of plain text

Question 55

What is Data integrity

Answer 55

Unmodified data

Question 56

What is data authentication

Answer 56

When communication is happening between A and B,
B want to clarify that data is coming from actual source A.
This is called data authentication