CYSEC Exam Review

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What is Elk Cloner and when was it released?

- 1st known virus to have spread - launched in 1982 -Stored on a floppy disk - Once computer booted up the virus would start and copy itself to an uninfected floppy disk

How many components does an IP address have and what are they?

- 2 components -Network and host part -One identifying the network and one identifying the node (host)

What is a Switch?

- A network that allows computers to communicated on dedicated connections - A network device designed to forward packets based on their MAC address - Keeps track of MAC addresses and which port to send it to

What is the purpose of the DMZ?

- A safe zone to let a network communicate w/o being on the internet - A layer of the network that can expose company services - An area on a network that makes a company's service externally accessible (exposed to the internet)

What is a Packet?

- A unit of data that is routed b/w an origin and a destination on the internet or any other packet-switched network -sends information reliably so data does not have to be sent in a single, large file -small amounts of data - Pieces of information (Data sent across a network)

What is encoding?

- Converting data into a new format - transforming the data to be viewed safely and on another system -Does not require a key -Base64

Name a popular DDOS tool

- LOIC (Low Orbit Ion Cannon) - Stressthem.com

What is the difference b/w a IP & MAC address?

- MAC ensure the physical address of the computer is unique -MAC is in hexidecimal format -IP is a logical address used to locate the computer connected to a network -IP is in decimal format

What is the difference b/w Phishing and Spear phishing attack?

- Phishing is not targeted to any specific individual - Spear Phishing is targeted to a specific individual

What is the main concept of a MitM attack?

- When an attacker intercepts info and eavesdrops b/w to users communicating - An attacker intercepting communications b/w 2 communicating devices

What is a MD5 Hash?

-A one-way cryptographic hashing algorithm that accepts a message of any length - Produces a 128-bit hash value

What is the difference b/w an exploit and a vulnerability

-A vulnerability is a weakness in a software system -An Exploit is an attack that takes advantage of a vulnerability or weakness (Trojan horse)

Who is Kevin Mitnick?

-Computer security consultant -in the mid 90s was "World's most wanted hacker"

IP addresses are in which format?

-Decimal format - The groups of #s are called Octets in IPV4

What is the purpose of a server OS, such as Windows Server?

-Designed to share service w/ multiple users -Provides control over data storage - controls services and device sharing across a network

What is IPV4?

-Identifies the IP address -Is indicated with classes

What is a IPV6?

-Internet protocol version 6 -provides identification and location system for computers on networks and routes traffic across the internet

What does ifconfig cmd do?

-It enables an ARP to detect the physical addresses of hosts attached to the network - used to configure the system's kernel-resident network interfaces -displays the status of the system's active interfaces

What is a MAC address?

-It identifies the physical computer or electronic device -Has 6 letters & numbers - separated by colons --> 1st 3 identifiers represent the vendor --> last 3 identify the device

What is the Morris Worm and when was it released?

-It was the worlds 1st computer worm -Caused massive damage to computers and networks -Main intent was to gauge the size of the internet -launched in 1998

Who is John Thomas Draper?

-Known as Captain Crunch -Legendary phone and computer hacker - Built the multifrequency tone generator, bluebox that emits audio tones used to control a phone network

What is Hashing?

-One way summary (Function) of data that validates integrity of the data -the process of converting a key into another value -Ensures integrity take a string of text and converted it into a hash -Does not use a key but uses a algorithm

What is a server?

-Powerful computers designed to provide services to one or more computers - services --> email, web or file servers

What are the advantages of using virtualization?

-Shared resources and a safe environment - higher server availability -greater IT efficiency -good for doing investigations

What do computers need to communicate with each other?

-TCP (Transmission Control Protocol - IP (Internet Protocol) address

What is Encryption?

-The process of converting info or data into a code to prevent unauthorized access -requires a key

What is a network?

-Two or more computers connected and grouped together in a specific framework -Sharing info from the same source -Exchange of communication b/w 2 or more entities

What is a ARP?

-it enables network communications to reach a specific device on a network -A communication protocol used for discovering the link layer address

What is Salt?

-random data that is used as an additional input to a one-way function that hashes data, pw or passphrase -Are used to safeguard pw in storage -defends against a pre-computed hash attack

What are the layers of the OSI model?

1. Application 2. Presentation 3. Session 4. Transport 5. Network 6. Data Link 7. Physical 8. User(s)

What is an example of a valid IP address?

192.168.1.254 192.168.1.10

What is an example of a Subnet Mask Class C?

255.255.255.0

What is a Subnet mask?

A 32-bit number created by setting host bits to all 0s and setting network bits to all 1s It separates the IP address into the network and host addresses

If someone hacked into Facebook manager account and demanded payment or they released sensitive info to the public, what type of hacker would conduct such an attack?

A Black Hat hacker

What is a DoS attack?

A Denial of Service attack stops access to the website -Is conducted by a single attacker -Is meant to shut down a machine or network making it inaccessible to its intended users

What is the difference b/w a Worm and a Virus?

A Worm is a malicious standalone program that can self-replicate and propagate A Virus requires user interaction

What is a Hybrid-Analysis ?

A controlled and tested machine environment -An advanced security tool that provides a user with detailed info about files

What is the Windows Registry?

A database of info, settings, options, and other values for software and hardware installed on all versions of Microsoft Windows OS

What is a DDoS attack?

A distributed denial of Service attack -Conducted by multiple attackers - A malicious attempt to disrupt the normal traffic of a targeted server, service or network by flooding it with internet traffic

What is Ettercap?

A free open-source network security tool for MitM attacks

What is the difference between a hub and a router?

A hub is in layer 1 A router is in layer 3 of the OSI model

What is a Firewall?

A network security device that monitors incoming and outgoing network traffic -Acts like a mote around a castle

What does a keygen do?

A software key generator that generates a product licensing key (serial #) in order to use the software

What is Antivirus software?

A software that is designed to prevent attacks -Checks for signatures -Like a dictionary that scans viruses

What is the difference b/w a virus and a worm?

A virus requires user interaction (needs execution) A Worm is self-propagating

What is the difference b/w APT and Script Kiddies?

APT is typically sponsored by a nation or state and uses difficult code Script Kiddies are not well funded or smart with code

What does ARP stand for?

Address Resolution Protocol

Name a Windows account with the strongest permission/access?

Admin

What does APT stand for?

Advanced Persistent Threat - A nation or state funded group of hackers - build cyberware to attack other high-level entities (Gov. or Company)

What is MAC flooding?

An attack method that overflows a switch (flooding a switch)

Name something that is not a physical control?

Antivirus

What 2 types of network configurations would allow a VM machine to reach the internet from its host computer?

Bridged and NAT

You open Google Chrome and search for ur mouse, The computer reacts slowly, What is affected?

CPU RAM Motherboard

What class is the largest subnet mask in?

Class A 255.255.255.255.252/30

What are the IPV4 classes of networks?

Class A,B, C

Hash 24 is part of which network class?

Class C

What does CVE stand for?

Common Vulnerability & Exposures - A archive of vulnerabilities

What are the 3 terms that make up CIA triad?

Confidentiality Integrity Availability

What is the CIA triad?

Confidentiality, Integrity, Availability

When a web server that conducts online transactions crashes by a single attacker, what type of network attack occurred?

DOS Denial of Service attack

Ping of Death is an example of what type of attack?

DOS attack

What does DiD stand for?

Defense in Depth

What is the purpose of DiD?

Defense in Depth provides multiple layers of security

What are the 3 main cyber defense phases?

Detection Prevention Recovery

What is true about threads and processes?

Each process has a separate memory space, unlike threads that use the same memory space of their parent process

What is the most common LAN?

Ethernet

What is a name of a tool that can be used in order to initiate a MitM attack?

Ettercap

Name a wireless attack that involves impersonation of a WiFi access point?

Evil twin - Attacker sets up a fake WiFi network that looks legitimate

TF: MAC addresses change according to the network, while IP addresses are fixed per computer and have a unique identifier

False MAC addresses cannot be changed

What does FUD stand for?

Fully Undetectable malware (virus)

Name a Windows account with the weakest permission/access?

Guest

Name a tool that can be used to flood a host w/ Traffic?

Hping3

What is a good example of UDP protocol usage?

Hulu Video streaming Netflix Disney+

What does HTTP stand for?

Hypertext Transfer Protocol

What does HTTPS stand for?

Hypertext Transfer Protocol Secure

What is an example of Integrity being compromised?

If a hacker changes the images of a website -A hacker changes the data on a website

What does IOC stand for?

Indicator of compromise - Always assume that a network can be compromised

What are the 2 differences b/w InfoSec and CyberSec?

InfoSec: -primary concern is protecting the confidentiality, integrity and availability of the data CySec: primary concern is protecting from unauthorized electronic access to the data

What is the purpose of a DHCP server?

It assigns a IP address to each device on a network

what is the purpose of the kernel in the OS?

It connects and communicates software applications and hardware

Name 2 aspects of the CIA triad does evidence preservation help ensure?

It helps preserve integrity and confidentiality

What is the purpose of the ping command?

It is a network diagnostic tool that checks network connectivity

What is the role of a DNS server?

It translates domain names to IP addresses

Which layer in the OSI model does the Switch operate on?

Layer 2 --> Data Link

What is the difference b/w an IP address and a MAC address?

MAC address identifies network devices on a local level IP address identifies devices on the global internet

Define a computer

Machines that perform calculations, accomplish complicated operations and programs based on sequence of commands and inserted input

Integrity (CIA)

Maintaining and assuring the accuracy and completeness of data -Preventing data from being modified or misused by unauthorized parties

Define MAC

Media Access Control address

Name an attack that is not a DDoS attack?

MitM

Which network adapter setting assigns an IP address for the VM client machine from the physical host machine?

NAT

Does IPV6 use ARP?

No, it uses neighborhood discovery protocol

What does OSI stand for?

Open System Interconnection

What is Social Engineering?

People hacking using deceptive tactics to draw out sensitive information or allow access to something

What does PII stand for?

Personally Identifiable Information

Information Security (InfoSec) protects what?

Protects Physical and digital assets in a computer -Refers to the processes and tools designed and deployed to protect sensitive business info

If someone downloads a malicious program that encrypts data and demands payment for its restoration, What type of malware is used?

Ransomware

What is Ethernet?

Refers to the most common type of Local Area Network (LAN)

Confidentiality (CIA)

Refers to the protecting info from being accessed by unauthorized parties -Accessing the data of the customers and selling it on the dark web

Availability (CIA)

Refers to the unauthorized user that is able to freely access the systems, networks and data needed to perform important tasks

The gateway is the _______________ ID.

Router

What service runs on port 22?

SSH (Secure Shell)

Which type of attack exploits a vulnerability in the TCP/IP 3-way handshake process?

SYN flood

What is SQL?

Structured Query Language -enables access and manipulation of databases -used to communicated with a database

What is the correct order of a TCP 3-way handshake?

Syn, Syn-Ack, Ack

What is the difference b/w TCP and UDP?

TCP is connection-based UDP is connection-less

Who is David Kennedy

The creator of the Social Engineering Toolkit (SET)

What is threat hunting?

The process of proactively and iteratively searching thru networks to detect and isolate advanced threats that evade security solutions

What is Enumeration?

The process that estab. an active connection to the target host to discover potential attack vectors in a system -Can be used to find usernames, hostnames, network shares and services, IP tables and routing tables

When hacker want to bypass a scan what will they need to do?

They would need to change their signatures to bypass the scan by the antivirus

What does TCP stand for?

Transmission Control Protocol

What does URL mean?

Uniform Resource Locator

What does URL stand for?

Uniform Resource Locator

What is a UDP?

User Datagram Protocol

Which wireless protocol should not be used when setting up a wireless network b/c it is the weakest?

WEP

What is an example of a breach of availability?

Website is no longer available

Which network tool cannot be used for flooding a host w/ network traffic?

Wireshark

Name the command to display files in a directory under the Windows OS

dir


Ensembles d'études connexes

Human A&P Lab 301 Part B Patella, Tibia, and Fibula

View Set

Mastering Astronomy: Neutron Stars, Black Holes

View Set

Chapter 17: Neurological Emergencies

View Set

Health Economics, Elasticities, Market Structures, Grossman Model, RAND HIE, Adverse Selection, Moral Hazard, Optimal Insurance Contracts, Progressive and Regressive Taxes, Prospective Payment Systems, Medicare, Medicaid

View Set

Chapter 11: Social Protest/Affirmation

View Set

RN Targeted Medical Surgical: Fluid, Electrolyte, and Acid-Base Online Practice 2019

View Set

Chapter 9: Retention and Motivation

View Set

Week 5 Part 1 (Plant Form and Function)

View Set