Sound the Alarm: Detection and Response: Module 2

Question 1

Command And Control (C2)

Answer 1

Ways attackers stay connected to hacked systems

Question 2

Command-Line Interface (CLI)

Answer 2

A text screen where you type commands

Question 3

Data Exfiltration

Answer 3

Stealing data from a system

Question 4

Data Packet

Answer 4

A small piece of data sent across a network

Question 5

Indicators Of Compromise (IoC)

Answer 5

Signs that a system may be under attack

Question 6

Internet Protocol (IP)

Answer 6

Rules for sending data between devices

Question 7

Intrusion Detection Systems (IDS)

Answer 7

Tool that watches for and alerts on attacks

Question 8

Media Access Control (MAC) Address

Answer 8

A unique ID for each network device

Question 9

National Institute Of Standards And Technology (NIST) Incident Response Lifecycle

Answer 9

A 4-step guide for handling security incidents

Question 10

Network Data

Answer 10

Information sent between devices

Question 11

Network Protocol Analyzer (Packet Sniffer)

Answer 11

Tool that reads network traffic

Question 12

Network Traffic

Answer 12

Data moving across a network

Question 13

Network Interface Card (NIC)

Answer 13

Hardware that connects a device to a network

Question 14

Packet Capture (P-Cap)

Answer 14

File with saved network data

Question 15

Packet Sniffing

Answer 15

Looking at network data

Question 16

Playbook

Answer 16

Step-by-step instructions for tasks

Question 17

Root User (Or Superuser)

Answer 17

User with full system control

Question 18

Sudo

Answer 18

Command to temporarily gain full access

Question 19

Tcpdump

Answer 19

Command-line tool to read network traffic

Question 20

Wireshark

Answer 20

Graphical tool to read network traffic