CINS 448 - Midterm
According to Ralph Langner, in the lab Stuxnet behaved like "a lab rat that didn't like the cheese" "a crazed caged monkey" "a monkey that stole all of the bananas" "Dr. Jekyll and Mr. Hyde"
"a lab rat that didn't like the cheese"
Mirai:
-Was successful in bringing down dyn dns. -Was made up of an army of iot devices. -Was a DDOS attack.
How many TCP ports are there? 165,342 128 65,535 42
65,535
If a message is encrypted using a public key, what is used to decrypt it?
A private key
Driftnet:
A tool that decodes and presents pictures that are in the TCP traffic that your computer is intercepting. Works with HTTP, not HTTPS.
The basic idea of _____ is to make every computer on the network believe that you are the Router. a Smurf attack ARP Poisoning WEP DDOS
ARP Poisoning
Bob needs to send Alice a message and doesn't want anyone but Alice to be able to read the contents. 1) Bob writes the message 2) Bob encrypts the message with __________ key 3) Bob sends the encrypted message to Alice 4) Using _________ key Alice decrypts the message options: Bob's public, Bob's private, Alice's public, Alice's private
Alice's Public, Alice's Private
Ettercap:
An ARP poisoner, used for MITM attacks.
DOS attack:
An attack in which a few servers launch an overwhelming amount of traffic to a server.
DDOS attack:
An attack in which thousands of infected zombie computers send an overwhelming amount of traffic to their victim.
Which networking technology was the first mainstream method for connecting to the Internet? Cable modem Digital Subscriber Line Analog dial-up Wi-Fi wireless broadband
Analog dial-up
Hashcat:
Another password cracker.
Banner Grabbing:
Attempting to contact a computer through a specific port to see what software/services are running on it.
"The three golden rules to ensure computer security are: do not own a computer; do not power it on; and do not use it." What part of the security triad does this quote violate?
Availability
When monitoring a system for anomalies, the system is measured against __________. Baseline Logs Security policy Results of the penetration test
Baseline
________ are helpful when configuring new computers or devices as well as for comparing with existing systems to see if they still meet the minimums. Policies Standards Baselines Guidelines
Baselines
Why are IOT devices such a big target for hackers even when they have such a small amount of processing power?
Because they are very insecure due to built in passwords, and they are very numerous.
Bob needs to send Alice a message and wants Alice to know it is from him. 1) Bob writes the message 2) Bob encrypts the message with ___________ key 3) Bob sends the encrypted message to Alice 4) Using _________ key Alice decrypts the message options: Bob's public, Bob's private, Alice's public, Alice's private
Bob's Private, Bob's Public
Armitage:
Can import Nmap results to get a list of vulnerabilities, then can use a GUI interface for the metasploit framework to attack a specified network.
What are the three parts to the Information Security Triad?
Confidentiality, integrity and availability
What was the first US Data encryption standard? DES RC4 MD5 RSA
DES
What is "wardriving"? The name of a virus that infects printer drivers. Driving around looking for susceptible ATMs that the attacker can attach a card skimmer to. Is the successful hijack of a smart car through the system's on-board computers. Driving around looking for unencrypted wireless access points.
Driving around looking for unencrypted wireless access points.
Which of the following is an example of a store-and-forward communication? E-mail Presence/availability Videoconferencing Audio conferencing
What is the act of an unauthorized person intercepting and reading packets that flow across a network? Eavesdropping/sniffing Replaying Hijacking None of the above
Eavesdropping/sniffing
Which of the following is the most effective countermeasure to social engineering? Employee education Antivirus software Intrusion detection systems Stringent firewall rules
Employee education
A network mapper (nMap) uses __________ packets to ping a computer in order to see if it is operational.
ICMP
What type of system detects but does not stop an intrusion? IDS Log firewall IPS
IDS
What type of system actively stops an intrusion? Log firewall IPS IDS
IPS
Match the term to the example: Confidentiality Integrity Availability
Integrity: involves maintaining the consistency, accuracy, and trustworthiness of data over its entire life cycle
Digital invisible ink toolkit:
Java program that can use several different algorithms to embed/extract messages in pictures, given a key.
According to the video what is the syntax for a SQL injection attack that will return all of the users from the table?
Jerry' or '1' = '1
Splunk:
Log analysis tool.
Which of the following is a SIEM? WebSecure Snort none of these LogRythm
LogRythm
The three creators of RSA worked at which University? Stanford MIT Harvard Cal Tech
MIT
What is the main reason that finance led the incident count the year of the report? There were several very large and successful attacks agains credit card processing companies Mainly due to a large number of ATM skimming incidents Mainly due to a large volume of DOS attacks targeting the financial industry Most attackers are motivated by financial gain and therefore most of their targets are in the finance industry
Mainly due to a large number of ATM skimming incidents
Nmap:
Network scanner. Utilizes ICMP packets to ping computers to see if they are "alive". Can scan entire networks with ping scans, regular scans, intense scans, UDP/TCP scans, and can see what operating systems/software is running on the network.
Zenmap:
Nmap but with a GUI. Can make graphs.
The tools that were used for recon:
Nmap, Zenmap, Metasploit, Netcat.
What tool have we used that use CVEs?
OpenVas
According to the video what is the top defense against SQL injection?
Passing through argument. Parameterization
Which of the following types of authentication is the most common method and also the weakest? Token Password Fingerprint PIN
Password
John the ripper:
Password cracker. Utilizes hashes on your computer and wordlists such as rockyou.txt.
Steghide:
Program to embed/extract data files in pictures.
In this class you followed the steps typically taken by a penetration tester. What were all of the steps that you followed and the tools that used for the simulated pen test? Make sure to describe what you used each tool for and the information gained from using the tool.
Reconissiance: Zenmap Identify Vulnerabilities: Metasploit Gain Access: OpenVas
What is the last name of the professor representing the "R" in RSA?
Rivest
What does RSA stand for?
Rivest, Shamir, & Adleman
According to the video what is the injection attack that "you are most likely to see"?
SQL Injection
Which technology allows users to sign on to a computer or network once, and have their identification and authorization credentials allow them into all computers and systems where they are authorized? Biometrics Multi-factor authentication Single sign-on (SSO) Single-factor authentication
Single sign-on (SSO)
A username and password combination is which type of authentication? Single-factor Multi-factor Ownership Characteristic
Single-factor
Which of the following is an IDS? WebSecure Snort LogRythm
Snort
What is a characteristic of analog communications? They are resistant to errors. They have unlimited bandwidth. They are resistant to electrical interference and noise. They are slow.
They are slow.
According to the lecture TCO stands for: The chosen one Technology commercialization office Total cost of ownership Tempest control officer
Total cost of ownership
VoIP and data travel over the same network. True or False
True
What type of error is false reject rate? Type II error Type I error Type 0 error Type III error
Type I error
What type of error is false accept rate? Type II error Type I error Type 0 error Type III error
Type II error
OpenVas:
Using the CVE database, is a network vulnerability scanner.
Which of the following are NOT true about a DDOS attack: The attacker is not after data stored on the site (credit card numbers, SSNs, etc) Usually involves a few, very powerful servers that send a lot of traffic to the victim site. Involves a botnet which sends a lot of traffic to the victim site. Software is not installed on the site being attacked.
Usually involves a few, very powerful servers that send a lot of traffic to the victim site.
Which of the following is any weakness in a system that makes it possible for a threat to cause it harm? Risk Backdoor Vulnerability Exploit
Vulnerability
Wireless encryption standard that is easily cracked?
WEP
Which System Development Life Cylce is more like an assembly line in that it is not very flexible because it doesn't allow you to cyle back through previous steps. Exploratory Waterfall Extreme Iterative
Waterfall
Burp Suite:
Web app attacker. Can perform SQL injection attacks.
Goal of Stuxnet was to find: a programmable logic computer the security system of Iran's nuclear facility a computer used to program a programmable logic computer
a computer used to program a programmable logic computer
Quantitative does not attempt to assign numeric value, but is scenario oriented attempts to assign independently objective numeric value to all elements of the risk analysis
attempts to assign independently objective numeric value to all elements of the risk analysis
What does a POS smash-and-grab attack involve? blow up face of ATM and remove cash from inside brute force and malware combination install ATM skimmer smash window and steal cash register
brute force and malware combination
What type of error is: false accpetance + false rejection cumulative error all error crossover error gross error
crossover error
Qualitative attempts to assign independently objective numeric value to all elements of the risk analysis does not attempt to assign numeric value, but is scenario oriented
does not attempt to assign numeric value, but is scenario oriented
Approximately 70% of breaches were discovered by: external parties the intrusion detection system an internal IT audit the information security groupx
external parties
If you give someone a message encrypted with your public key, you should give that person your private key so that they can decrypt the message. True or false
false
An information security policy does NOT include: authority for information security department recognition of information as an asset of the organization basis for data classification guidelines for how to implement policy
guidelines for how to implement policy
Policy does NOT include: senior management input a statement of enterprise beliefs list of technologies to use a statement of enterprise goals
list of technologies to use
The targets of xss are: other users file servers email servers databases
other users
What is a DDOS attack?
perpetrator seeks to make a machine or network resource unavailable to its intended users by flooding server with fake requests and cannot process the valid ones.
"All users of Norton anti-viral software will have anti-viral signature files updated weekly. the following procedure is to be followed when updating your anti-virus files every week: ... " is an example of a: policy baseline procedure standard
procedure
The name of the linux file that contained password hashes
shadow
According to Johnny Long, how do you "suck data off machines with your mind?" shoulder surf install a key logger what till the year 2045 when our minds will be machines sniff traffic
shoulder surf
Metasploit:
the most utilized penetration testing tool in the world. Can perform several different types of scans, such as ARP.
In the No Tech Hacking video how did they defeat physical security with junk and stuff (related to the touch bar on the door)? they used a paper clip in the key hole to unlock a secured door they went dumpster diving and found old key cards to unlock a secured door they went dumpster diving to search for entry codes to unlock a secured door they used a hanger and wet towel to unlock a secured door
they used a hanger and wet towel to unlock a secured door
Encrypt the following message using the Railfence cipher using two rails (rows). Do NOT add spaces. takemetoyourleader
toaukrelmeeatdoeyr
All popular programming web technologies are susceptible to xss. True or False
true
The key to protecting assets from the risk of attack is to eliminate or address as many ______ as possible. vulnerabilities threats technologies security policies
vulnerabilities
What "high tech" instrument did people use to break into phone systems?
whistle
Three methods of authentication are presenting something: you know, you have, you are you know, you have, you see you wear, you have, you are you wear, you have, you see
you know, you have, you are
