Hacker Techniques, Tools, and Incident Handling
What is the acceptance approach to risk control?
The choice to do nothing to protect and information asset and to accept the outcome of its potential exploitation. In order to validly determine this the organization must: determine the level of risk, assess the probability of attack, estimate the potential damage that could occur from an attack, perform a thorough cost-benefit analysis, evaluated controls using each appropriate type of feasibility, decided that the particular function, service, information, or as it did not justify the cost of protection
Theft
The legal taking of another property, be it physical, electronic, or intellectual
What is risk?
The likelihood of the occurrence of vulnerability, multiplied by the value of the information asset, minus the percentage of risk mitigated by current controls, plus the uncertainty of current knowledge of the vulnerability
Intellectual property
The ownership of ideas and control over the tangible or virtual representation of those ideas. Use of another persons intellectual property may or may not involve royalty payments or permission should always include proper credit to the source
Likelihood
The probability that a specific phone ability within an organization will be successfully attacked
Risk control
The process of applying control reduce the risk of an organizations data and information systems
Risk identification
The process of examining, documenting, and assessing security posture of an organization's information technology and the risks it faces
Residual risk
The risk that remains to the information assets even after the existing control has been applied
What is a part of intellectual property?
Trade secrets, copyrights, trademarks, and patents
Software piracy
Use or duplication of software-based intellectual property
What is the termination approach to risk control?
When an organization decides to remove an asset that is not worth defending but is a security risk
Black-hat Hackers
black hat hacker is a person who attempts to find computer security vulnerabilities and exploit them for personal financial gain or other malicious reasons. Black hat hackers can inflict major damage on both individual computer users and large organizations by stealing personal financial information, compromising the security of major systems, or shutting down or altering the function of websites and networks.
Vulnerability
A flaw or weakness in the system security procedures, design, implementation, or internal controls that could be exercised (accidentally triggered or intentionally exploited) and result in a security breach or violation of the systems security policy
Competitive intelligence
A legal form of information gathering that consists of doing research on publicly available information
Polymorphism
A threat the changes apparent shape over time, making it undetectable by techniques that look for preconfigured signature
White-hat Hackers
A white hat hacker is a computer security specialist who breaks into protected systems and networks to test and asses their security. White hat hackers use their skills to improve security by exposing vulnerabilities before malicious hackers (known as black hat hackers) can detect and exploit them. Although the methods used are similar, if not identical, to those employed by malicious hackers, white hat hackers have permission to employ them against the organization that has hired them. Also called "Ethical Hackers" by the media
In Linux, you issue commands from a command line using which of the following? A. A terminal window B. The KDE interface C. The GNOME interface D. The kernel
A. A terminal window
Which of the following are scripting languages? (choose two) A. Active X B. Java C. CGI D. ASP.Net
A. Active X C. CGI
Which of the following can limit the impact of worms? A. Antivirus software, firewalls, patches B. Anti-spyware, firewalls, patches C. Anti-worm software, firewalls, patches D. Anti-malware
A. Antivirus software, firewalls, patches
Web application are used for? A. Enabling dynamic content B. Streaming video C. Applying scripting D. Lack of input validation
A. Enabling dynamic content
Which of the following is a desktop interface for Linux? A. KDE B. SUSE C. Ubuntu D. GPL
A. KDE
What is the core of the Linux operating system? A. Kernel B. Shell C. GUI D. VPN
A. Kernel
Covert channels work over A. Known channels B. Wireless C. Networks D. Security controls
A. Known channels
______ is used to fake a MAC address. A. Spoofing B. Flooding C. Poisoning D. Hijacking
A. Spoofing
______ record(s) a user's typing A. Spyware B. Viruses C. Adware D. Malware
A. Spyware
A DoS attack is meant to deny a service from legitimate usage. A. True B. False
A. True
Active sniffing is used when switches are present A. True B. False
A. True
Backdoors on a system can be used to bypass firewalls and other protective measures A. True B. False
A. True
Session hijacking is used to take over an authenticated session A. True B. False
A. True
Trojans are a type of malware A. True B. False
A. True
Trojans can be used to open backdoors on a system A. True B. False
A. True
Worms are designed to replicate repeatedly. A. True B. False
A. True
____ attach(es) to files. A. Viruses B. Worms C. Adware D. Spyware
A. Viruses
Human error or failure
Acts performed by an authorized user usually without malicious intent or purpose that can produce extensive damage and catastrophic results
Attack
An intentional or unintentional attempt to cause damage to or otherwise compromised information or the systems that support it
Threat
An object, person, or other entity that is of potential risk of loss to an assets
Asset
An organizational resource that can be logical, such as website, information, or data, or it can be physical, such as a person, computer system, or other tangible object
Industrial espionage
Any legal form of information gathering that consists of retrieving information by unethical and illegal means. May also include denying access to services
What does the general business community do in regards to security?
Articulates and communicates organizational policy and objectives and allocates resources to other groups
Availability (CIA triangle) and means of achieving
Authorized users or systems are able to access information in the specified format without interference or obstruction as necessary. Means: backup data, redundancy, load-balancing, disaster recovery plan, remove bottlenecks, firewalls and proxy to protect against DDoS attacks
____ runs completely from removable media. A. Linux B. A Live CD C. The kernel D. A Shell
B. A Live CD
Prevention of viruses and malware includes ______ A. Pop-up blockers B. Antivirus C. Buffer overflows D. All of the abolve
B. Antivirus
Sniffers can be used to A. Decrypt information B. Capture information C. Hijack communications D. Enforce Security
B. Capture information
Which of the following is a characteristic of adware? A. Gathering information B. Displaying pop-ups C. Intimidating users D. Replicating
B. Displaying pop-ups
Backdoors are an example of covert channels A. True B. False
B. False
Multipartite viruses come in encrypted form A. True B. False
B. False
Scareware is harmless A. True B. False
B. False
Session hijacking is used to capture traffic A. True B. False
B. False
The command mv is used to remove empty directories. A. True B. False
B. False
The stability of a Web server does not depend on the operating system. A. True B. False
B. False
The target of source code exploits is most often databases. A. True B. False
B. False
Viruses do not require a host program A. True B. False
B. False
Browsers do not display which of the following? A. ActiveX B. Hidden fields C. Java D. JavaScript
B. Hidden fields
What technique is used when traffic is captured on a network with hubs A. Active sniffing B. Passive sniffing C. MAC flooding D. Ether flooding
B. Passive Sniffing
Which of the following challenges can a firewall solve? A. Protection against buffer overflows B. Protection against scanning C. Inadequate input validation D. Ability of a Web application to use nonstandard ports
B. Protection against scanning
Which of the following is designed to exploit applications that solicit the client to supply data that is processed in the form of SQL statements? A. Buffer overflows B. SQL injection C. Buffer injection D. Input validaton
B. SQL injection
What type of device can have its memory filled up when MAC flooding is used A. Hub B. Switch C. Router D. Gateway
B. Switch
Which of the following is used to audit databases? A. Ping B. IPConfig C. NGSSquirrel D. XSS
C. NGSSquirrel
____ is designed to intimidate users A. Adware B. Viruses C. Scareware D. Worms
C. Scareware
Which is used to intercept user infromation? A. Adware B. Scareware C. Spyware D. A virus
C. Spyware
____ is known to disable protective mechanisms on a system such as antivirus software, anti-spyware software, and firewalls, and to report on a user's activities. A. Adware B. Scareware C. Spyware D. A virus
C. Spyware
The CIA triangle (three goals of security)
Confidentiality, integrity, accessibility
______ are methods for transferring data in an unmonitored manner
Covert channels
Trojans are designed to be small and stealthy in order to: A. Bypass covert channels B. Bypass firewalls C. Bypass permissions D. Bypass detection
D. Bypass detection
Which of the following is one of the goals of Trojans? A. Sending data B. Changing system settings C. Opening covert channels D. Giving remote access
D. Giving remote access
What are the five risk control strategies?
Defense, transferral, mitigation, acceptance, termination
_____ is a combination malware and Trojan Horse RAT based on Stuxnet designed to spy on industrial control systems
Duqu
_____ Is a powerful preventive measure for stopping viruses.
Education and Anti-virus software
Trespass
Electronic and human activities that breached confidentiality of information by unauthorized individuals attempting to gain access to information
Malware hoaxes
Emails and pop up containing illegitimate warnings of dangerous malware in order to scare the user to perform a desired action
Suicide Hackers
Hackers with little regard for the law or staying undetected. They seek to accomplish their goal at all costs and do not worry if they are caught. Their goals include political, terrorist, social, or other aims.
______ is used to overwhelm a service
Hijacking (or DDoSing)
Script Kiddies
In programming culture a script kiddie or skiddie (also known as skid, script bunny, script kitty) is an unskilled individual who uses scripts or programs developed by others to attack computer systems and networks, and deface websites.
Integrity (CIA triangle) and means of achieving
Information assets are not exposed to corruption, damage, destruction, or other disruption of their authentic states. Means: backups, checksum, physical and logical access control
What questions should be as in an information asset valuation
Is this asset the most critical to the organization's success? Does it generate the most revenue? Does it generate the most profit? Would it be the most expensive to replace? Will be the most expensive to protect? If revealed, would it cost the most embarrassment or greatest damage? Does the law or other regulation require us to protect this?
What is the goal of network security?
It is impossible to create an impenetrable system. The goal of network security and is to leave assets accessible to authorized users, but not make it worth the time or effort needed to illegitimately access the assets by hackers. Having better security than a similar company is sometimes sufficient to discurage attacks
_____ are configured to go off at a certain date, time, or when a specific event occurs
Logic bombs
______ is used to flood a switch with bogus MAC addresses
MAC flooding
Worms
Malicious programs that replicate themselves constantly without requiring another program provide a safe environment for their replication
Ransomeware
Malware that encrypts files in prompts the user for payments in order to decrypt the files. Commonly targets hospitals, medical centers, and governmental agencies
Exploit (as a noun/verb)
Noun: a means to target a specific vulnerability usually found in soft word to formulate an attack Verb: to attack system or information asset by using it illegally for their personal gains
Confidentiality (CIA triangle) and means of achieving it
Only those persons or computer systems with the rights and privileges to access and are able to do so. Means: user IDs, passwords, file and group permissions, authentication, encryption, training to prevent social engineering, local access only
Physical Security
Protecting people, physical assets, and the workplace from various threats, including fire, unauthorized access, and natural disasters.
Operations Security
Protecting the organization's ability to carry out its operational activities without interruption or compromise
Communications security
Protecting the organization's communications media, technology, and content, and its ability to use the tools to achieve the organization's objectives
Network security
Protecting the organization's data network devices, connections, and contents as well as protecting the ability to use the network to accomplish the organizations data communication functions tab tab tab
Information security (InfoSec)
Protection of information and its critical characteristics (CIA triangle), including the systems and hardware that use, store, and transmit that information, through the application of policy, training and awareness programs, and technology
What does the information security community do in regards to security?
Protects the organizations information assets from the many threats they face
Petya and SamSam are examples of _____
Ransomware
Grey-hat Hackers
Rehabilitated Hackers that were once Black-hot hackers but have since changed their ways. For obvious reasons, not all people will trust a gray-hat hacker
______ perform active and passive scans of network to identify all SQL Server installations that may be hidden
SQLPing 3.0 and SQLRecon
What is the priority in the process of Disaster Recover?
Safety of Human Life
Control (or safeguard or countermeasure) and examples
Security mechanisms, policies, or procedures that can successfully counter attacks, reduce risk, resolve vulnerabilities, and generally improve the security within an organization Examples: access control list, firewall, user and file permissions, authentication, encryption, updates, anti-malware, password policies
Computer virus
Segments of code that perform malicious action. The code attaches itself to an existing program and takes control that programs access to the targeted computer.
_____ is a malware spread via infected USB drive or across a network as a worm. Designed to interfere with Siemens programmable logic microcontroller in order to make centrifuges operate at unsafe speeds while displaying proper speed .
Stuxnet
What does the information technology community do in regards to security?
Supports the business objectives of the organization by supplying and supporting IT that is appropriate to the organization's needs
What is the GPL?
The General Public License (GPL) is the software licence that governs the Linux kernel and other open source software
What is the defense (avoidance) approach to risk control?
The attempting to prevent the exploitation of the vulnerability by means of countering threats, removing vulnerabilities and assets, limiting access to assets, and adding protective safeguards
What is the mitigation approach to risk control?
The attempting to reduce the impact caused by the exploitation of vulnerability through planning and preparation, including contingency planning and its four functional components: the business impact analysis, the incident response plan, the disaster recovery plan, and the business continuing to you
What is the transferral approach to risk control?
The attempting to shift risk to other assets, other processes, or other organizations by rethinking how services are offered, revising deployments models, outsourcing to other organizations, purchasing insurance, or implementing service contracts with providers
