Quiz 1

Question 1

Who was the main figure at Bletchley park that lead the effort to crack the Enigma codes and created the Bombe?

Answer 1

Alan Turing

Question 2

He is considered one of the first hackers but was mostly a phreaker and adept in the art of social engineering

Answer 2

Kevin Mitnick

Question 3

She studied under Charles Babbage and is the first person known to conceive of a reprogrammable computing device

Answer 3

Ada Lovelace

Question 4

He is considered, by many, to be the creator of the internet because he lead the Advanced Research Project Agency that created ARPAnet, a precursor to the internet

Answer 4

Larry Roberts

Question 5

He was another pivotal figure at Bletchley Park and his contributions include traffic analysis, a precursor to what Facebook and Google to with metadata today.

Answer 5

Gordon Welchman

Question 6

The electro-mechanical rotor cipher used to encrypt day-to-day messages to the German troops

Answer 6

Enigma Machine

Question 7

The first fully functional electric computer developed at the University of Pennsylvania

Answer 7

ENIAC

Question 8

This was the first operating system developed with security in mind from the ground up

Answer 8

Multics

Question 9

The two developments that shrunk computers and allowed for the decentralization of computing

Answer 9

Transistor and microprocessor

Question 10

This pre-computer device was developed by Charles Babbage to help compute Bernoulli Numbers

Answer 10

Differencing Engine

Question 11

What medium were the German codes being broadcast over during WWII?

Answer 11

Analog Radio Waves

Question 12

The main storage medium used to transfer large amounts of data between facilities during the cold war era

Answer 12

Magnetic Tape

Question 13

ARPAnet was the first to implement these protocols that we still use for many internet communications today; handshakes included

Answer 13

TCP / IP

Question 14

Robert Metcalf developed these standards that allow machines to talk to each other over a LAN

Answer 14

Ethernet

Question 15

Many of the problems we see with internet security today, stem from the early use of these standards rather than adopting industry standards that had been well vetted

Answer 15

“De facto”

Question 16

The Tech Model Railroad club came up with this early “hacker dictionary” that is still in use today

Answer 16

The Jargon File

Question 17

These were the two decades in which the primary development of the internet took place

Answer 17

1970s and 1980s

Question 18

She is credited with finding the first computer “bug”

Answer 18

Grace Hopper

Question 19

She is credited with conceptualizing and creating the first interpreter to ease the burdens of programming

Answer 19

Grace Hopper

Question 20

This was the first computer security paper that detailed the need for security measures beyond that of physically locking down access to the machines

Answer 20

The Rand Report R-609

Question 21

This term refers to an attacker gaining access to a target’s network

Answer 21

Infiltrate

Question 22

This term refers to going through the garbage trying to find PII and/or confidential information

Answer 22

Dumpster Diving

Question 23

This type of exploit is one for which there, currently, is no patch from the vendor

Answer 23

Zero day

Question 24

Where were access numbers written for some of the first hackers to find and utilize?

Answer 24

Phone Booths

Question 25

What network joined ARPAnet in 1986; the time when it was first referred to as "The Internet"

Answer 25

NSFNet

Question 26

A substitution cipher is also somtimes referred to after this historical figure that achieved his encryption by shifting all letters 3 places to the right

Answer 26

Caesar

Question 27

This general type of encryption uses the same key to encrypt and decrypt

Answer 27

Symmetric

Question 28

This algorithm uses the binary representation of data

Answer 28

XOR

Question 29

This cipher uses the numerical location of each letter within the alphabet

Answer 29

Vernam

Question 30

This early encryption method was developed by the Spartans and involved wrapping a papyrus around a rod of a certain size

Answer 30

Scytale

Question 31

What does the C of the CIA triangle of Information Security stand for?

Answer 31

Confidentiality

Question 32

What do the I and A of the CIA triangle stand for?

Answer 32

Integrity and Availability

Question 33

Something that has value to an individual and organization is known as this in technical terms

Answer 33

Asset

Question 34

This specific person or entity that carries out an exploit is known as this

Answer 34

Threat Agent

Question 35

What is the password software that we spoke of in class and can be utilized by an attacker to perpetrate pass the hash or ticket attacks?

Answer 35

Mimikatz

Question 36

When speaking of encryption, this is the original [human readable] version of a message

Answer 36

Plaintext

Question 37

When speaking of encryption, this is the encrypted version of a message; not human readable

Answer 37

Ciphertext or cryptogram

Question 38

This term refers to the time it would take for cryptanalysis to successfully decrypt a message when the key is unknown

Answer 38

Work Factor

Question 39

Asymmetric encryption is known as this type of encryption because two different keys are involved

Answer 39

Public Key

Question 40

This type of cryptography involves hiding messages inside of something else, such as an image

Answer 40

Steganography

Question 41

These people used non-standard hieroglyphs to create the first known form of encryption

Answer 41

Egyptians

Question 42

This type of attack against a crypto system involves trying every possible combination for a given character set

Answer 42

Brute Force

Question 43

During WWII, this group of Native Americans used their language in addition to new code words to create the only non-computer generated encryption to not be broken during either world war

Answer 43

Navajo Code Talkers

Question 44

With private key encryption, when delivering the key, you want to deliver it by a different means from the ciphertext; also known as this...

Answer 44

Out of band

Question 45

This term refers to the ability for PKI to enforce online transactions; the user can be held accountable with reasonable assurance that they carried out the transaction

Answer 45

Nonrepudiation

Question 46

This command can be used to test network connectivity as well as tell if a system is active on the network

Answer 46

ICMP

Question 47

This command shows you every hop a packet takes along its way to the destination

Answer 47

Traceroute

Question 48

This command can be used to retrieve the MAC address of a client on the network; whether or not it is replying to PING requests

Answer 48

ARP

Question 49

This command allows you to see all the ports actively connected or listening on the local machine

Answer 49

Netstat

Question 50

We utilized this command to remotely scan another machine on the network and find information like open ports and potentially detect the OS

Answer 50

nmap / zenmap

Question 51

This was the group we had to add our account to for it to become an administrator on the domain

Answer 51

Domain Admins

Question 52

This is the name of Microsoft's server role that allows for establishing a domain

Answer 52

Active Directory

Question 53

This is the commandline environment we have been running commands in

Answer 53

powershell

Question 54

This is the term that is used to refer to a server that is part of a domain, but NOT a domain controller

Answer 54

Member Server

Question 55

This is the built-in Windows virtualization platform we are utilizing in class

Answer 55

Hyper-V

Question 56

When setting what all will be entailed in the assessment, you are setting this

Answer 56

Scope

Question 57

This should be the final step in your risk assessment

Answer 57

Documentation

Question 58

This should be the 2nd step of a risk assessment

Answer 58

Identify Risks

Question 59

You should consider these individuals in most risk assessments as they are often the biggest threat

Answer 59

Insiders / your own employees

Question 60

If you have to follow rules set by a governing body because of the type of data you process, then it is said you must be in this...

Answer 60

Compliance