Revision lecture

Question 1

Man-in-the-Middle (MITM)

Answer 1

Intercepting and potentially altering communication between two parties

Question 2

DoS/DDoS

Answer 2

Overwhelming a network or service with traffic to make it unavailable

Question 3

Privilege Escalation

Answer 3

gaining higher access than intended

Question 4

Code Injection

Answer 4

inserting malicious code into legitimate
programs

Question 5

Malware

Answer 5

Worms, viruses, trojans, bots, ransomware

Question 6

Buffer Overflow

Answer 6

exploiting memory errors to gain control

Question 7

Phishing

Answer 7

tricking users into revealing sensitive information

Question 8

Where Problems Originate

Answer 8

Code, applications, configurations, networks, and users

All layers of the system can introduce vulnerabilities

Question 9

What is Social Engineering?

Answer 9

The use of psychological manipulation to trick individuals into
giving up confidential information or access.

Focuses on exploiting human behavior rather than technical
flaws

Question 10

Phishing

Answer 10

fake emails/websites to steal credentials

Question 11

Pretexting

Answer 11

creating a fabricated scenario to obtain data

Question 12

Baiting

Answer 12

offering something enticing to get victims to ac

Question 13

Quid Pro Quo

Answer 13

offering a service in exchange for information

Question 14

Tailgating

Answer 14

following someone into a secure area

Question 15

Why Do People Fall for Social Engineering?

Answer 15

Greed – offers that are too good to be true

Impersonation – attackers pretending to be someone trusted

Authority – false claims of power or position

Urgency – pressure to act quickly, reducing critical thinking

Question 16

Programming Flaws that Lead to Security Issues

Answer 16

Code Injection: Attacker injects malicious code that is
executed by the application

Uninitialized Variables: Can take on unsafe default values,
causing unintended behavior

Stack Vulnerabilities: The stack stores local variables and
the return address