Cyber Security: Internet Worms and Attacks
37 Questions
0 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Which Internet worm, released in 1988, could be one of the first real Internet crime cases?

  • the Slammer worm
  • the Jester worm
  • the Morris worm (correct)
  • the Code Red worm
  • How did the Slammer worm infect the victim’s computer?

  • It entered through the victim's Outlook address book software and then replicated itself by sending infected emails to the first 50 contacts.
  • It collected keystrokes, screenshots, and network traffic from open ports.
  • It 'slammed' shut a computer by not allowing any user to log in.
  • It exploited a buffer-overflow vulnerability in computers running Microsoft SQL Server or SQL Server Desktop Engine. (correct)
  • Which brand-name attack group consists of Russian hackers who have launched major issues to Ukraine via numerous attacks over the past couple of years?

  • Lazarus Group
  • Sandworm (correct)
  • Shadow Brokers
  • Equation Group
  • Which term refers to conduct against a site with software that is vulnerable to a specific exploit?

    <p>specific target attack</p> Signup and view all the answers

    What are individuals called who do not have the technical expertise to develop scripts but can run scripts developed by others?

    <p>script kiddies</p> Signup and view all the answers

    Which equation describes the operational model of security?

    <p>Protection = Prevention + (Detection + Response)</p> Signup and view all the answers

    Which of the following is NOT one of the three operational tenets revealed in secure deployments?

    <p>data encryption</p> Signup and view all the answers

    Which term describes the hacking of computers and systems used by a telephone company for its operations?

    <p>telecommunications hacking</p> Signup and view all the answers

    Which term refers to a network traffic management device that connects different network segments together?

    <p>Gateway</p> Signup and view all the answers

    What is the main purpose of an SSL accelerator?

    <p>To deliver SSL/TLS encryption/decryption at scale</p> Signup and view all the answers

    Which wireless technology allows devices to establish communication at close proximity?

    <p>Near Field Communication (NFC)</p> Signup and view all the answers

    802.11a operates in which frequency spectrum?

    <p>5GHz</p> Signup and view all the answers

    What type of system can a host-based IDS monitor?

    <p>Activity on a specific host</p> Signup and view all the answers

    What device is used primarily for managing or storing encryption keys?

    <p>Hardware Security Module (HSM)</p> Signup and view all the answers

    Which Windows Server feature ensures that only digitally signed anti-malware programs load post Secure Boot?

    <p>Early Launch Anti-Malware (ELAM)</p> Signup and view all the answers

    Which command is used in a Linux system to modify file permissions?

    <p>chmod</p> Signup and view all the answers

    Which term describes a general class of software designed for malicious purposes?

    <p>Malware</p> Signup and view all the answers

    What type of attack does SYN flooding represent?

    <p>Denial-of-Service (DoS) attack</p> Signup and view all the answers

    What process involves determining the risks associated with a system?

    <p>Risk assessment</p> Signup and view all the answers

    Which guideline is important when designing incident response procedures?

    <p>Include appropriate business personnel</p> Signup and view all the answers

    Which term represents a list of identified risks correlated to a system?

    <p>Risk register</p> Signup and view all the answers

    Which term describes the cognitive model used by the threat intelligence community to analyze events?

    <p>Diamond Model</p> Signup and view all the answers

    Which type of classification includes categories like High, Medium, Low, Confidential, Private, and Public?

    <p>information classification</p> Signup and view all the answers

    Which document establishes a uniform set of rules for partnerships?

    <p>memorandum of understanding (MOU)</p> Signup and view all the answers

    What is the main reason social engineering is often successful?

    <p>People have a basic desire to be helpful.</p> Signup and view all the answers

    How is pharming typically executed?

    <p>By modifying local host files to redirect users to fake websites.</p> Signup and view all the answers

    What practice describes the act of monitoring someone's sensitive information entry?

    <p>Shoulder surfing</p> Signup and view all the answers

    Which technique is primarily used in social engineering to gather sensitive information?

    <p>Masquerading as a trusted entity in digital communication.</p> Signup and view all the answers

    What is the correct mechanism to ensure data integrity?

    <p>using one-way hash functions and digital signatures</p> Signup and view all the answers

    What type of keys can be used only once after generation?

    <p>Session keys</p> Signup and view all the answers

    What term refers to the arranged set of algorithms for secure communication?

    <p>cipher suite</p> Signup and view all the answers

    In physical security, what does layered access refer to?

    <p>Employing various barriers to prevent unauthorized access to assets.</p> Signup and view all the answers

    What is the term used to describe the technique of concealing a message within a file?

    <p>Steganography</p> Signup and view all the answers

    What is the concept of implicit deny in firewall rules?

    <p>Denying all traffic unless explicitly allowed by a rule.</p> Signup and view all the answers

    What is transport encryption primarily used to protect?

    <p>Data in motion</p> Signup and view all the answers

    Which term describes the interface between a virtual machine and the host hardware?

    <p>Hypervisor</p> Signup and view all the answers

    Signup and view all the answers

    Study Notes

    Internet Worm Attacks

    • Morris worm (1988) is considered one of the first major Internet crime cases.
    • Slammer worm exploited a vulnerability in Microsoft SQL Server.

    Attack Groups

    • Lazarus Group is a Russian hacking group associated with attacks on Ukraine.
    • Sandworm is another Russian hacking group with a history of disruptive attacks.

    Attack Techniques

    • Target of opportunity attack exploits readily available vulnerabilities in a system.
    • Specific target attack is directed at a particular target with a specific vulnerability.
    • Script kiddies are individuals without advanced skills who use pre-made scripts for attacks.

    Security Models

    • The operational model of security is Prevention = Protection + (Detection x Response).
    • Secure deployments rely on least privilege, separation of privilege, and defense in depth.

    Specific Security Terms

    • Telephony hacking refers to unauthorized access to a phone network.
    • Separation of concern is a design concept to isolate components preventing interference.
    • Information classification uses categories like High, Medium, Low, Confidential, Private, and Public.

    Agreements & Policies

    • Memorandums of Understanding (MOUs) outline partnership terms.
    • Service Level Agreements (SLAs) define agreed-upon performance.
    • Policies are high-level statements of goals, and recommendations detail specific actions.

    Social Engineering

    • Social engineering exploits human psychology to gain unauthorized access.
    • Social engineering works because people want to be helpful.
    • Pharming redirects users to fake websites by modifying host files.
    • Shoulder surfing is directly observing a user entering information.

    Data Security & Cryptography

    • Integrity is provided by using two-way hash functions and digital signatures.
    • Crytographic service providers (CSPs) are groups of algorithms.
    • Transport encryption protects data in transit.
    • Salted hashes are a way to protect against rainbow table attacks.
    • One-time keys are used only once.
    • Steganography hides messages within other files.

    System Security

    • Bootdisks boot a device with a different OS.
    • LiveCDs enable running an OS from an optical drive without a hard drive.
    • Layered access controls offer multiple levels of protection from perimeter systems and internal.
    • Key management tracks who has access to keys.

    Network Security and Virtualization

    • Hypervisors manage virtual machines on the host machine.
    • Spanning trees prevent loops in network switching.
    • Firewalls utilize implicit deny rules to block traffic not explicitly permitted.
    • SSL Accelerators provide SSL/TLS encryption capabilities on a broader level than the web server itself
    • Switches connect network segments.
    • Near-field communication (NFC) allows short-range device communication.
    • 802.11a operates in a 5 GHz spectrum.

    Intrusion Detection and Protection

    • Host-based IDSs monitor activity on a specific host.
    • Banner grabbing gathers information from a service display.
    • Hardware security modules (HSMs) manage encryption keys.
    • Secure boot ensures only trusted anti-malware programs load.
    • chmod modifies permissions in a Linux system.
    • Network scanners probe for system weaknesses.

    Malware

    • Malware is malicious software.
    • SYN flooding is a denial-of-service attack.
    • Packet sniffing examines all network traffic.

    Network Tools & Analysis

    • Tracert provides a network route trace.
    • Wireshark analyzes and replays network traffic.
    • Network protocols and communications.

    Cloud Computing Security

    • Platform as a Service (PaaS) is a set of multiple software offerings in the cloud.
    • VPNs allow connections in and out of a virtual private cloud.

    Risk Management

    • Qualitative risk assessment subjectively evaluates impact.
    • Tangible impacts are measurable effects.
    • Risk mitigations are methods to counter risks.
    • Risk register is a list of project risks.

    Incident Response

    • Include business personnel in incident response efforts.
    • Incident response is a layered process.
    • Threat Diamond is used in threat intel.
    • Isolation/separation prevents access to vulnerable systems.

    Evidence & Forensics

    • Competent evidence is strong and convincing.
    • Strategic intelligence gathering targets specific data.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    Test your knowledge on internet worm attacks, notable hacking groups, and various attack techniques. This quiz also covers security models and specific security terms relevant to today's cyber threats. Enhance your understanding of cybersecurity concepts and practices.

    More Like This

    Network Topology Concepts
    29 questions
    MD07 - 04.- Seguridad en Internet (II)
    63 questions
    The Internet as an Internetwork
    5 questions

    The Internet as an Internetwork

    AdoredSydneyOperaHouse avatar
    AdoredSydneyOperaHouse
    Use Quizgecko on...
    Browser
    Browser