Untitled Quiz

Questions and Answers

Who is the Acting Director of CEMCA?

• Dr. Manas Ranjan Panigrahi
• Mr. Sani Abhilash
• Mr. R. Thyagarajan (correct)
• Mr. Manish Koranga

Which unit is associated with Mr. Ashutosh Bahuguna?

• Block I, Unit II
• Block II, Unit I
• Block III, Unit IV
• Block I, Unit IV (correct)

In which year was the Advanced Cyber Security Techniques material published?

• 2017
• 2015
• 2016 (correct)
• 2014

What type of license is the Advanced Cyber Security Techniques material made available under?

Creative Commons Attribution Share-Alike 4.0 License (D)

Which organization provided financial support for the preparation of this study material?

Commonwealth Educational Media Centre for Asia (D)

Who serves as the Senior Consultant for Wipro Technologies?

Mr. Manish Koranga (D)

Which role does Dr. Manas Ranjan Panigrahi hold?

Program Officer (Education) (D)

Which department is Mr. Sani Abhilash associated with?

Ministry of Communication & IT (C)

What is a common feature exploited in NTP servers to perform DDoS attacks?

MONLIST Mode 7 command (D)

Which attack method allows an attacker to spoof the source address of traffic?

Reflected denial-of-service attack (D)

What does DNS stand for, and what is its primary function?

Domain Name System; translating domain names to IP addresses. (D)

What is the primary goal of hackers when performing DDoS attacks?

To cause disruption of services (A)

Which of the following is an implementation of onion routing?

Tor (A)

What does the term 'amplification attack' refer to in the context of DDoS attacks?

Sending smaller requests to receive larger responses. (A)

Which type of attack leverages a distributed group of activists to cause service disruptions?

DDoS attack (B)

What aspect of the Domain Name System (DNS) makes it an attractive target for attackers?

Its hierarchical structure and naming system. (B)

What best defines a replay attack?

It involves capturing and retransmitting valid data to impersonate the original sender. (B)

What scenario exemplifies a denial of service (DoS) attack?

An attacker floods a server with traffic from a single source. (D)

In what way does a Distributed Denial of Service (DDoS) attack differ from a Denial of Service (DoS) attack?

DDoS attacks involve multiple compromised systems attacking a single target. (A)

Which of the following is NOT a method typically associated with conducting DoS/DDoS attacks?

Replay attacks (B)

What role does a botnet play in a DDoS attack?

It consists of compromised systems used to launch the attack. (C)

What is an important characteristic of a Ping of Death attack?

It uses ICMP packets that exceed normal size limits. (A)

Which scenario would represent a successful execution of a replay attack?

An attacker records login credentials and uses them later for authentication. (B)

Which statement about Denial of Service attacks is true?

They aim to disable a service for legitimate users. (C)

What is the primary function of a payload that functions as a backdoor?

To perform spying and monitoring activities (A)

Which zero-day vulnerability was exploited in Operation Snowman?

CVE-2014-0322 (C)

What common software vulnerabilities are typically targeted by exploit packs?

Client-side software vulnerabilities (D)

What is a defining feature of ransomware like CryptoLocker?

It restricts access to a PC until a ransom is paid (B)

What is the primary goal of Stuxnet malware?

To reprogram industrial control systems (C)

Which of the following best describes an exploit pack?

A toolkit aimed at automating client-side vulnerability exploitation (C)

What is the primary mechanism through which attackers initiate exploits using exploit kits?

By embedding code in compromised websites (D)

Which type of attack does WinLocker represent?

Screen locking malware that demands payment (A)

What is one significant trend observed with mobile devices in organizations?

Migration of business processes to mobile devices and tablets (D)

What type of malware has been notably targeted towards mobile operating systems?

Malware targeting Android, Symbian, and iOS (C)

Which of the following methods does NOT distribute mobile malware?

Visiting official app stores (C)

What are mobile malware primarily interested in accessing?

Sensitive information and device identifiers (C)

Which of the following mobile malware is known to perform premium-based texting?

Opfake (B)

What change is suggested for organizations due to mobile computing's growth?

Increasing mobile device protection strategies (C)

Which mobile malware family is associated with rooting devices?

Lotoor (B)

What indicates a shift in adversaries' focus in the mobile ecosystem?

Discovery of new vulnerabilities for exploitation (D)

Which type of attack involves overwhelming a network service to make it unavailable to its intended users?

Denial of Service (DoS) (C)

What is the primary function of a firewall in network security?

To block unauthorized network traffic (A)

Which method is often utilized to protect against intrusion and unauthorized access in a network?

Honeypots (D)

What best describes a Distributed Denial of Service (DDoS) attack?

An attack that involves multiple machines attacking a single target (A)

What is the purpose of Security Information and Event Management (SIEM) systems?

To provide real-time monitoring and analysis of security alerts (A)

Which of the following describes IP spoofing?

The practice of sending IP packets from a false source address (A)

What characterizes a 'watering hole attack'?

An attack that compromises a frequently visited website to infect users (D)

Which of the following could pose a threat to mobile computing?

Mobile device cloning (C)

Flashcards

Post-Graduate Diploma in Cyber Security

A specialized diploma program focusing on advanced cyber security techniques.

ISBN

International Standard Book Number, used to uniquely identify a book.

CEMCA

Commonwealth Educational Media Centre for Asia, providing educational resources.

Advanced Cyber Security Techniques

A course of study or a book covering advanced concepts in cybersecurity.

Creative Commons Attribution Share-Alike 4.0 Licence

License allowing sharing and adapting of the material, with attribution.

Cybersecurity Techniques

Methods and strategies for defending computer systems against cyberattacks.

Program Officer (Education)

An individual responsible for overseeing educational programs.

Computer Emergency Response Team (CERT-In)

Indian government organization for handling computer security incidents.

Replay Attack

A network attack where a valid message is repeated to cause harm.

Denial of Service (DoS)

An attack to make a computer resource unavailable to users.

Distributed Denial of Service (DDoS)

A DoS attack launched from multiple compromised computers.

Botnet

A network of compromised computers used for attacks.

Ping of Death

A DoS attack using oversized ICMP packets.

SYN attack

A DoS attack exploiting TCP's connection setup process.

UDP flooding

A DoS attack overwhelming a target with UDP packets.

DrDoS

A DDoS attack using a third-party service.

Hactivist Groups

Groups of individuals who use hacking techniques to promote political or social causes.

DDoS Attack

A type of cyberattack that overwhelms a target server with traffic from multiple sources, making it unavailable to legitimate users.

DNS Amplification Attack

A DDoS attack that exploits the Domain Name System (DNS) to amplify the attack traffic, making the attack more powerful.

NTP Reflected DDoS

A DDoS attack that leverages vulnerabilities in Network Time Protocol (NTP) servers to reflect amplified attack traffic back to the target.

IP Address Spoofing

A technique used in DDoS attacks where the attacker disguises the source of the attack traffic, making it difficult to track.

Onion Routing

A technique used by Tor where data is encrypted and routed through a network of relays, making it difficult to trace the origin of the traffic.

Tor Network

A privacy-focused network that uses onion routing to protect user privacy and anonymity.

Relays (Tor)

Nodes in the Tor network that route traffic between users and destinations, making it difficult to trace the path.

Mobile Malware Distribution Methods

Techniques used to spread harmful software to mobile devices, including app repackaging, browser attacks, visiting third-party app stores, malicious advertising, and clicking on shortened URLs.

Android Malware Families

Groups of malicious software specifically designed to target Android devices, often stealing data, spying on users, or taking control of devices.

Mobile Banking Trojans

Malware specifically aimed at stealing banking credentials and financial information from mobile users.

Mobile Malware Objectives

The goals of mobile malware often include stealing sensitive information (like location, unique device IDs), manipulating data, and turning devices into part of a larger botnet.

Android Exploits

Vulnerabilities in the Android operating system, allowing attackers to gain complete control of devices.

Mobile Ecosystem Vulnerabilities

Weaknesses in the design and security of mobile operating systems, applications, and communication networks, making them susceptible to attacks.

Importance of Mobile Security

The increasing use of mobile devices for both personal and business purposes necessitates strong security measures to protect sensitive data and prevent cyberattacks.

Evolving Malware Strategies

Cybercriminals constantly adapt their methods to target mobile devices using new vulnerabilities and techniques to bypass security measures.

Exploit Pack

A toolkit that automates the process of exploiting vulnerabilities in software, often targeting browsers and programs used by websites. It allows attackers to easily launch attacks against common vulnerabilities in applications like Adobe Reader, Java, Flash Player, and web browsers.

Ransomware

A type of malware that restricts access to a computer or its files, demanding a payment (ransom) in exchange for decryption or access restoration. It typically encrypts files, making them inaccessible until the ransom is paid.

CryptoLocker

A well-known ransomware variant that encrypts files and demands payment for decryption. It's known for its widespread infections.

WinLocker

A type of ransomware that locks the computer screen, preventing access. It displays a full-screen image that blocks other windows, demanding payment to unlock the screen.

Stuxnet

A sophisticated malware designed to target industrial control systems, such as those used in manufacturing and power plants. It can reprogram the control systems to malfunction, potentially causing damage or disruption.

Watering Hole Attack

A technique where attackers compromise a website frequented by their targets. They then insert malicious code into the website, infecting visitors when they access it.

Zero-Day Vulnerability

A security flaw in software that is unknown to developers and has no available patch. Attackers can exploit this flaw before the vulnerability is fixed, potentially causing significant damage.

Payload

The harmful code or data delivered to a target system during a cyberattack, causing damage or stealing information. This code could be ransomware, a backdoor, or other malicious software.

IP Spoofing

A technique where an attacker disguises their IP address as a trusted source to gain unauthorized access or deceive network devices.

Threats to Mobile Computing

Security risks related to smartphones and tablets, including data breaches, malware infections, privacy violations, and unauthorized access.

Emerging Threats to IoT

Security challenges arising from interconnected devices in the Internet of Things, such as vulnerabilities in connected devices, data privacy concerns, and potential for large-scale attacks.

Firewall

A network security system that acts as a barrier between a trusted network and an untrusted network, controlling incoming and outgoing traffic based on predefined rules.

Intrusion Detection and Prevention System (IDPS)

A security system that monitors network traffic for suspicious activities and can block or alert about potential threats.

Honeypot

A decoy system designed to attract and trap attackers, allowing security teams to analyze their tactics and gather intelligence.

Study Notes

Post-Graduate Diploma in Cyber Security

• Advanced Cyber Security Techniques course offered by Uttarakhand Open University
• Course code: (PGDCS-07)

Document Details

• Contains advisors and editors details for the CEMCA (Commonwealth Educational Media Centre for Asia)
• Acknowledges expertise and financial support of CEMCA, New Delhi for study material
• Published by: Uttarakhand Open University, 2016
• Creative Commons Attribution Share-Alike 4.0 Licence (international):
  • http://creativecommons.org/licenses/by-sa/4.0/
• Includes index of topics from subsequent blocks and pages

Learning Objectives (Block I)

• Understand network security need
• Understand the threat landscape
• Understand the current threat scenario
• Know the different weaknesses of computer networks
• Understand different attacks on computer networks
• Understand emerging threats to network technologies
• Understand the impact of different network attacks
• Including: Man-in-the-Middle (MITM) attack, Replay Attack, Denial of Service (DoS) attacks, Distributed Denial of Service (DDoS) attacks, Password-based attacks
• Also includes: Spoofing, Eavesdropping, Malicious program installation (backdoors), Threats to watch and emerging threats within network security

Learning Objectives (Block II)

• Understand network security technology
• Understand the concept and requirement of firewall
• Know impact of different network attacks and honeypots
• Understand Intrusion Detection and Prevention System (IDPS)
• Understand importance of Log Management - and Security Information and Event Management (SIEM)
• Understanding Honeypots

Learning Objectives (Block III)

• Know network security best practices
• Understand network security controls
• Know design of secure network
• Know critical security controls for cyber defense
• Including: Threats to organization network infrastructure

Learning Objectives (Block 4)

• Physical and environment security needs
• Threats from manmade disasters
• Physical security good practices and guidelines
• Understand physical and environment security controls
• Understand Data center security