Cyber Security Fundamentals and Tools

Questions and Answers

What is the main difference between a phreaker and a hacker, as explained in the text?

Phreakers exploit weaknesses in telephones, while hackers target computers. (correct)

Phreakers change calling plans, while hackers distribute copyrighted files.

Phreakers add more account credits, while hackers commit identity theft.

Phreakers make long-distance calls, while hackers expose personal information.

Which action is associated with computer fraud according to the text?

Stealing personal information

Exposing personal information

Intentional deception for personal gain (correct)

Distributing copyright protected files

What type of cybercrime involves stealing personal information and impersonating someone?

Identity theft (correct)

Computer fraud

Privacy violation

Sharing copyrighted files

What is the primary objective of phreakers breaking into VoIP systems?

Make long-distance calls

Which cybercrime involves exposing personal information like email addresses and account details?

Privacy violation

What tool would be most appropriate for identifying and classifying malicious software?

YARA

Which tool is commonly used for cracking password hashes?

John the Ripper

What is the primary purpose of setting up a SIEM solution?

Centralizing and analyzing security logs

What activity involves practicing WEP/WPA2 cracking on a simulated wireless network?

Wireless Security

Which activity involves analyzing logs, file systems, and memory dumps in simulated incidents?

Incident Response Simulation

'Yet Another Recursive Acronym' refers to the acronym of which open-source tool?

YARA

What is the main focus of OWASP Top-10?

Listing common web application security risks

Which resource is specifically mentioned for Digital Forensics training?

Security Tube

What does the term 'Dark Web' generally refer to?

Encrypted online content not indexed by traditional search engines

Which platform is known for virtualization in the context of network security?

[VPN] ChaosVPN

What is the primary purpose of MITRE ATT&CK?

Listing cyber threat tactics and techniques

What is the role of a Hacktivist?

Hijacking websites to promote religious messages

Which programming language is commonly used for processing HTML forms and performing custom tasks?

PHP

Where can one find official Attack Box Kali/Parrot Linux images for virtual machines?

https://www.kali.org/get-kali/#kali-virtual-machines

What is the purpose of using JavaScript in web hacking?

To read saved cookies and perform cross site scripting

Which type of scripting language is PHP commonly classified as?

Server-side scripting language

What is the least recommended Attack Box configuration according to the text?

Windows OS with VirtualBox

Which computer language is used to write web pages and is associated with identifying and exploiting weaknesses in the code?

HTML

What is the main goal during the Recovery phase of digital forensics?

To extract data from the acquired evidence

In digital forensics, why is it important to create 1:1 copies of evidence (imaging)?

To maintain the integrity of the original evidence

What happens to most file systems when a file is deleted?

Only the directory entries are deleted, not the associated data blocks

What is steganography in digital forensics?

Data hidden in irrelevant locations to store information

Why might locating encryption keys be more feasible than decrypting encrypted data in digital forensics?

Encryption keys are easier to find than decrypting data

What is found in file system slack space in digital forensics?

Unused space in file system data structures containing hidden data