Cyber Security Fundamentals and Tools

Questions and Answers

What is the main difference between a phreaker and a hacker, as explained in the text?

• Phreakers exploit weaknesses in telephones, while hackers target computers. (correct)
• Phreakers change calling plans, while hackers distribute copyrighted files.
• Phreakers add more account credits, while hackers commit identity theft.
• Phreakers make long-distance calls, while hackers expose personal information.

Which action is associated with computer fraud according to the text?

• Stealing personal information
• Exposing personal information
• Intentional deception for personal gain (correct)
• Distributing copyright protected files

What type of cybercrime involves stealing personal information and impersonating someone?

• Identity theft (correct)
• Computer fraud
• Privacy violation
• Sharing copyrighted files

What is the primary objective of phreakers breaking into VoIP systems?

Make long-distance calls (B)

Which cybercrime involves exposing personal information like email addresses and account details?

Privacy violation (B)

What tool would be most appropriate for identifying and classifying malicious software?

YARA (D)

Which tool is commonly used for cracking password hashes?

John the Ripper (B)

What is the primary purpose of setting up a SIEM solution?

Centralizing and analyzing security logs (C)

What activity involves practicing WEP/WPA2 cracking on a simulated wireless network?

Wireless Security (C)

Which activity involves analyzing logs, file systems, and memory dumps in simulated incidents?

Incident Response Simulation (B)

'Yet Another Recursive Acronym' refers to the acronym of which open-source tool?

YARA (D)

What is the main focus of OWASP Top-10?

Listing common web application security risks (A)

Which resource is specifically mentioned for Digital Forensics training?

Security Tube (D)

What does the term 'Dark Web' generally refer to?

Encrypted online content not indexed by traditional search engines (C)

Which platform is known for virtualization in the context of network security?

[VPN] ChaosVPN (C)

What is the primary purpose of MITRE ATT&CK?

Listing cyber threat tactics and techniques (B)

What is the role of a Hacktivist?

Hijacking websites to promote religious messages (D)

Which programming language is commonly used for processing HTML forms and performing custom tasks?

PHP (C)

Where can one find official Attack Box Kali/Parrot Linux images for virtual machines?

https://www.kali.org/get-kali/#kali-virtual-machines (A)

What is the purpose of using JavaScript in web hacking?

To read saved cookies and perform cross site scripting (A)

Which type of scripting language is PHP commonly classified as?

Server-side scripting language (D)

What is the least recommended Attack Box configuration according to the text?

Windows OS with VirtualBox (A)

Which computer language is used to write web pages and is associated with identifying and exploiting weaknesses in the code?

HTML (A)

What is the main goal during the Recovery phase of digital forensics?

To extract data from the acquired evidence (C)

In digital forensics, why is it important to create 1:1 copies of evidence (imaging)?

To maintain the integrity of the original evidence (C)

What happens to most file systems when a file is deleted?

Only the directory entries are deleted, not the associated data blocks (A)

What is steganography in digital forensics?

Data hidden in irrelevant locations to store information (D)

Why might locating encryption keys be more feasible than decrypting encrypted data in digital forensics?

Encryption keys are easier to find than decrypting data (A)

What is found in file system slack space in digital forensics?

Unused space in file system data structures containing hidden data (D)