Module 5: Threats

Question 1

Social engineering

A manipulation technique that exploits h____ e____ to gain private i_________, a_____, or v________

Answer 1

human error; information, access; valuables;

Question 2

Stages of social engineering
1) P_____
2) Establish t____
3) Use p________ tactics
4) D________ from the target

Answer 2

Prepare;
trust;
persuasion;
Disconnect;

Question 3

Preventing social engineering
- Implementing m_________ controls
- Staying informed of t______
- Sharing your k_________ with others

Answer 3

managerial;
trends;
knowledge;

Question 4

Common types of social engineering
- B_____
- P______
- Q___ p__ q__
- T_________
- W________ h___

Answer 4

Baiting;
Phishing;
Quid pro quo;
Tailgating;
Watering hole;

Question 5

Baiting

• Tempts people into compromising their s_______
• A common example is _ _ _ baiting that relies on someone finding an i_______ _ _ _ drive and plugging it into their device

Answer 5

security;
USB; infected USB;

Question 6

Phishing

The use of d_____ c__________ to trick people into revealing s_______ data or deploying m________ s_______.

Answer 6

digital communications;
sensitive; malicious software;

Question 7

Quid pro quo

• A type of baiting used to trick someone into believing that they’ll be r________ for sharing a_____, i__________ or m____.
• Eg. attacker impersonates a loan officer

Answer 7

rewarded; access, information; money;

Question 8

Tailgating

• Social engineering tactic in which u__________ people follow an a_________ person into a r________ area.
• Also sometimes referred to as p___________.

Answer 8

unauthorized; authorized; restricted;
piggybacking;

Question 9

Watering hole

• When a t_____ a____ compromises a w______ frequently visited by a specific g_____ of u____.
• Oftentimes, these watering hole sites are infected with m_______ s_______

Answer 9

threat actor; website; group; users;
malicious software;

Question 10

Encouraging caution of social engineering may be done by:
- Staying a____
- Being c______
- Controlling c________

Answer 10

alert;
cautious;
curiosity;

Question 11

Phishing kit tools
- M_________ attachments
- F___ data-collection forms
- F_________ web links

Answer 11

Malicious;
Fake;
Fraudulent;

Question 12

Smishing

The use of t___ m_______ to obtain s_______ i_________ or to impersonate a known s______

Answer 12

text messages; sensitive information; source;

Question 13

Vishing

The exploitation of e_______ v_____ c__________ to obtain s______ i________ or i__________ a known source

Answer 13

electronic voice communication; sensitive information; impersonate;

Question 14

Phishing security measures
- A___-p______ policies
- E_______ t______ resources
- E____ filters
- I______ p_______ systems

Answer 14

Anti-phishing;
Employee training;
Email;
Intrusion prevention;

Question 15

Angler phishing

• A technique where a______ impersonate c______ s______ representatives on s_____ m____

Answer 15

attackers; customer service; social media;

Question 16

Types of Malware
1) V____
2) W___
3) T_____
4) R_________
5) S______

Answer 16

Virus;
Worm;
Trojan;
Ransomware;
Spyware;

Question 17

Virus

Malicious c___ written to i______ with c________ o_________ and cause damage to d___ and s_______

Answer 17

code; interfere; computer operations; data; software;

Question 18

Worm

• Malware that can d________ and s_____ itself across s______ on its own.

Answer 18

duplicate; spread; systems;

Question 19

Trojan

• Malware that looks like a legitimate f___ or p______.
• Attackers deliver this type of malware hidden in f___ and a__________ downloads

Answer 19

file; program;
file; application;

Question 20

Adware

• A type of l________ software that is sometimes used to display d_____ a__________ in a___________.
• M________ adware falls into a sub-category of malware known as p_________ u_______ a__________ (PUA).

Answer 20

legitimate; digital advertisements; applications;
Malicious; potentially unwanted application;

Question 21

Potentially Unwanted Application (PUA)

• A type of unwanted s______ that is bundled in with l_________ programs which might display a__, cause device s_______, or i_____ other software.
• Attackers sometimes hide this type of malware in f_______ with i_______ design to monetize ads for themselves instead of the developer.

Answer 21

software; legitimate; ads; slowdown; install;
freeware; insecure;

Question 22

Spyware

Malware that is used to g_____ and s___ information without c______.
Also considered a _ _ _

Answer 22

gather; sell; consent;
PUA;

Question 23

Spyware is commonly hidden in b_________, additional software that is sometimes packaged with other a__________

Answer 23

bundleware; applications;

Question 24

Scareware

• Employs tactics to f_____ users into i__________ their own device.
• Tricks users by displaying f___ w______ that appear to come from l________ companies

Answer 24

frighten; infecting;
fake warnings; legitimate;

Question 25

Fileless malware - Uses l________ p______ that are already installed to i_____ a c_______. - This type of infection resides in m_______ where the malware never touches the h___ d_____

Answer 25

legitimate programs; infect; computer; memory; hard drive;

Question 26

Fileless malware is detected by performing m_____ a______, which requires experience with o________ s_______

Answer 26

memory analysis; operating systems;

Question 27

Rootkit - Malware that provides r_____, a__________ access to a c________. - Most attackers use rootkits to open a b_______ to systems, allowing them to install other forms of m______

Answer 27

remote, administrative; computer; backdoor; malware;

Question 28

Dropper A type of m______ that comes packed with m_______ c___ which is d________ and i_______ onto a target system

Answer 28

malware; malicious code; delivered; installed;

Question 29

Loader A type of malware that downloads strains of m_______ c____ from an e_______ s______ and installs them onto a t_____ system.

Answer 29

malicious code; external source; target;

Question 30

Cryptojacking A form of m______ that installs s_______ to illegally mine c____________

Answer 30

malware; software; cryptocurrencies;

Question 31

Signs of cryptojacking - S_______ - Increased _ _ _ usage - Sudden system c______ - Fast draining b_______ - Unusually high e___________ costs

Answer 31

Slowdown; CPU; crashes; batteries; electricity;

Question 32

Actions taken to protect against cryptojacking - Using malware b______ b_____ extensions - Setting up m_________ p_______ for increased _ _ _ usage

Answer 32

blocking browser; monitoring processes; CPU;

Question 33

Web-based exploits Malicious code or behaviour that's used to take a_________ of coding f____ in a web a_________

Answer 33

advantage; flaws; application;

Question 34

Injection attack Malicious code inserted into a v________ a_________

Answer 34

vulnerable application;

Question 35

Cross-site scripting (XSS) An injection attack that inserts c___ into a vulnerable w______ or w__ a__________

Answer 35

code; website; web application;

Question 36

Types of cross-site scripting attacks 1) R_______ 2) S_____ 3) _ _ _ -based

Answer 36

Reflected; Stored; DOM;

Question 37

Reflected XSS attack An instance when malicious s_____ is sent to a s_____ and activated during the s____'s response

Answer 37

script; server; server;

Question 38

Stored XSS attack An instance when malicious s____ is injected d______ on the s______

Answer 38

script; directly; server;

Question 39

DOM-based XSS attack An instance when malicious s_____ exists in the w______ a b_______ loads

Answer 39

script; webpage; browser;

Question 40

SQL injection An attack that executes u_________ q_____ on a d________

Answer 40

unexpected queries; database;

Question 41

Three categories of SQL injection: - I_-b___ - O__-o_-b___ - I_______

Answer 41

In-band; Out-of-band; Inferential;

Question 42

In-band SQL injection - An in-band injection is one that uses the same c__________ c______ to launch the a_____ and gather the r______

Answer 42

communication channel; attack; results;

Question 43

Out-of-band SQL injection - One that uses a different c__________ c______ to launch the a_____ and gather the r_______

Answer 43

communication channel; attack; results;

Question 44

Inferential SQL Injection - Occurs when an attacker is unable to see the r______ of their a_____ - Instead, they can interpret the r______ by analyzing the b_______ of the s______

Answer 44

results; attack; results; behaviour; system;

Question 45

Ways to escape user inputs: - P_______ s________ - I_____ s_________ - I_____ v________

Answer 45

Prepared statements; Input sanitization; Input validation;

Question 46

Prepared statements A coding technique that executes _ _ _ statements before passing them on to a d________

Answer 46

SQL; database;

Question 47

Input sanitization Programming that removes u___ i_____ which could be interpreted as c___

Answer 47

user input; code;

Question 48

Input validation Programming that ensures user i____ meets a system's e__________

Answer 48

input; expectations;

Question 49

Cross-site scripting (XSS) attacks are often delivered by exploiting the following languages: - J___S______ - _ _ _ _

Answer 49

JavaScript; HTML;

Question 50

Two examples of when SQL injections can take place: - When a m_______ s_____ is injected directly on the s_____ - When a m_______ s_____ exists in the w_____ a b______ loads

Answer 50

malicious script; server; malicious script; webpage; browser;

Question 51

In a SQL injection attack, malicious attackers attempt to obtain the following: - S_______ information - A___________ rights

Answer 51

Sensitive; Administrative;

Question 52

Threat modeling The process of identifying a_____, their v__________, and how each is e_______ to t_____

Answer 52

asset; vulnerabilities; exposed; threats;

Question 53

Attack tree A diagram that maps t______ to a_____

Answer 53

threats; assets;

Question 54

Threat model steps 1) Define the s____ 2) Identify t______ 3) Characterize the e__________ 4) Analyze t______ 5) Mitigate r____ 6) Evaluate f_______

Answer 54

scope; threats; environment; threats; risks; findings;

Question 55

PASTA stands for

Answer 55

Process for Attack Simulation and Threat Analysis

Question 56

PASTA threat model framework (1-4) 1) Define b_______ and s______ objectives 2) Define the t______ scope 3) D_______ the application 4) Perform a t______ analysis

Answer 56

business; security; technical; Decompose; threat;

Question 57

PASTA threat model framework (5-7) 5) Perform a v_________ analysis 6) Conduct attack m________ 7) Analyze r___ and i______

Answer 57

vulnerability; modeling; risk; impact;

Question 58

STRIDE - A threat modeling framework developed by M_______. Helps identify vulnerabilities in 6 specific attack vectors: 1) S_______ 2) T_______ 3) R________ 4) I_________ d________ 5) D_____ of S_____ 6) E_________ of p_______

Answer 58

Spoofing; Tampering; Repudiation; Information disclosure; Denial; Service; Elevation; privilege;

Question 59

The following are common signs that a computer is infected with cryptojacking software: - Sudden s______ c______ - Unusually high e___________ costs - Increased _ _ _ usage

Answer 59

system crashes; electricity; CPU;