Live Virtual Machine Lab 1.2: Module 01 Gathering Intelligence on Threat Actors and Vectors, Live Virtual Machine Lab 2.1: Module 02 Penetration Testing Techniques, Live Virtual Machine Lab 3.1: Module 03 Identifying Different Cyber Attacks, Live Vir...
What is the minimum key size in Elliptical Curve Cryptography (ECC)?
160-bits Note: The key size in ECC is: - 160 - 224 - 256 - 384 - 521
How many keys are required in asymmetric encryption?
2 Note: Asymmetric encryption uses a pair of keys called a public/private key pair.
What is the key length of the Data Encryption Standard (DES) algorithm?
56-bit Note: Let's take a look at some of the key-encryption algorithms and their key lengths. Data Encryption Standard (DES) - 56-bit Triple-DES (3DES) - 168-bit Advanced Encryption Standard (AES) - 256-bit Twofish - 128, 192, 256-bit
Which of the following types of attacks are possible on the building automation systems - the building's heating, ventilation and air conditioning (HVAC) systems? [Choose all that apply]
Buffer overflow Authentication bypass Path traversal Hardcoded secrets Cross-site scripting
Which of the following are examples of embedded systems? [Choose all that apply]
Digital Cameras Printers Digital Watches Automobiles Automatic Teller Machine (ATM)
Which of the following is a condition that is shown as a result when it does not exist?
False Positive Note: A false positive is a condition that is shown as a result when it does not exist. The vulnerabilities that are missed by a vulnerability scanner are considered a false positive. A true positive is when the vulnerability scanner correctly catches the vulnerability. There is nothing called negative negative.
Which type of sensors can be included in an Internet of Things (IoT) device? [Choose all that apply]
Humidity Accelerometer Gyro Acceleration Temperature
Hijack session
If you are using hidden fields to capture the state information, which type of attack can occur?
USB drive Digital Photo frame
In the year 2008, which of the digital devices was a carrier of the virus in the supply chain environment? [Choose all that apply]
Black Box Testing
In which of the following tests does the tester not need to have prior knowledge of the system's internal design or features?
TRUE
Insider threats are generated by the individuals who are either the organization's employees or are closely associated with the organization as a vendor or a third-party. [TRUE/FALSE]
Which of the following type of vulnerability scan can also attempt to exploit the vulnerabilities?
Intrusive Note: An intrusive vulnerability scan can also attempt to exploit the vulnerabilities. That is why it is always advisable not to use intrusive scans on production systems and live applications. In a non-intrusive vulnerability scan, the scanner only looks for the vulnerabilities. You can run a credentialed scan only from an administrative account. A non-credentialed scan can be run from any - user or administrative - account.
E-mail attachments USB Website
Malware can be delivered using which of the following methods? [Choose all that apply]
Which of the following is used for continuous monitoring of logs?
Security information and event management (SIEM) Note: SIEM provides continuous log monitoring. A firewall allows or denies traffic coming in or going out of a network. IDS detects anomalies in the network traffic. UBA focuses on unusual behavior to minimize the damage. UBA can only detect but cannot prevent an attacker from getting into your network.
In asymmetric key encryption, what is the next step when a client initiates a session with a web server that is configured with a certificate?
The web server sends a certificate to the web browser Note: How asymmetric encryption works and how asymmetric key is exchanged between two entities. 1. A client initiates a session with a web server that is configured with a certificate. For example, the client enters a URL, https://www.practicelabs.com, in the web browser. 2. The request is received by the web server, which then sends its certificate to the client. It is important to note that the certificate includes the public key of the webserver. Remember, it is a pair of public and private keys. The private key is still with the webserver and should never be shared. 3. After receiving the certificate, the client first creates a symmetric key. It then takes the public key from the certificate and encrypts the symmetric key, which is then used to encrypt the session. 4. The client shares the encrypted symmetric key, which can also be called the session key. 5. After receiving, the webserver decrypts the asymmetric key or the session key with its private key. 6. Now, both the client and the webserver have the asymmetric or the session key, and they can establish a secure connection.
Which of the following digital features are included in vehicles? [Choose all that apply]
USB Bluetooth GPS
Bug Bounty
Which of the following allows organizations to identify and remediate vulnerabilities before the public is aware of it, thus reducing the spread and intensity of abuse?
Option ROMs
Which of the following is a firmware driver used by Unified Extensible Firmware Interface (UEFI)?
White Box Testing
Which of the following is a full knowledge penetration testing?
Ransomware
Which of the following malware does not harm the system but only targets the data?
Brute-force
Password spraying cyber-attack can be categorized as which of the following type of attack?
Backdoors Trojans Keyboard loggers Worms
A USB can be used to drop which of the following types of malware? [Choose all that apply]
Discovery
Footprinting and gathering information about the target is performed in which phase of penetration testing?
Which of the following vulnerabilities can exist in System control and Data Acquisition (SCADA)? [Choose all that apply]
Poor update management Unmonitored system Weak passwords Inadequate input validation
Host Intrusion Detection System (HIDS)
Which of the following tools can only detect an attack on a user's system?
Birthday
Which of the following type of attack is a pre-cursor to the collision attack?
Advanced Persistent Threat (APT)
Which of the following type of attacker keeps exfiltrating the data quietly, without being detected?
Black Hat
Which type of hackers break into systems for personal or financial gain?
Which of the following algorithms are examples of lightweight cryptography? [Choose all that apply]
OTR TWINE Note: Lightweight cryptography strikes an equal balance for the use of computational power and security. It helps to secure these devices against various attacks, such as single-key, key-recovery, or weak-keys. Two examples of lightweight cryptography are: TWINE - block cipher OTR - Authenticated Encryption method As of the release of this title, both are in trial phases.
Hacktivists
Which of the following performs hacking for either a political reason or wants to bring in a social change?
Tokenization
Which of the following replaces a string of data with unique identification symbols or numbers?
Pivoting
Which of the following terms refers to attacking or taking control of a system through another compromised system?
Lateral Movement
Which of the following testing strategies will be performed by a gradual process of gaining access to a network component, infrastructure, or an application layer to minimize detection?
A self-driving car is an example of AI AI focuses on the broad idea of making a system execute a task Machine Learning or ML is a subset of AI
Which of the following statements are true for artificial intelligence (AI)? [Choose all that apply]
Which of the following is achieved by Security Orchestration, Automation, Response (SOAR)?
Automation Note: SOAR automates and orchestrates the manual tasks, thereby strengthening the security posture of an organization. SOAR saves the organization hundreds of man hours of performing repetitive manual tasks. Confidentiality is achieved by encryption. Integrity is achieved by hashing. Availability is achieved by fault tolerance.
Which of the following method of threat hunting includes disrupt, deny, destroy, and degrade actions?
Maneuvering Note: Using maneuvering, you may: -Disrupt -Deny -Degrade -Destroy -Manipulate These actions are performed on the information and resources of the other parties. Threat feed is a real-time information feed about threats. It can help tighten security controls in your organization. A security advisory is a document that narrates a specific vulnerability found in a product. Intelligence fusion is collating intelligence and information from various sources.
