Section 2

Question 1

What is an asset

Answer 1

A person, device, location, or information that SecOps aims to protect from attack.

Question 2

What is a risk

Answer 2

The potential of a threat to exploit a vulnerability via an attack.

Question 3

What is SecOps

Answer 3

The abbreviation for IT security operations; a discipline within IT responsible for protecting assets by reducing the risk of attacks.

Question 4

Threat

Answer 4

Something or someone that can exploit a vulnerability to attack an asset.

Question 5

Vulnerability

Answer 5

A weakness in software, hardware, facilities, or humans that can be exploited by a threat.

Question 6

What is an APT

Answer 6

a stealthy threat actor, typically a state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period

Question 7

What is a red team

Answer 7

attempts to compromise the security

Question 8

What is a blue team

Answer 8

defends against the red team

Question 9

What is a purple team

Answer 9

while the red and blue team engage and certain success criteria are met, the teams debrief and cross-train each other

Question 10

What happens during a Smurf attack

Answer 10

DDoS attack where the attacker sends a forged ICMP echo-request packet to the broadcast address of a large IP subnet, which means that a massive number of computers would all receive the message. Instead of randomizing the source address as in the ping flood attack, in the Smurf attack, the attacker specifies the victim’s address as the source address. As each of the hundreds or thousands of computers receives the ICMP echo-request packet, each will respond by sending an ICMP echo-reply packet to the victim’s address, thereby crippling its network connection.