Common Security Failures

Question 1

____ is designed to overwhelm the resources of a system to the point where it is unable to reply to legitimate service requests.

Answer 1

Denial-of-service attack (DoS)

Question 2

____ attack is similar in that it also seeks to drain the resources of a system. A ___ attack is initiated by a vast array of malware-infected host machines controlled by the attacker.

Answer 2

Distributed Denial-of-service attack (DDoS)

Question 3

These are referred to as ______ attacks because the victim site is unable to provide service to those who want to access it.

Answer 3

“denial of service”

Question 4

One common way to prevent DoS attacks is to use a ____ that detects whether requests sent to your site are legitimate.

Answer 4

Firewall

Question 5

____ types of cyber attacks refer to breaches in cybersecurity that make it possible for an attacker to eavesdrop on the data sent back and forth between two people, networks, or computers.

Answer 5

man-in-the-middle (MITM)

Question 6

It is called a _____ attack because the attacker positions themselves in the “middle” or between the two parties trying to communicate.

Answer 6

“man in the middle”

Question 7

Some ways to protect yourself and your organization from MITM attacks is by using strong encryption on access points or to use a ____

Answer 7

Virtual private network (VPN)

Question 8

___ occurs when a malicious actor sends emails that seem to be coming from trusted, legitimate sources in an attempt to grab sensitive information from the target.

Answer 8

Phishing

Question 9

____ combine social engineering and technology and are so-called because the attacker is, in effect, “fishing” for access to a forbidden area by using the “bait” of a seemingly trustworthy sender.

Answer 9

Phishing

Question 10

____ is so-named because it goes after the “big fish” or whales of an organization, which typically include those in the C-suite or others in charge of the organization.

Answer 10

whale-phishing

Question 11

The attacker takes the time to research their intended targets and then write messages the target is likely to find personally relevant.

Answer 11

Spear phishing

Question 12

These types of attacks are aptly called ____ because of the way the attacker hones in on one specific target.

Answer 12

spear phishing

Question 13

Often, a spear-phishing attack uses _____, where the information inside the “From” portion of the email is faked, making it look like the email is coming from a different sender.

Answer 13

email spoofing

Question 14

the victim’s system is held hostage until they agree to pay a ransom to the attacker. After the payment has been sent, the attacker then provides instructions regarding how the target can regain control of their computer.

Answer 14

Ransomware

Question 15

The name _____ is appropriate because the malware demands a ransom from the victim.

Answer 15

“ransomware”

Question 16

The malware is written to exploit vulnerabilities that have not been addressed by either the system’s manufacturer or the IT team.

Answer 16

Ransomware

Question 17

You can also prevent many ransomware attacks by using a _____ that can perform deep data packet inspections using artificial intelligence (AI) that looks for the characteristics of ransomware.

Answer 17

next generation firewall (NGFW)

Question 18

Passwords are the access verification tool of choice for most people, so figuring out a target’s password is an attractive proposition for a hacker.

Answer 18

Password attacks

Question 19

A ____ is a technique that uses common words and phrases, such as those listed in a dictionary, to try and guess the target’s password.

Answer 19

dictionary attack

Question 20

A ____ password hack uses basic information about the individual or their job title to try to guess their password.

Answer 20

brute force

Question 21

One effective method of preventing brute-force and dictionary password attacks is to set up a ___. This locks out access to devices, websites, or applications automatically after a certain number of failed attempts.

Answer 21

lock out policy

Question 22

___ is a common method of taking advantage of websites that depend on databases to serve their users.

Answer 22

Structured Query Language injection (SQL)

Question 23

The command is inserted, or “injected”, into a data plane in place of something else that normally goes there, such as a password or login. The server that holds the database then runs the command and the system is penetrated.

Answer 23

SQL Injection

Question 24

If an _____succeeds, several things can happen, including the release of sensitive data or the modification or deletion of important data

Answer 24

SQL Injection

Question 25

To shield yourself from an SQL injection attack, take advantage of the _____. With ____ architecture, only those who absolutely need to access key databases are allowed in.

Answer 25

least privilege model

Question 26

attackers alter and fabricate certain URL addresses and use them to gain access to the target’s personal and professional data

Answer 26

URL Interpretation

Question 27

URL Interpretation also means ___

Answer 27

URL Poisoning

Question 28

The name _____comes from the fact that the attacker knows the order in which a web-page’s URL information needs to be entered. The attacker then “interprets” this syntax, using it to figure out how to get into areas they do not have access to.

Answer 28

URL Interpretation

Question 29

a hacker may guess URLs they can use to gain administrator privileges to a site or to access the site’s back end to get into a user’s account. Once they get to the page they want, they can manipulate the site itself or gain access to sensitive information about the people who use it.

Answer 29

URL Interpretation

Question 30

To prevent URL interpretation attacks from succeeding, use secure authentication methods for any sensitive areas of your site. This may necessitate ____ or secure passwords consisting of seemingly random characters.

Answer 30

multi factor authentication (MFA)

Question 31

a hacker alters DNS records to send traffic to a fake or “spoofed” website.

Answer 31

Domain Name System Spoofing (DNS)

Question 32

The hacker may also construct a poor-quality site with derogatory or inflammatory content to make a competitor company look bad.

Answer 32

DNS Spoofing

Question 33

the attacker takes advantage of the fact that the user thinks the site they are visiting is legitimate. This gives the attacker the ability to commit crimes in the name of an innocent company, at least from the perspective of the visitor.

Answer 33

DNS Spoofing

Question 34

is one of multiple types of MITM attacks. The attacker takes over a session between a client and the server.

Answer 34

Session hijacking

Question 35

The computer being used in the attack substitutes its Internet Protocol (IP) address for that of the client computer, and the server continues the session without suspecting it is communicating with the attacker instead of the client.

Answer 35

Session Hijacking

Question 36

This kind of attack is effective because the server uses the client's IP address to verify its identity. If the attacker's IP address is inserted partway through the session, the server may not suspect a breach because it is already engaged in a trusted connection

Answer 36

Session Hijacking

Question 37

To prevent session hijacking, use a ___ to access business-critical servers.

Answer 37

VPN

Question 38

___ gets its name from the “brutish” or simple methodology employed by the attack.

Answer 38

brute force attacks

Question 39

The attacker simply tries to guess the login credentials of someone with access to the target system. Once they get it right, they are in.

Answer 39

Brute force attacks

Question 40

The attacker provides the bot with a list of credentials that they think may give them access to the secure area. The bot then tries each one while the attacker sits back and waits. Once the correct credentials have been entered, the criminal gains access.

Answer 40

Brute force attacks

Question 41

To prevent brute-force attacks, have ____ in place as part of your authorization security architecture.

Answer 41

lock out policies

Question 42

___ refer to threats that target vulnerabilities in web-based applications.

Answer 42

Web attacks

Question 43

Hackers also use _____ attacks and parameter tampering. In a ____ attack, the victim is fooled into performing an action that benefits the attacker.

Answer 43

cross-site request forgery (CSRF)

Question 44

___ involves adjusting the parameters that programmers implement as security measures designed to protect specific operations.

Answer 44

parameter tampering

Question 45

Sometimes, the most dangerous actors come from within an organization.

Answer 45

Insider threats

Question 46

People within the organization often have an in-depth understanding of its cybersecurity architecture, as well as how the business reacts to threats. This knowledge can be used to gain access to restricted areas, make changes to security settings, or deduce the best possible time to conduct an attack.

Answer 46

Insider threats

Question 47

____ uses a malicious program that is hidden inside a seemingly legitimate one.

Answer 47

Trojan horse

Question 48

____ a hacker embeds malicious code into an insecure website. When a user visits the site, the script is automatically executed on their computer, infecting it.

Answer 48

Drive-by attacks

Question 49

____the attacker transmits malicious scripts using clickable content that gets sent to the target’s browser.

Answer 49

cross-site scripting (XSS)

Question 50

When the victim clicks on the content, the script is executed. Because the user has already logged into a web application’s session, what they enter is seen as legitimate by the web application. However, the script executed has been altered by the attacker, resulting in an unintended action being taken by the “user.”

Answer 50

XSS

Question 51

___ involve the bad actor intercepting traffic as it is sent through the network.

Answer 51

Eavesdropping attacks

Question 52

____ can be active or passive.

Answer 52

Eavesdropping attacks

Question 53

With ____ eavesdropping, the hacker inserts a piece of software within the network traffic path to collect information that the hacker analyzes for useful data.

Answer 53

active

Question 54

With _____eavesdropping, attacks are different in that the hacker “listens in,” or eavesdrops, on the transmissions, looking for useful data they can steal.

Answer 54

Passive

Question 55

____ an attacker abuses a security feature: hash algorithms, which are used to verify the authenticity of messages.

Answer 55

birthday attack

Question 56

The _____ is a digital signature, and the receiver of the message checks it before accepting the message as authentic.

Answer 56

hash algorithm

Question 57

The name ______refers to the birthday paradox, which is based on the fact that in a room of 23 people, there is more than a 50% chance that two of them have the same birthday. Hence, while people think their birthdays, like hashes, are unique, they are not as unique as many think.

Answer 57

“birthday attack”

Question 58

____ is a general term for malicious software,

Answer 58

Malware

Question 59

____ infects a computer and changes how it functions, destroys data, or spies on the user or network traffic as it passes through.

Answer 59

Malware

Question 60

_____ can either spread from one device to another or remain in place, only impacting its host device.

Answer 60

Malware

Question 61

Several of the attack methods described above can involve forms of _____, including MITM attacks, phishing, ransomware, SQL injection, Trojan horses, drive-by attacks, and XSS attacks.

Answer 61

malware

Question 62

In a ______, the software has to be installed on the target device.

Answer 62

malware attack