flashcards

Question 1

What is the primary objective of an Advanced Persistent Threat (APT)?

Answer 1

To gain stealthy, long-term access to a targeted system for data exfiltration.

Question 2

An APT campaign can often exist for several _____ and may be well funded.

Answer 2

years

Question 3

What is a common entry point exploited by APTs to penetrate a system?

Answer 3

The end user (insider), often through vulnerabilities like poor passwords.

Question 4

How do APTs often evade detection by security tools like firewalls and SIEMs?

Answer 4

By creating network traffic that is purposely designed to look like legitimate traffic.

Question 5

What is the ‘Reconnaissance’ stage in an APT attack?

Answer 5

The phase where attackers gather as much information as possible about the target’s systems, processes, and potential entry points.

Question 6

What occurs during the ‘Initial Compromise’ stage of an APT attack?

Answer 6

The attacker gains their first access or ‘foothold’ in a system, often through social engineering.

Question 7

The APT stage where an attacker expands access across systems, compromises additional devices, or increases permissions is known as _____.

Answer 7

Lateral Movement

Question 8

What is ‘Data Exfiltration’ in the context of an APT?

Answer 8

The process of sending stolen data through outbound traffic from the compromised network to the attacker’s devices.

Question 9

What are the two key activities in the final stage of an APT attack cycle?

Answer 9

Maintenance of access to the systems and concealment of any evidence of the compromise.

Question 10

In Unix-like systems, what are the three user classifications for file permissions?

Answer 10

Owner, Group, and World (or Other).

Question 11

What do the characters ‘r’, ‘w’, and ‘x’ represent in Unix file permissions?

Answer 11

Read, write, and execute permissions, respectively.

Question 12

What permissions are represented by the notation rwxrw-r--?

Answer 12

The owner has read, write, and execute; the group has read and write; others have read-only.

Question 13

In the context of digital images, what is a bitplane?

Answer 13

A matrix comprising the i-th bit of each pixel in a digital image for a specific colour channel.

Question 14

In the BPCS steganography algorithm, how is the complexity of a segment determined?

Answer 14

By calculating the ratio of the segment’s border changes to the maximum possible border changes (a checkerboard pattern).

Question 15

According to the BPCS algorithm, a segment is considered ‘complex’ enough to hide data if its complexity value is greater than _____.

Answer 15

0.3

Question 16

If a payload block in BPCS is not complex, what operation is performed before hiding it?

Answer 16

It is conjugated by performing an exclusive OR (XOR) operation with a checkerboard pattern.

Question 17

What is the definition of a biometric trait for user access control?

Answer 17

A sufficiently distinctive trait that can be measured, quantified, and stored for authentication.

Question 18

What are the two main categories of biometrics?

Answer 18

Physical and behavioural.

Question 19

What is the ‘Enrolment’ stage in a biometric system?

Answer 19

The initial process where a user’s biometric trait is captured and a template is extracted and stored.

Question 20

Metric: False Accept Rate (FAR)

Answer 20

Definition: A measure of the likelihood that a biometric system will incorrectly accept an unauthorised user.

Question 21

Metric: False Reject Rate (FRR)

Answer 21

Definition: A measure of the likelihood that a biometric system will incorrectly reject an authorised user.

Question 22

What does a Receiver Operating Characteristic (ROC) curve plot in biometrics?

Answer 22

The True Accept Rate (TAR) against the False Accept Rate (FAR) at various threshold settings.

Question 23

Which biometric method is claimed to be highly accurate, producing only 1 in 1-2 million false positives?

Answer 23

Iris recognition.

Question 24

Which biometric method is considered more invasive than iris scanning and can be affected by disease over time?

Answer 24

Retinal scanning.

Question 25

In fingerprint recognition, ridges and valleys form basic patterns such as arches, loops, and _____.

Answer 25

whorls

Question 26

What are the two key metrics in keystroke dynamics, a form of behavioural biometrics?

Answer 26

Dwell time (how long a key is pressed) and flight time (time between key presses).

Question 27

Vulnerability: Broken Authentication

Answer 27

Definition: Errors in the implementation of authentication mechanisms, such as session timeouts or weak password management.

Question 28

How can the risk of Sensitive Data Exposure be mitigated?

Answer 28

By encrypting or hashing sensitive data using appropriate methods and not storing unnecessary data.

Question 29

What is an XML External Entities (XXE) vulnerability?

Answer 29

A vulnerability where an XML processor insecurely evaluates external entities included in an XML document.

Question 30

An attack where a user can access unauthorised data by manipulating a URL parameter, such as an ID number, is known as an _____.

Answer 30

Insecure Direct Object Reference

Question 31

Vulnerability: Missing Function Level Access Control

Answer 31

Definition: When an application fails to check authorisation before fulfilling a request for specific functionality.

Question 32

What is 'Security Misconfiguration'?

Answer 32

When a system's security is weakened due to issues like not changing default credentials, leaving debugging modes on, or failing to apply patches.

Question 33

Term: Steganography

Answer 33

Definition: The practice of concealing a message, file, or other data within another, non-secret file or object.

Question 34

How does steganography differ from cryptography?

Answer 34

Cryptography obscures the content of a message, whereas steganography conceals the very existence of the message.

Question 35

In the Least Significant Bit (LSB) steganography method, how is data hidden?

Answer 35

By replacing the least significant bit of each colour value in the pixels of a cover image with the bits of the secret message.

Question 36

What is the purpose of the Cyber Kill Chain framework?

Answer 36

To identify and prevent cyber intrusions by breaking down an attack into distinct stages.

Question 37

What occurs during the 'Weaponisation' stage of the Cyber Kill Chain?

Answer 37

An attacker combines an exploit with a payload (like malware) to create a deliverable 'weapon'.

Question 38

The 'Delivery' stage of the Cyber Kill Chain involves transmitting the weapon to the target. Give an example of a delivery method.

Answer 38

Spear phishing emails, malicious USB drives, or exploiting a web vulnerability like SQL injection.

Question 39

What happens during the 'Exploitation' stage of the Cyber Kill Chain?

Answer 39

The malicious code is executed on the victim's system, triggering the vulnerability.

Question 40

What is the purpose of the 'Command and Control' (C2) stage in the Cyber Kill Chain?

Answer 40

The attacker establishes remote access and control over the compromised machine, often using a Remote Access Trojan (RAT).

Question 41

What is the final stage of the Cyber Kill Chain, where the attacker's ultimate goals are achieved?

Answer 41

Actions on Objectives.

Question 42

What is a Demilitarised Zone (DMZ) in network architecture?

Answer 42

A perimeter network that sits between an organisation's internal private network and the external untrusted network (like the internet).

Question 43

How does an Intrusion Prevention System (IPS) differ from an Intrusion Detection System (IDS)?

Answer 43

An IDS monitors and alerts on potential violations, while an IPS can additionally take action to prevent the violation.

Question 44

What problem does the Diffie-Hellman key exchange solve?

Answer 44

It allows two parties to establish a shared secret (a private symmetric key) over an insecure communication channel.

Question 45

What is a digital signature?

Answer 45

A cryptographic mechanism that uses a hash of a document encrypted with the sender's private key to ensure authenticity and integrity.

Question 46

To verify a digital signature, the recipient decrypts the encrypted hash using the sender's _____ key.

Answer 46

public

Question 47

Property: Strong Collision Resistance

Answer 47

Definition: A property of a cryptographic hash function stating that it is computationally infeasible to find two different messages that hash to the same value.

Question 48

A firewall policy that denies all traffic by default and only permits specifically allowed traffic is known as a _____ policy.

Answer 48

whitelist (or deny by default)

Question 49

What is the function of a proxy server?

Answer 49

It acts as an intermediary for requests from clients seeking resources from other servers, hiding the client's IP address.

Question 50

What is the primary purpose of the Kerberos protocol?

Answer 50

To provide strong, mutual authentication for client/server applications by using secret-key cryptography.

Question 51

In Kerberos, what is the role of the Authentication Server (AS)?

Answer 51

It authenticates the user at the start of a session and issues a Ticket-Granting Ticket (TGT).

Question 52

In Kerberos, what does the Ticket-Granting Server (TGS) do?

Answer 52

It issues service tickets to clients who present a valid Ticket-Granting Ticket (TGT).

Question 53

What is a replay attack?

Answer 53

An attack where a valid data transmission (like authentication credentials) is intercepted and maliciously repeated or delayed.

Question 54

How does a VPN create a secure connection over a public network like the internet?

Answer 54

Through a process called tunnelling, where packets are encapsulated within other packets and encrypted.

Question 55

What is the core principle of the CIA Triad in information security?

Answer 55

To ensure the Confidentiality, Integrity, and Availability of information.

Question 56

Term: Confidentiality (CIA Triad)

Answer 56

Definition: The principle that information should only be accessible to authorised users.

Question 57

Term: Integrity (CIA Triad)

Answer 57

Definition: The principle that information should not be altered or destroyed in an unauthorised manner.

Question 58

Term: Availability (CIA Triad)

Answer 58

Definition: The principle that systems and information should be accessible and usable upon demand by an authorised user.

Question 59

What is the difference between a threat and a vulnerability?

Answer 59

A vulnerability is a weakness in a system, while a threat is a potential danger that could exploit that vulnerability.

Question 60

What does the STRIDE framework stand for?

Answer 60

Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, Elevation of privilege.

Question 61

In STRIDE, the threat of Spoofing relates to which security property?

Answer 61

Authentication.

Question 62

In STRIDE, unauthorised modification of data is classified as _____ and violates the property of Integrity.

Answer 62

Tampering

Question 63

In STRIDE, what is Repudiation?

Answer 63

A threat where a user denies having performed an action, violating the principle of non-repudiation.

Question 64

In STRIDE, the threat of exposing sensitive information to unauthorised parties is known as _____.

Answer 64

Information disclosure

Question 65

What is a Denial of Service (DoS) attack?

Answer 65

An attack designed to make a machine or network resource unavailable to its intended users.

Question 66

How does a Distributed Denial of Service (DDoS) attack differ from a DoS attack?

Answer 66

A DDoS attack uses multiple compromised computer systems (a botnet) as the source of the attack traffic.

Question 67

What is a SYN Flood attack?

Answer 67

A DoS attack where an attacker sends a succession of SYN requests to a target's system in an attempt to consume server resources.

Question 68

A collection of internet-connected devices infected with malware that allows an attacker to control them is known as a _____.

Answer 68

botnet

Question 69

What is port scanning?

Answer 69

The process of sending client requests to a range of server port addresses on a host, with the goal of finding an active port.

Question 70

In public-key cryptography, a message is encrypted using the recipient's _____ key.

Answer 70

public

Question 71

In public-key cryptography, a message is decrypted using the recipient's _____ key.

Answer 71

private

Question 72

The RSA algorithm's security relies on the computational difficulty of what mathematical problem?

Answer 72

Factoring the product of two large prime numbers.

Question 73

What is a Cross-Site Scripting (XSS) attack?

Answer 73

An attack where malicious client-side scripts are injected into web pages viewed by other users.

Question 74

What is the difference between Stored XSS and Reflected XSS?

Answer 74

In Stored XSS, the malicious script is permanently stored on the target server, while in Reflected XSS, it is delivered via a link or request.

Question 75

How can HTML encoding help prevent XSS attacks?

Answer 75

By converting special characters (like '<' and '>') into their HTML entity equivalents (like '<'), preventing the browser from executing them as code.

Question 76

What is an Insecure Deserialization vulnerability?

Answer 76

A flaw that occurs when an application deserializes malicious or manipulated objects, potentially leading to remote code execution.

Question 77

What is a SQL injection attack?

Answer 77

An attack technique used to interfere with the queries that an application makes to its database, often by inserting malicious SQL code.

Question 78

What is the purpose of the `OR '1'='1'` payload in a SQL injection attack?

Answer 78

To create a condition that is always true, often bypassing authentication checks by making the WHERE clause of a query evaluate to true.

Question 79

How do prepared statements (or parameterised queries) mitigate SQL injection vulnerabilities?

Answer 79

They separate the SQL query structure from the user-supplied data, ensuring the data is treated as a literal value and not as executable code.

Question 80

What are the three main authentication factors?

Answer 80

Something you know (knowledge), something you have (token), and something you are (biometrics).

Question 81

What is multi-factor authentication (MFA)?

Answer 81

An authentication method that requires the user to provide two or more verification factors from different categories to gain access.

Question 82

In block ciphers, what is the purpose of a mode of operation like Cipher Block Chaining (CBC)?

Answer 82

To securely encrypt amounts of data larger than a single block, ensuring identical plaintext blocks do not result in identical ciphertext blocks.

Question 83

What is a major security flaw of the Electronic Code Book (ECB) mode of operation?

Answer 83

It encrypts identical plaintext blocks into identical ciphertext blocks, which can reveal patterns in the data.

Question 84

What is the purpose of an S-box (Substitution-box) in a block cipher?

Answer 84

To provide non-linearity and confusion by substituting a small block of bits with another block of bits.

Question 85

What is the purpose of a P-box (Permutation-box) in a block cipher?

Answer 85

To provide diffusion by permuting or transposing bits across its input.

Question 86

The AES algorithm operates on a 4x4 matrix of bytes known as the _____.

Answer 86

state

Question 87

The Blowfish algorithm is a type of _____ cipher structure.

Answer 87

Feistel

Question 88

How does a stream cipher operate?

Answer 88

It encrypts plaintext digits one at a time (e.g., bit by bit) by combining them with a keystream.

Question 89

What is the function of a key schedule in a block cipher?

Answer 89

It is an algorithm that takes the initial secret key and expands it into a set of round keys used in each round of encryption.

Question 90

In Transport Layer Security (TLS), what is the role of a Certificate Authority (CA)?

Answer 90

To issue and digitally sign certificates that verify the ownership of a public key by a named subject.

Question 91

What security property does (Perfect) Forward Secrecy provide?

Answer 91

It ensures that if a long-term secret key is compromised, past session keys cannot be derived, protecting past communications.

Question 92

Term: Cryptographic Entropy

Answer 92

A measure of the unpredictability or randomness of a piece of data, often used to assess password strength.

Question 93

What is packet sniffing?

Answer 93

The act of intercepting and logging traffic that passes over a digital network or part of a network.