Cisco 2

Question 1

usually introduced by errors in the operating system or application code, despite all the effort companies put into finding

Answer 1

Software vulnerabilities

Question 2

• are often introduced by hardware design flaws. RAM memory for example, is essentially capacitors installed very close to one another. It was discovered that, due to proximity, constant changes applied to one of these capacitors could influence neighbor capacitors.
• are specific to device models and are not generally exploited through random compromising attempts

Answer 2

Hardware vulnerabilities

Question 3

Categorizing Security Vulnerabilities

Answer 3

1. buffer flow
2. non-validated input
3. race conditions
4. weakness in security practices
5. access-control problems

Question 4

his vulnerability occurs when data is written beyond the limits of a buffer. Buffers are memory areas allocated to an application.

Answer 4

Buffer overflow

Question 5

Programs often work with data input. This data coming into the program could have malicious content, designed to force the program to behave in an unintended way

Answer 5

Non-validated input

Question 6

• Systems and sensitive data can be protected through techniques such as authentication, authorization, and encryption.
• Developers should not attempt to create their own security algorithms because it will likely introduce vulnerabilities.
• It is strongly advised that developers use security libraries that have already created, tested, and verified.

Answer 6

weaknesses in security practices

Question 7

This vulnerability is when the output of an event depends on ordered or timed outputs. A race condition becomes a source of vulnerability when the required ordered or timed events do not occur in the correct order or proper timing.

Answer 7

Race conditions

Question 8

process of controlling who does what and ranges from managing physical access to equipment to dictating who has access to a resource, such as a file, and what they can do with it, such as read or change the file. Many security vulnerabilities are created by the improper use of access controls.

Answer 8

Access-control problems

Question 9

Types of Malware

Answer 9

1. spyware
2. adware
3. bot
4. ransomware
5. scareware
6. rootkit
7. trojan horse
8. worms
9. man-in-the-middle
10. man-in-the-mobile

Question 10

• This malware is design to track and spy on the user.
• often includes activity trackers, keystroke collection, and data capture. In an attempt to overcome security measures, spyware often modifies security settings.

Answer 10

Spyware

Question 11

• dvertising supported software is designed to automatically deliver advertisements.
• is often installed with some versions of software.
• designed to only deliver advertisements but it is also common for adware to come with spyware.

Answer 11

Adware

Question 12

From the word robot, a bot is malware designed to automatically perform action, usually online. While most bots are harmless, one increasing use of malicious bots are botnets.

Answer 12

Bot

Question 13

This malware is designed to hold a computer system or the data it contains captive until a payment is made

Answer 13

Ransomware

Question 14

his is a type of malware designed to persuade the user to take a specific action based on fear.

Answer 14

Scareware

Question 15

This malware is designed to modify the operating system to create a backdoor. Attackers then use the backdoor to access the computer remotely

Answer 15

Rootkit

Question 16

malicious executable code that is attached to other executable files, often legitimate programs

Answer 16

Virus

Question 17

malware that carries out malicious operations under the guise of a desired operation. This malicious code exploits the privileges of the user that runs it

Answer 17

Trojan horse

Question 18

malicious code that replicate themselves by independently exploiting vulnerabilities in networks

Answer 18

Worms

Question 19

allows the attacker to take control over a device without the user’s knowledge. With that level of access, the attacker can intercept and capture user information before relaying it to its intended destination.

Answer 19

Man-In-The-Middle (MitM)

Question 20

type of attack used to take control over a mobile device. When infected, the mobile device can be instructed to exfiltrate user-sensitive information and send it to the attackers.

Answer 20

Man-In-The-Mobile (MitMo)

Question 21

two categories of malware

Answer 21

1. infectious methods
2. malware actions

Question 22

infectious methods

Answer 22

1. worms
2. virus
3. trojan
4. bots

Question 23

malware on basis of actions

Answer 23

1. adware
2. ransomware
3. spyware
4. scareware
5. rootkits
6. zombies

Question 24

they dont steal or spy but wait for instructions from hackers

Answer 24

zombies

Question 25

Symptoms of Malware

Answer 25

* There is an increase in CPU usage. * There is a decrease in computer speed. * The computer freezes or crashes often. * There is a decrease in Web browsing speed. * There are unexplainable problems with network connections. * Files are modified. * Files are deleted. * There is a presence of unknown files, programs, or desktop icons. * There are unknown processes running. * Programs are turning off or reconfiguring themselves. * Email is being sent without the user’s knowledge or consent.

Question 26

access attack that attempts to manipulate individuals into performing actions or divulging confidential information

Answer 26

Social Engineering

Question 27

This is when an attacker calls an individual and lies to them in an attempt to gain access to privileged data.

Answer 27

Pretexting

Question 28

This is when an attacker quickly follows an authorized person into a secure location.

Answer 28

Tailgating

Question 29

This is when an attacker requests personal information from a party in exchange for something, like a free gift.

Answer 29

Something for Something (Quid pro quo)

Question 30

process of discovering the password used to protect a wireless network

Answer 30

Wi-Fi Password Cracking

Question 31

The attacker manipulates a person who knows the password into providing it.

Answer 31

Social engineering

Question 32

social engineering types

Answer 32

1. pretexting 2. tailgating 3. something for something (Quid pro quo)

Question 33

The attacker tries several possible passwords in an attempt to guess the password. If the password is a 4-digit number, for example, the attacker would have to try every one of the 10000 combinations.

Answer 33

Brute-force attacks

Question 34

By listening and capturing packets sent on the network, an attacker may be able to discover the password if the password is being sent unencrypted (in plain text

Answer 34

Network sniffing

Question 35

Wi-Fi Password Cracking types

Answer 35

1. Social engineering 2. Brute-force attacks 3. Network sniffing

Question 36

when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source.

Answer 36

Phishing

Question 37

* highly targeted phishing attack * emails are customized to a specific person

Answer 37

Spear phishing

Question 38

common method for exploiting vulnerabilities

Answer 38

1. Gather information about the target system 2. One of the pieces of relevant information learned in step 1 might be the operating system 3. the attacker looks for any known vulnerabilities specific to that version of OS or other OS services. 4. hen a vulnerability is found, the attacker looks for a previously written exploit to use

Question 39

They consist of a multi-phase, long term, stealthy and advanced operation against a specific target.

Answer 39

advanced persistent threats (APTs)

Question 40

a public Internet database containing information about domain names and their registrants.

Answer 40

whois

Question 41

* a popular port scanner * With a port scanner, an attacker can probe ports of a target computer to learn about which services are running on that computer.

Answer 41

nmap

Question 42

* attacks are a type of network attack * results in some sort of interruption of network service to users, devices, or applications.

Answer 42

Denial-of-Service (DoS

Question 43

This is when a network, host, or application is sent an enormous quantity of data at a rate which it cannot handle

Answer 43

Overwhelming Quantity of Traffic

Question 44

his is when a maliciously formatted packet is sent to a host or application and the receiver is unable to handle it.

Answer 44

Maliciously Formatted Packets

Question 45

* when single host attacks * maliscious attempt by a single person of group of people to cause deny of service to customers

Answer 45

DOS

Question 46

when multiple hosts attack simultaneously

Answer 46

DDOS

Question 47

An attacker builds a network of infected hosts

Answer 47

botnet

Question 48

The infected hosts are called

Answer 48

zombies

Question 49

types of DOS attacks

Answer 49

1. penetration 2. eavesdropping 3. man-in-the-middle 4. flooding

Question 50

* attacker gets inside your machine * take over machine and do whatever he wants * achieves entry via software, stolen password

Answer 50

penetration

Question 51

* attacker gains access to same network * listens to traffic going in and out

Answer 51

eavesdropping

Question 52

* attacker listens in input/output * can substitute messages in both directions

Answer 52

man-in-the-middle

Question 53

* attacker sends overwhelming number of messages; great congestion

Answer 53

flooding

Question 54

how to defend from DOS

Answer 54

1. firewall 2. router 3. switches

Question 55

prevent users from launching simple flooding type attacks from machines behind firewall

Answer 55

firewall

Question 56

provide automatic and/or system wide rate limiting, traffic shaping, delayed binding to detect and remediate denial of service attacks

Answer 56

switch

Question 57

add rules to take flow statistics out of router duing DOS attacks, they further slowdown and complicate the matter

Answer 57

router

Question 58

DDS based defense

Answer 58

1. clean pipes 2. nothing can be done to entirely prevent DOS 3. minimize dangers

Question 59

While many legitimate companies specialize in optimizing websites to better position them, a malicious user could use this to make a malicious website appear higher in search results.

Answer 59

SEO Poisoning

Question 60

attacks that use multiple techniques to compromise a target. By using several different attack techniques at once, attackers have malware that are a hybrid of worms, Trojan horses, spyware, keyloggers, spam and phishing schemes.

Answer 60

Blended attacks

Question 61

important measures a company should take when a security breach is identified

Answer 61

1. Communicate the issue 2. Be sincere and accountable in case the company is at fault. 3. Provide details. 4. Understand what caused and facilitated the breach. 5. Apply what was learned from the forensics investigation 6. Ensure all systems are clean 7. Educate