Round 3 Everything so far Flashcards
(111 cards)
1
Q
1
A
ICMP
2
Q
20
A
FTP Data
3
Q
21
A
FTP Signal
4
Q
23
A
Telnet
5
Q
53
A
DNS
6
Q
67, 68
A
DHCP
7
Q
69
A
TFTP
8
Q
80
A
HTTP
9
Q
110
A
POP3
10
Q
113
A
NTP
11
Q
119
A
NNTP
12
Q
143
A
IMAP
13
Q
443
A
HTTPS
14
Q
25
A
SMTP
15
Q
49
A
TACACS+
16
Q
389
A
LDAP
17
Q
3389
A
RDP
18
Q
636
A
LDAPS
19
Q
OSI Model In Order
A
Physical, Data, Network, Transport, Session, Presentation, Application
20
Q
Physical does ?
A
bit transmission
21
Q
Data Link Does ?
A
Framing / Mac addressing
22
Q
Network does ?
A
IP Addressing / Routing / Packets
23
Q
Transport Does ?
A
Reliable Delivery
24
Q
Session does ?
A
Communication Channel
25
Presentation Does ?
Encryption + Compression
26
Application does ?
Intended Use, User Interaction
27
Confidentiality (Encryption) does ?
Ensuring info is viewable only by authorized users or systems
28
Integrity(Hashing) does ?
Ensuring info remains accurate and complete over its entire lifetime
29
Availability(Redundancy) does ?
Ensuring info is always easily accessible to authorized users
30
Direct Access Threat Vector
threat that comes from a source that directly contact your resources
31
Wired / Wireless Networks Threat Vector
A threat that does not have direct access to IT resources may still affect them over the local network or the internet
32
Personal Communication Threat Vector
Email, Texting, and every other communication tool can be used to attack the ORG. Used to spread malware credential theft, and phishing.
33
Social Media Threat Vector
Attackers target business and employee accounts scanning postings for sensitive info, spread misinfo to hurt busines reputation, or perform social engineering
34
Supply Chain Threat Vector
Org's, Vendor's, Contractor's, and customers can be used to attack you
35
Cloud Services Threat Vector
running on someone elses computer, can be attacked on premises, CSP, or cloud tenants, or through network connection you use to access it.
36
Script Kiddie Threat Actor
unskilled attackers who rely on commonly available tools and malicious scripts, they deface websites, spread malware or interrupt services
37
Hacktivist Threat Actor
attacks orgs to further a political or religious message some reflect ideologies that are not computer related and they target perceived enemies of these groups.
38
Organized Crime Threat Actor
criminal hackers seeking financial gain who work as part of a larger ORG, will target any resources they can sell to others. may seek info to blackmail senior executives
39
Competitors Threat Actor
unethical businesses frequently attempt attacks on competitors to commit industrial espionage or sabotage valuable resources
40
Insiders Threat Vector
Many attacks are caused by former employee's who have retained network access or others who already have knowledge of and access to the network
41
Nation States Threat Actor
many nations employ intelligence agencies and dedicated cyberwarfare organizations to attack rival governments, businesses, political organizations, or anyone else they perceive to threaten their national interests.
42
APT Threat Vector
More an attack type than attacker an advanced persistent threat is an ongoing series of sophisticated attacks against a particular organization
43
Shadow IT Threat Vector
It resoureces that are not managed by the IT dept includg computers software online services in many cases IT depts dont even know they exist Shadow IT often represents a alrge percentage of total IT spending it can include complex web applications or infrastructure. Shadow IT isn't an attack but those who deploy it are actively compromising your organizations secureity against outside and inside attacks
44
Recon (Cyber Kill Chain) Is ?
identifying a target and learning at least one exploitable vulnerability
45
Weaponization (Cyber Kill Chain) Is ?
Creating an attack tool tailored to the chosen target, such as a software exploit.
46
Delivery (Cyber Kill Chain) Is ?
Arranging a way to get the tool to the target, such as phishing, network attacks. or infected media.
47
Exploitation (Cyber Kill Chain) Is ?
Using the attack tool to execute code and gain access to the target system
48
Installation (Cyber Kill Chain) is ?
Using the exploit to establish persistence on the target, such as installing a backdoor.
49
Command and Control (Cyber Kill Chain) is ?
Establishing Remote control of the target system using the persistent vector
50
Actions On Objectives (Cyber Kill Chain) is ?
Performing actions toward an end goal, such as DoS Or Data Exfiltration
51
Security Controls (Managerial) ?
Policies
52
Security Controls (Technical) ?
Devices
53
Security Controls (Operational) ?
Procedures / way of doing things
54
Security Controls (Physical) ?
Something you can touch, ballards, locks
55
Security Controls (Preventative) ?
Locks, Mantrap, stops people from doing bad things
56
Security Controls (Directive) ?
Policy from management
57
Security Controls (Detective) ?
Cameras, Log book, audit.
58
Security Controls (Corrective) ?
policy changes, backups, IPS.
59
Security Controls (Deterrent) ?
camera, signs, security officers
60
Conf Controls (Least privilege) ?
just enough privileges to do your job and nothing more
61
Conf Controls (Need to know) ?
Restricts users to the data they specifically need
62
Conf Controls (Separation Of Duties) ?
Break critical tasks down into components performed by a different employee with different permissions
63
Tech Conf Controls (Access Controls) ?
Restrict access to systems and other resources typically utilizing passwords, smart cards, or other auth methods. Secure access control systems prevent unauthorized access, enforce user permissions for authorized users, and log activity for later review
64
Tech Conf Controls (Encryption) ?
Uses math processes to render data unreadable to those without the proper decryption key
65
Tech Conf Controls (Steganography) ?
Practice of concealing a secret message inside a more ordinary one
66
Integrity Controls (Hashing) ?
Math functions designed to create a small fixed size fingerprint of a given message or file such that any small changes in the data will produce an entirely different hash.
67
Integrity Controls (Digital signatures) ?
a combination of hashing and other cryptography that can verify the authenticity of a messenger's creator as well as its integrity. Digital signatures can be used to create digital auth tools called certificates.
68
Integrity Controls (Backups) ?
When data is lost or changed regular and complete backups ensures you can restore it to its original form.
69
Integrity Controls (Version Control) ?
Storing multiple versions of files meant for frequent and collaborative change, such as documents, code repositories, and other collections of documents.
70
Availability Controls (Redundancy) ?
Multiple or backup systems arranged so that if one fails others can take their place immediately or at least more quickly than the original can be repaired.
71
Availability Controls (Fault Tolerance) ?
system designed to continue functioning if a hardware or software component fails. May involve redundancy.
72
Availability Controls (Patch Management) ?
When applying security of stability updates, its essential to ensure they dont unduly disrupt system availability some patches known as hotfixes can be applied to a system with little to no down time.
73
Compensating Control ?
Is an alternative control that doesn't match the letter of the requirement but gives equal or better protection.
74
SOX ?
Fraudulent Accounting
75
FISMA ?
Federal Agencies
76
HIPAA ?
PHI, PII
77
FERPA ?
Students, Privacy
78
GLBA ?
Financial Institutions
79
GDPR ?
Europe PII
80
PCI - DSS
Credit Cards
81
What is the Cyber Kill Chain ?
consists of several phases linked in sequence to represent the necessary steps of a successful attack by blocking any of those steps you can defend against the threat as a whole
82
Expansionary org is ?
risk hungry
83
Conservative org is ?
risk averse
84
Neutral org is ?
in between
85
risk acceptance is ?
knows the risk but takes it anyways
86
risk transference is ?
insurance or some other 3rd party takes the risk
87
risk deterrence is ?
controls to prevent
88
risk mitigation is ?
security controls to prevent
89
ALE is ?
SLE x ARO
90
qualitive = ?
opinion, doesn't include #'s
91
quantitative is ?
numbers based on reality
92
packet sniffing is ?
gathering network traffic
93
vulnerability assessment is ?
looking for weaknesses in assets
94
2 parts of a packet ?
header and payload
95
payload is ?
data being transported
96
header layers ?
layer 1 - ethernet, layer 2 - MAC, layer 3 - Source IP, DEST IP, Layer 4 - TCP and UDP info.
97
Black box pen testing ?
no prior knowledge
98
Grey box pen testing ?
provides limited info like credentials or user roles
99
White box pen testing ?
full access to the system and internal workings
100
what is privilege escalation ?
get into an account with high privileges than read only, or create an account with higher privileges
101
persistence in pen testing is ?
staying in a network undetected
102
Pivot in pen testing is ?
get int something you don't want to get into something you do want
103
passive recon is when ?
no one will know its being done
104
active recon is when ?
its possible you can be detected
105
vulnerability test is performed by who ?
employee's
106
pen test is performed by who ?
white hat
107
what should you do with vulnerable accounts on a server ?
disable them
108
open permissions is when ?
people have permissions that they shouldn't
109
what should you do with unsecured data ?
secure with perms and encryption
110
How do you find vulnerabilities ?
CVE
111
