128 Questions
What is one of the latest social engineering techniques mentioned in the text?
Using multiple people and communication methods to earn trust
How do attackers often perform phishing attacks according to the text?
By imitating someone familiar to the victim
What effect does the text mention that certain social engineering attacks have on individuals?
Personal and emotional impact
In what scenario would an attacker send an email asking for donations, as described in the text?
To connect victims with malware links
What is a common characteristic of phishing attacks as mentioned in the text?
Imitating trusted entities or individuals
Why do attackers often imitate someone known to the victim when performing social engineering attacks?
To establish trust and deceive the victim
What is another term for phishing that occurs over voice calls?
Voice phishing
What is a common technique used by attackers to trick individuals into providing login credentials?
Sending fake security checks
What is a way to prevent shoulder surfing attacks when using a computer in public places?
Positioning yourself with your back to the wall
What type of phishing attack involves the attacker researching specific individuals within an organization?
Spear phishing
How can individuals prevent others from viewing their computer screen by walking behind them?
Using a privacy filter on the LCD screen
What might attackers gain by shoulder surfing?
Sensitive information displayed on the screen
How can individuals prevent shoulder surfing even in densely populated areas?
Adding a privacy filter to the LCD screen
What is the main concern regarding dumpster diving mentioned in the text?
Finding valuable information in the trash
What is a wireless evil twin attack according to the text?
Installing a wireless access point that mimics a legitimate one to deceive users
In what scenario would an attacker use a denial of service attack?
To cause a service to fail by overloading it
What is the term used to describe a phishing attack targeted at someone at the executive level?
Whaling
How can attackers initiate a DDoS attack to create a denial of service?
Use a botnet to take control of computers globally
What is one way to mitigate the risk of falling victim to a wireless evil twin attack?
Regularly change the SSID and passphrases of access points
What does the term 'no tailgating' refer to in the context of office security?
Walking through a door without proper access
What is the main objective of attackers employing spear phishing or whaling techniques?
Accessing a vast amount of private information or company finances
Which action could lead to an unintentional denial of service within a network?
Accidentally creating a network loop
In the context of building security, what is 'piggybacking'?
Gaining unauthorized entry by holding the door for someone with proper access
What is the primary reason behind encrypting data sent over networks according to the text?
To enhance data privacy and security
Why do attackers often use distributed denial of service (DDoS) attacks instead of single device attacks?
To make it more challenging for victims to block the attack effectively
What additional security measure do some organizations implement regarding building entry restriction?
Implementing doors that allow only one person through at a time
What is one example provided in the text of how attackers might cause a physical denial of service?
Turning off power to a building housing servers
What is 'dumpster diving' commonly associated with in terms of social engineering?
A technique for gathering intel by going through company trash
Why is it important to be cautious about the information thrown into trash bins according to the text?
To prevent attackers from using discarded data against you
'Impersonation' in social engineering involves attackers:
Pretending to be someone else to gain access or information
Why is it important for every employee to ask individuals without visible passes who they are and what they're doing in the organization's premises?
To enforce strict visitor policies and prevent unauthorized access
What might an attacker gain by successfully getting through the first locked door in an organization?
A wealth of information located beyond that door
How do attackers make their impersonations more believable in social engineering attacks?
Gathering information from third parties or going through trash for details
What is the main reason for the dramatic differences between hashes for passwords like 123456 and 1234567?
Different hashing algorithms used
In the context of password hashing, what does a brute force attack involve?
Trying every possible password combination to find a matching hash
Why is it challenging to determine the original password from its hash?
Hashing is a one-way process
What makes performing a brute force attack time-consuming?
Large number of possible password combinations
Why does the text mention examining passwords like A-A-A-A-A and A-A-A-A-B during a brute force attack?
To illustrate the exhaustive nature of brute force attacks
What is the purpose of using a username, account number, and password hash in the same line in a Linux device?
To securely store user credentials
What vulnerability was associated with Log4j?
Man-in-the-middle attack
What attack allows an attacker to sit in the middle of a conversation and potentially modify the information being sent?
ARP poisoning
What is the purpose of ARP poisoning as described in the text?
To exploit lack of security in ARP
How does ARP spoofing work in the context of the text?
By impersonating IP addresses
What information is typically stored in an ARP cache on a device?
IP addresses and MAC addresses
How does ARP poisoning enable an attacker to intercept traffic?
By modifying the victim's ARP cache
What happens when an entry in the ARP cache expires?
The ARP process needs to occur again
What is the significance of ARPs in network communication?
Resolving IP addresses to MAC addresses
What steps can be taken to mitigate ARP poisoning attacks?
Employing techniques like ARP spoof detection
In what situation would an attacker use ARP poisoning effectively?
When trying to intercept plaintext traffic on a local network
What is the main issue discussed in the text?
Zero-day vulnerabilities
How did the Zeus botnet infect millions of PCs?
By sending malware to unsuspecting users
What is a zero-day vulnerability?
A vulnerability that has never been identified or publicly disclosed
How do attackers differ from researchers when it comes to vulnerabilities?
Attackers try to exploit vulnerabilities, while researchers try to prevent exploitation
What is the significance of the Log4j vulnerability discussed in the text?
It affected millions of devices with Apache web servers
How can organizations mitigate distributed denial of service (DDoS) attacks?
Filtering out specific traffic patterns and working with ISPs
What was the timeframe between discovering the Log4j vulnerability and having patches available?
5 days
True or False: The Log4j vulnerability existed in the code since 2019.
Fill in the Blank: The Zeus botnet was able to infect over 3.6 million PCs without the users' __________.
What is a limitation to an ARP poisoning attack?
Access to the local subnet is not needed
How does an on-path browser attack differ from traditional ARP poisoning attacks?
It involves intercepting information directly from the browser
What is the advantage of capturing information in the browser during an attack?
Information is unencrypted at that stage
What security risk arises if passwords are stored in plain text?
Access to everyone's credentials is compromised
Why is hashing a recommended method for storing passwords?
Creates a unique fingerprint for each password
What does it mean when a hashing function has 'collisions'?
Two different inputs produce the same output hash
What makes hashing ideal for storing passwords?
'Collisions' enhance password security
Why is a hash referred to as a 'fingerprint'?
'Fingerprint' implies a unique identification for each input
What is the purpose of a hash in password storage?
'Hashes' prevent direct retrieval of original passwords
What is the primary reason that performing a brute force attack online can be challenging?
Lockout after multiple failed login attempts
Why do hackers take the hash file offline when performing a brute force attack?
To prevent lockout on the account
What resource-intensive process do attackers perform during a brute force attack?
Going through every possible password combination
What advantage do attackers gain by taking the hash file offline during a brute force attack?
Reduced chances of account lockout
Why do human beings tend to use real words as part of their passwords according to the text?
For ease of remembrance
What is the consequence of running into a lockout on an account during a brute force attack?
Account gets permanently locked
What term is used to describe the act of adding code to an application for malicious purposes?
Code injection
In the context of the text, what is SQL?
Structured Query Language
What could potentially be accessed in a database through a successful SQL injection?
Sensitive financial information
What does injecting 'or 1=1' into SQL code aim to achieve?
Retrieve all data from the database
Why is SQL injection considered a severe vulnerability?
It allows unauthorized access to sensitive data
In the text, what database manipulation technique is specifically discussed?
SQL manipulation
What is the purpose of the Web Goat application mentioned in the text?
Train users on vulnerabilities
What does adding '1 equals 1' at the end of a SQL query signify?
'True' condition for all entries
'Piggybacking' in terms of office security refers to:
'Tailgating' behind authorized personnel
What type of code could be injected into an application based on the text?
HTML, SQL, XML, LDAP, and other code types
What is the purpose of validating all input provided to an application?
To ensure that only authorized and safe data is processed
What does it mean when a system is not compliant with the standard operating environment (SOE)?
The system is not running the latest patches and software versions
When are Microsoft patches typically introduced?
During Patch Tuesday on the second Tuesday of every month
Why do organizations automate the process of updating hundreds or thousands of devices?
To quickly and efficiently update systems without manual intervention
What is one advantage of next-generation firewalls mentioned in the text?
They can identify details about applications going across the network
What is the main motivation for organizations to monitor application traffic?
To identify unauthorized applications being used on the network
What is one reason automation is commonly used to evaluate systems at certain checkpoints?
To save time and effort of IT professionals in checking systems manually
Why is it challenging for IT professionals to manually verify all system patches on multiple machines?
Because it becomes time-consuming with a large number of devices
What does it mean when a system is flagged as 'non-compliant' during login attempts?
The system is not up to date with required patches and configurations
What is one potential drawback of having manual checks on systems rather than automated evaluations?
Increased likelihood of missing critical security updates
What type of cross-site scripting attack involves placing malicious code on a centralized server?
Stored cross-site scripting attack
In the context of the text, what is one way to mitigate a cross-site scripting attack?
Turn off JavaScript in your browser
What was the vulnerability found in Subaru's web based front end according to the text?
Unlimited lifetime session IDs
What is one thing that Subaru corrected in response to the vulnerability found by Aaron Guzman?
Implemented proper validation of session IDs
What is a recommended practice to help avoid clicking on malicious links provided in email messages?
Avoid clicking any links in emails
What problem did Aaron Guzman find with the session ID information on Subaru's website?
'Token' never expired
What was a consequence of the session ID information not expiring on Subaru's website?
'Token' accessible by anyone
Why was it problematic that the session ID information on Subaru's website was not properly validated?
'Token' could be used by others
What is an example of a way attackers can spread a cross-site scripting attack quickly, as mentioned in the text?
Social networking site comment
What is one practical way to prevent potential cross-site scripting problems according to the text?
Keep browsers and apps up to date
What is a common issue addressed by organizations in their patch management process?
Deploying patches to ensure system security
Why do security teams need to carefully balance deploying security controls?
To keep systems safe and data accessible
What is the importance of knowing when an application or operating system reaches its end of life (EOL)?
To continue receiving updates and security patches
What is the main concern with the BYOD (bring your own device) policy in organizations?
Creating a security risk with personal and corporate data on the same device
Why should application developers avoid instructing users to disable antivirus or firewall programs during troubleshooting?
To prevent creating security vulnerabilities
What happens once an operating system reaches its end of service life (EOSL)?
No more bug fixes or security updates are released
What is a key challenge with ensuring security in BYOD environments?
Segmenting personal and corporate data effectively
What issue arises when an operating system reaches its end of service life (EOSL)?
The OS is no longer supported and no updated security patches are released
What term is used to describe the method where attackers use a set of words to crack passwords more efficiently?
Dictionary attack
Why is a dictionary attack more time-efficient compared to trying every possible combination of characters for password guessing?
It has a smaller word pool to search through
What is a common method attackers use to make dictionary attacks more effective?
Changing numbers to letters
How do attackers try to overcome users substituting characters in passwords, such as 'O' to '0' or 'L' to '7'?
By changing out common substitutions in the dictionary attack
What are attackers hoping users have selected as part of their password when conducting a dictionary attack?
'Real words' that can be found in the dictionary
Why is it difficult to discover passwords that are not part of the dictionary during a dictionary attack?
'Real words' are not common passwords
What additional resource might attackers use during a dictionary attack to speed up the process?
Graphics card or GPU
What is a significant limitation of a dictionary attack in terms of discovering passwords?
'Real words' may not be part of the dictionary
What institutional knowledge do insiders possess that might help them in potential attacks?
Location of devices and servers within the organization
What is one reason why protecting against insider threats is particularly challenging?
Insiders already have a level of trust within the organization
Why is it important to ensure that software is not susceptible to SQL injection attacks?
To protect sensitive information in databases
What is the main reason for always keeping browsers updated to the latest version?
To prevent vulnerabilities that can be exploited by attackers
How does cross-site scripting (XSS) differ from cascading style sheets (CSS)?
XSS allows sharing information between sites, while CSS controls the layout of web pages.
How might an attacker exploit a cross-site scripting vulnerability to gain access to sensitive information?
By running malicious scripts in a user's browser
What could be a potential consequence of an attacker obtaining a user's session ID through a cross-site scripting attack?
Accessing the user's account on the vulnerable website
Why might disabling JavaScript in a browser not be an effective solution to prevent cross-site scripting attacks?
Websites may not function properly without JavaScript
What could happen if a user clicks a link in an email that triggers a script in a cross-site scripting attack?
Sensitive information could be sent to the attacker
Study Notes
- Social engineering attacks are evolving, with attackers using multiple methods of communication and posing as various entities to gain trust and access.
- Intimidation tactics, such as posing as angry customers, are used to gain information or access.
- Phishing attacks involve spoofing and imitating known entities, often leading victims to fake login screens or websites.
- Shoulder surfing is the act of looking at someone's screen to obtain sensitive information.
- Shoulder surfing attacks can be prevented by being aware of surroundings, positioning oneself with a back to the wall, or adding privacy filters to LCD displays.
- Spear phishing is a targeted form of phishing, often aimed at individuals with access to valuable information, such as executives or those in charge of finances.
- Piggybacking refers to someone gaining unauthorized access to a secure area by following someone with authorized access.
- Social engineering attackers use impersonation tactics, such as pretending to be from the helpdesk or the executive team, to gain trust and information.
- Dumpster diving, or going through a company's trash, is a common form of social engineering used to gather intel for attacks.
Learn about the limitations of an ARP poisoning attack, the requirements for a successful interception, and alternative on-path attack methods like on-path browser attacks. Explore the risks associated with network security vulnerabilities.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free