Untitled Quiz

Questions and Answers

Who is the Acting Director of CEMCA?

Dr. Manas Ranjan Panigrahi

Mr. Sani Abhilash

Mr. R. Thyagarajan (correct)

Mr. Manish Koranga

Which unit is associated with Mr. Ashutosh Bahuguna?

Block I, Unit II

Block II, Unit I

Block III, Unit IV

Block I, Unit IV (correct)

In which year was the Advanced Cyber Security Techniques material published?

2017

2015

2016 (correct)

2014

What type of license is the Advanced Cyber Security Techniques material made available under?

Creative Commons Attribution Share-Alike 4.0 License

Which organization provided financial support for the preparation of this study material?

Commonwealth Educational Media Centre for Asia

Who serves as the Senior Consultant for Wipro Technologies?

Mr. Manish Koranga

Which role does Dr. Manas Ranjan Panigrahi hold?

Program Officer (Education)

Which department is Mr. Sani Abhilash associated with?

Ministry of Communication & IT

What is a common feature exploited in NTP servers to perform DDoS attacks?

MONLIST Mode 7 command

Which attack method allows an attacker to spoof the source address of traffic?

Reflected denial-of-service attack

What does DNS stand for, and what is its primary function?

Domain Name System; translating domain names to IP addresses.

What is the primary goal of hackers when performing DDoS attacks?

To cause disruption of services

Which of the following is an implementation of onion routing?

Tor

What does the term 'amplification attack' refer to in the context of DDoS attacks?

Sending smaller requests to receive larger responses.

Which type of attack leverages a distributed group of activists to cause service disruptions?

DDoS attack

What aspect of the Domain Name System (DNS) makes it an attractive target for attackers?

Its hierarchical structure and naming system.

What best defines a replay attack?

It involves capturing and retransmitting valid data to impersonate the original sender.

What scenario exemplifies a denial of service (DoS) attack?

An attacker floods a server with traffic from a single source.

In what way does a Distributed Denial of Service (DDoS) attack differ from a Denial of Service (DoS) attack?

DDoS attacks involve multiple compromised systems attacking a single target.

Which of the following is NOT a method typically associated with conducting DoS/DDoS attacks?

Replay attacks

What role does a botnet play in a DDoS attack?

It consists of compromised systems used to launch the attack.

What is an important characteristic of a Ping of Death attack?

It uses ICMP packets that exceed normal size limits.

Which scenario would represent a successful execution of a replay attack?

An attacker records login credentials and uses them later for authentication.

Which statement about Denial of Service attacks is true?

They aim to disable a service for legitimate users.

What is the primary function of a payload that functions as a backdoor?

To perform spying and monitoring activities

Which zero-day vulnerability was exploited in Operation Snowman?

CVE-2014-0322

What common software vulnerabilities are typically targeted by exploit packs?

Client-side software vulnerabilities

What is a defining feature of ransomware like CryptoLocker?

It restricts access to a PC until a ransom is paid

What is the primary goal of Stuxnet malware?

To reprogram industrial control systems

Which of the following best describes an exploit pack?

A toolkit aimed at automating client-side vulnerability exploitation

What is the primary mechanism through which attackers initiate exploits using exploit kits?

By embedding code in compromised websites

Which type of attack does WinLocker represent?

Screen locking malware that demands payment

What is one significant trend observed with mobile devices in organizations?

Migration of business processes to mobile devices and tablets

What type of malware has been notably targeted towards mobile operating systems?

Malware targeting Android, Symbian, and iOS

Which of the following methods does NOT distribute mobile malware?

Visiting official app stores

What are mobile malware primarily interested in accessing?

Sensitive information and device identifiers

Which of the following mobile malware is known to perform premium-based texting?

Opfake

What change is suggested for organizations due to mobile computing's growth?

Increasing mobile device protection strategies

Which mobile malware family is associated with rooting devices?

Lotoor

What indicates a shift in adversaries' focus in the mobile ecosystem?

Discovery of new vulnerabilities for exploitation

Which type of attack involves overwhelming a network service to make it unavailable to its intended users?

Denial of Service (DoS)

What is the primary function of a firewall in network security?

To block unauthorized network traffic

Which method is often utilized to protect against intrusion and unauthorized access in a network?

Honeypots

What best describes a Distributed Denial of Service (DDoS) attack?

An attack that involves multiple machines attacking a single target

What is the purpose of Security Information and Event Management (SIEM) systems?

To provide real-time monitoring and analysis of security alerts

Which of the following describes IP spoofing?

The practice of sending IP packets from a false source address

What characterizes a 'watering hole attack'?

An attack that compromises a frequently visited website to infect users

Which of the following could pose a threat to mobile computing?

Mobile device cloning

Study Notes

Post-Graduate Diploma in Cyber Security

• Advanced Cyber Security Techniques course offered by Uttarakhand Open University
• Course code: (PGDCS-07)

Document Details

• Contains advisors and editors details for the CEMCA (Commonwealth Educational Media Centre for Asia)
• Acknowledges expertise and financial support of CEMCA, New Delhi for study material
• Published by: Uttarakhand Open University, 2016
• Creative Commons Attribution Share-Alike 4.0 Licence (international):
  • http://creativecommons.org/licenses/by-sa/4.0/
• Includes index of topics from subsequent blocks and pages

Learning Objectives (Block I)

• Understand network security need
• Understand the threat landscape
• Understand the current threat scenario
• Know the different weaknesses of computer networks
• Understand different attacks on computer networks
• Understand emerging threats to network technologies
• Understand the impact of different network attacks
• Including: Man-in-the-Middle (MITM) attack, Replay Attack, Denial of Service (DoS) attacks, Distributed Denial of Service (DDoS) attacks, Password-based attacks
• Also includes: Spoofing, Eavesdropping, Malicious program installation (backdoors), Threats to watch and emerging threats within network security

Learning Objectives (Block II)

• Understand network security technology
• Understand the concept and requirement of firewall
• Know impact of different network attacks and honeypots
• Understand Intrusion Detection and Prevention System (IDPS)
• Understand importance of Log Management - and Security Information and Event Management (SIEM)
• Understanding Honeypots

Learning Objectives (Block III)

• Know network security best practices
• Understand network security controls
• Know design of secure network
• Know critical security controls for cyber defense
• Including: Threats to organization network infrastructure

Learning Objectives (Block 4)

• Physical and environment security needs
• Threats from manmade disasters
• Physical security good practices and guidelines
• Understand physical and environment security controls
• Understand Data center security