flashcards (1)

Question 1

What are the three core principles of the CIA triad in information security?

Answer 1

Confidentiality, Integrity, and Availability.

Question 2

In the CIA triad, what does ‘Confidentiality’ refer to?

Answer 2

Information should only be viewed by authorised users.

Question 3

In the CIA triad, what is the principle of ‘Integrity’?

Answer 3

Information should not be altered without appropriate authorisation.

Question 4

What does ‘Availability’ mean in the context of the CIA triad?

Answer 4

Information should be available to legitimate users in line with the design of the system.

Question 5

Define ‘vulnerability’ in the context of cyber security.

Answer 5

A limitation or weakness which opens a system to potential attack.

Question 6

What is a ‘threat’ in cyber security?

Answer 6

Something or someone that poses potential harm to a system.

Question 7

What is an ‘attack’ in cyber security?

Answer 7

An event that aims to exploit a vulnerability of a system.

Question 8

The collection of all entry points an unauthorised attacker could attempt to exploit is known as the _____.

Answer 8

Attack Surface.

Question 9

What is an ‘Attack Vector’?

Answer 9

The path an attacker has taken to gain unauthorised access to a system.

Question 10

What are the three main categories of authentication factors?

Answer 10

Knowledge (something you know), Biometrics (something you are), and Token (something you have).

Question 11

What is required for an authentication method to be considered Multi-Factor Authentication (MFA)?

Answer 11

It must use a combination of authentication from at least two different factor categories.

Question 12

In the context of access control, what is ‘Identification’?

Answer 12

The act of claiming an identity, for example, stating ‘I am Fred’.

Question 13

What is the primary goal of an Advanced Persistent Threat (APT)?

Answer 13

To gain stealthy, long-term access to a targeted system for data exfiltration.

Question 14

What are the five main stages of an Advanced Persistent Threat (APT) campaign?

Answer 14

Reconnaissance, Initial Compromise, Lateral Movement, Data Exfiltration, and Maintenance and Concealment.

Question 15

In an APT, what occurs during the ‘Lateral Movement’ stage?

Answer 15

The attacker expands their access across the systems, such as compromising additional devices or increasing permissions.

Question 16

In Unix-based systems, what do the ‘r’, ‘w’, and ‘x’ permissions stand for?

Answer 16

Read (r), write (w), and execute (x).

Question 17

In the Unix access control model, what are the three user classifications for permissions?

Answer 17

Owner, Group, and World (Other).

Question 18

What do the permissions ‘rwxrw-r–’ represent in the Unix access control model?

Answer 18

The Owner has read, write, and execute permissions; the Group has read and write permissions; and the World has only read permission.

Question 19

In biometrics, what is the ‘Enrolment’ stage?

Answer 19

It is the process where a user’s biometric trait is measured and a template is extracted and stored for future comparisons.

Question 20

What does the False Accept Rate (FAR) measure in a biometric system?

Answer 20

It is a measure of the likelihood of the system incorrectly accepting an access attempt by an unauthorised user.

Question 21

What does the False Reject Rate (FRR) measure in a biometric system?

Answer 21

It is a measure of the likelihood of the system incorrectly rejecting an access attempt by an authorised user.

Question 22

What is a Receiver Operating Characteristic (ROC) curve used to illustrate in biometrics?

Answer 22

It plots the True Accept Rate (TAR) against the False Accept Rate (FAR) to show the performance of a biometric system at various threshold settings.

Question 23

What is a significant drawback of retinal scanning compared to iris recognition?

Answer 23

It is more invasive, can be affected by disease over time, and requires specialist low-light equipment.

Question 24

What two key metrics are used in keystroke dynamics for behavioural biometrics?

Answer 24

Dwell time (how long a key is pressed) and flight time (the time between key presses).

Question 25

What is an 'Insecure Direct Object Reference'?

Answer 25

A vulnerability where an application provides direct access to objects based on user-supplied input, allowing attackers to access unauthorised data by modifying the reference.

Question 26

What vulnerability occurs when an application doesn't properly verify if a user is authorised to access specific functionality, even if the links are hidden?

Answer 26

Missing Function Level Access Control.

Question 27

What is the primary defence against sensitive data exposure?

Answer 27

Encrypting or hashing sensitive data using appropriate methods and not storing data that is not needed.

Question 28

What is an XML External Entities (XXE) vulnerability?

Answer 28

A flaw where an XML processor allows external entities to be included and evaluated, which can be exploited by providing a malicious URI.

Question 29

What is the main purpose of the Cyber Kill Chain framework?

Answer 29

To identify and prevent cyber intrusions by breaking down the anatomy of an attack into distinct stages.

Question 30

What is the first stage of the Lockheed Martin Cyber Kill Chain?

Answer 30

Reconnaissance, which involves gathering information about the target system.

Question 31

In the Cyber Kill Chain, what happens during the 'Weaponisation' stage?

Answer 31

An exploit is combined with a vulnerability (backdoor) to create a malicious payload, like malware.

Question 32

The 'Delivery' stage of the Cyber Kill Chain involves ____.

Answer 32

transmitting the weaponised exploit to the target, for example, via a spear-phishing email or a malicious USB drive.

Question 33

What is the objective of the 'Command and Control' (C2) stage in the Cyber Kill Chain?

Answer 33

To establish remote access and control over the victim machine, often using a Remote Access Trojan (RAT).

Question 34

What is the purpose of the STRIDE threat modelling framework?

Answer 34

To support developers in identifying and classifying common security threats during the design phase.

Question 35

What are the six threat categories in the STRIDE model?

Answer 35

Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege.

Question 36

In STRIDE, 'Spoofing' is a threat to which security property?

Answer 36

Authentication.

Question 37

The unauthorised modification of data is classified as which threat in the STRIDE model?

Answer 37

Tampering, which violates the property of Integrity.

Question 38

What is a 'Repudiation' threat according to STRIDE?

Answer 38

When a user denies having performed an action, violating the principle of non-repudiation.

Question 39

A user with read-only permissions managing to gain write capabilities is an example of which STRIDE threat?

Answer 39

Elevation of Privilege, which is a threat to Authorisation.

Question 40

What is the primary function of a firewall?

Answer 40

To protect the boundary of an internal network from an external one by filtering network traffic based on a set of rules.

Question 41

What is a 'whitelisting' policy for a firewall?

Answer 41

A policy that denies all traffic by default and only permits traffic that has been specifically allowed.

Question 42

What is a Demilitarised Zone (DMZ) in network architecture?

Answer 42

A part of a network situated between the protected internal network and the untrusted external network, providing an additional layer of security.

Question 43

What is the main difference between an Intrusion Detection System (IDS) and an Intrusion Prevention System (IPS)?

Answer 43

An IDS monitors and alerts on potential violations, whereas an IPS can additionally take action to prevent the violation from occurring.

Question 44

In cryptography, what is the term for the original, readable message?

Answer 44

Plaintext.

Question 45

The encrypted, unreadable version of a message is called ____.

Answer 45

Ciphertext.

Question 46

What is a substitution cipher?

Answer 46

A method of encryption where units of plaintext are replaced with ciphertext according to a fixed system.

Question 47

In modern block ciphers, what is the purpose of an S-box (Substitution-box)?

Answer 47

To perform substitution on small blocks of bits to obscure the relationship between the key and the ciphertext, providing confusion.

Question 48

What is the function of a P-box (Permutation-box) in a block cipher?

Answer 48

To transpose bits, spreading the influence of one plaintext bit over many ciphertext bits to achieve diffusion.

Question 49

What is 'diffusion' in the context of cryptography?

Answer 49

A property where changing a single bit of the plaintext results in changes to multiple bits of the ciphertext.

Question 50

What is 'confusion' in cryptography?

Answer 50

A property that makes the relationship between the key and the ciphertext as complex as possible, so each ciphertext bit depends on multiple parts of the key.

Question 51

How does a stream cipher operate?

Answer 51

It encrypts and decrypts data one bit or byte at a time, typically by performing a bitwise XOR with a keystream.

Question 52

How does a block cipher operate?

Answer 52

It encrypts data in fixed-size chunks called blocks.

Question 53

What is a major security weakness of the Electronic Code Book (ECB) mode of operation?

Answer 53

Identical plaintext blocks are encrypted into identical ciphertext blocks, revealing patterns in the data.

Question 54

How does Cipher Block Chaining (CBC) mode improve upon ECB?

Answer 54

Each block of plaintext is XORed with the previous ciphertext block before being encrypted, which hides patterns.

Question 55

What is a Feistel structure in a block cipher?

Answer 55

A structure that splits a block of data into two halves and processes them through multiple rounds of substitution and permutation, where encryption and decryption are very similar.

Question 56

What are the four main operations in a round of the Advanced Encryption Standard (AES)?

Answer 56

SubBytes, ShiftRows, MixColumns, and AddRoundKey.

Question 57

Which operation is omitted from the final round of AES encryption?

Answer 57

The MixColumns step.

Question 58

The 'AddRoundKey' step in AES performs what mathematical operation?

Answer 58

A bitwise XOR between the current state matrix and the round key.

Question 59

What is the key exchange problem in symmetric cryptography?

Answer 59

The challenge of securely distributing a shared secret key between two parties over an insecure channel.

Question 60

How does the Diffie-Hellman Key Exchange (DHKE) protocol solve the key exchange problem?

Answer 60

It allows two parties to establish a shared secret key over an insecure channel without the key itself ever being transmitted.

Question 61

In RSA public-key cryptography, which key is used for encryption?

Answer 61

The recipient's public key.

Question 62

In RSA, which key is used for decryption?

Answer 62

The recipient's private key.

Question 63

To create a digital signature, a message hash is encrypted with the _____.

Answer 63

sender's private key.

Question 64

How does a recipient verify a digital signature?

Answer 64

By decrypting the signature with the sender's public key and comparing the result to a freshly computed hash of the received message.

Question 65

A cryptographic hash function must have the 'one-way' property, also known as ____.

Answer 65

Pre-image resistance.

Question 66

What does 'strong collision resistance' mean for a hash function?

Answer 66

It is computationally infeasible to find two different messages that hash to the same value.

Question 67

What is the purpose of a Message Authentication Code (MAC)?

Answer 67

To ensure both the integrity (the message hasn't been tampered with) and the authenticity (the message is from the claimed sender) of a message.

Question 68

What is steganography?

Answer 68

The practice of concealing a file, message, image, or video within another file, message, image, or video.

Question 69

How does the Least Significant Bit (LSB) steganography algorithm work?

Answer 69

It hides data by replacing the least significant bit of each colour value in the pixels of a cover image with bits from the payload message.

Question 70

What is a 'bitplane' in the context of digital images?

Answer 70

A matrix comprising the i-th bit of each pixel in a digital image for a specific colour channel.

Question 71

In the BPCS steganography algorithm, what does a complexity score greater than 0.3 indicate about an 8x8 bit segment?

Answer 71

The segment is considered sufficiently complex and random-looking, meaning it can be replaced with payload data without causing a noticeable visual impact.

Question 72

What is 'packet sniffing'?

Answer 72

The process of monitoring and capturing data packets as they pass through a computer network.

Question 73

A _____ attack involves an attacker secretly relaying and possibly altering the communication between two parties who believe they are directly communicating with each other.

Answer 73

Machine in the Middle (MITM).

Question 74

What is ARP spoofing?

Answer 74

An attack where a malicious actor sends falsified Address Resolution Protocol (ARP) messages over a local area network to associate their MAC address with the IP address of another host.

Question 75

How does a replay attack work?

Answer 75

An attacker intercepts a valid data transmission (like authentication credentials) and maliciously re-sends it at a later time to impersonate the original user.

Question 76

What is a Denial of Service (DoS) attack?

Answer 76

An attack that targets servers to overload them, making a service unavailable to legitimate users.

Question 77

How does a SYN flood attack cause a denial of service?

Answer 77

It sends a succession of SYN requests to a target's system but does not send the final ACK, leaving connections half-open and consuming server resources until they are exhausted.

Question 78

What distinguishes a Distributed Denial of Service (DDoS) attack from a DoS attack?

Answer 78

A DDoS attack uses multiple, distributed infected computers (a botnet) to launch the attack, making it harder to trace and block.

Question 79

What is port scanning?

Answer 79

A process which checks a host's ports to identify which are open, closed, or filtered, often as a precursor to an attack.

Question 80

What is the primary purpose of the Kerberos protocol?

Answer 80

To provide strong, mutual authentication for client/server applications over an insecure network, mitigating replay attacks and improving usability.

Question 81

In Kerberos, what is the role of the Authentication Server (AS)?

Answer 81

It authenticates the user at the start of a session and provides them with a Ticket-Granting Ticket (TGT).

Question 82

What is the function of the Ticket-Granting Server (TGS) in Kerberos?

Answer 82

It issues service tickets to clients after they present a valid Ticket-Granting Ticket (TGT).

Question 83

What is a Virtual Private Network (VPN)?

Answer 83

A technology that creates a secure, encrypted connection over a less secure network, such as the public internet.

Question 84

What is 'tunnelling' in the context of a VPN?

Answer 84

The process of encapsulating packets with internal network addresses within packets that use internet addressing to traverse the public network securely.

Question 85

What is a Cross-Site Scripting (XSS) attack?

Answer 85

An attack where malicious client-side scripts are injected into web pages viewed by other users, which are then executed in the victim's browser.

Question 86

What is the difference between Stored XSS and Reflected XSS?

Answer 86

In Stored XSS, the malicious script is permanently stored on the target server, while in Reflected XSS, the script is part of a request (often in the URL) and is reflected back by the server.

Question 87

What is an effective defence against XSS attacks?

Answer 87

Performing input validation and HTML encoding on untrusted user data before it is rendered on a page.

Question 88

What is an 'insecure deserialization' vulnerability?

Answer 88

A flaw where an application deserializes untrusted data without sufficient checks, potentially allowing an attacker to execute malicious code by providing a crafted, serialized object.

Question 89

In PHP, what is the purpose of using a prepared statement for SQL queries?

Answer 89

It separates the SQL command logic from the data, preventing user input from being interpreted as part of the SQL command, thus mitigating SQL injection attacks.

Question 90

How can an attacker use the SQL comment sequence '--' to bypass authentication?

Answer 90

By injecting it into a query, they can cause the remainder of the SQL statement, such as the password check, to be ignored by the database.

Question 91

What is the role of a Certificate Authority (CA) in a Public Key Infrastructure (PKI)?

Answer 91

A CA is a trusted entity that digitally signs and issues certificates to verify the ownership of a public key.

Question 92

What security guarantee does (Perfect) Forward Secrecy provide in protocols like TLS 1.3?

Answer 92

It ensures that if a long-term key is compromised, past and future communication sessions remain confidential because session keys are ephemeral.