Cybersecurity Attacks and Protections Quiz

Questions and Answers

What attack is being used when an attacker intercepts a login session to capture information for later use?

Replay (correct)

Smurf Attack

Clickjacking

SQL Injection

Which of the following MOST LIKELY occurred when a user clicked a link and later found their social media account hacked?

Phishing

SQL Injection

Clickjacking (correct)

Replay

Which type of attack allows a hacker to run arbitrary code on a remote machine?

Replay

SQL Injection (correct)

Man-in-the-Middle

Cross Site Scripting (XSS)

Of the following options, which would be the BEST to assist in data loss prevention?

USB Blocking

Which is the LEAST reliable concept for ensuring security within a network?

Security through Obscurity

Which program should you use that incorporates both symmetric and asymmetric encryption for email communication?

PGP

Which type of tunnel should a network engineer implement for a VPN between two company locations?

Site to Site

What is the name for the technique used by an ethical hacker to move throughout a network after gaining initial access?

Pivoting

Which type of hypervisor is described as running software within the system's operating system?

Type II Hypervisor

Of the two IPSec modes, which mode encrypts the entire IP packet?

Tunnel mode

Which of the following is unlikely to be included in a Unified Threat Management (UTM) solution?

File Server

What is it called when an IDS is placed in the cloud and alerts after an intrusion has occurred rather than before?

Passive

Which authentication service should not be used today?

NTLM

What is Discretionary Access Control (DAC)?

An access control method in which the owner of an object determines who can access the object.

What is SHA (Secure Hash Algorithm)?

A hashing function used to generate a hash for data integrity verification.

What is input validation in the context of security?

A method to prevent injection attacks by ensuring only valid data is processed by the application.

What does 'pass the hash' refer to?

An attack where an attacker uses a password hash to log in to a system.

What is a birthday attack?

A password attack in which two messages are sent with the same hash, causing a collision.

What is a smurf attack?

An attack that broadcasts a ping request to computers using a spoofed address to overwhelm a victim.

What is transitive trust?

An indirect trust relationship created by two or more direct trust relationships.

What is Bcrypt used for?

A tool that can be used to perform key stretching.

Study Notes

Network Attacks and Exploits

• Replay Attack: An attacker intercepts and captures login session information to use later, common in public wireless networks.
• Clickjacking: Users unknowingly click on a malicious game link that compromises their social media account, resulting in unauthorized messages sent to friends.
• SQL Injection: Attackers exploit vulnerabilities to run arbitrary code on a remote machine by manipulating database queries.

Data Protection Strategies

• Data Loss Prevention (DLP): Implementing USB blocking is an effective strategy to prevent unauthorized data transfers.
• Security through Obscurity: This concept is the least reliable for network security, as it relies on keeping systems hidden rather than securing them.

Encryption and Communication

• PGP (Pretty Good Privacy): Combines symmetric and asymmetric encryption to enhance security in email communications.

Networking and VPNs

• Site-to-Site VPN: Recommended for connecting networks between distant locations, such as between Texas and California.
• Tunnel Mode (IPSec): Encrypts entire IP packets, providing a higher level of security by securing both headers and payloads.

Ethical Hacking and Penetration Testing

• Pivoting Technique: After gaining access to a system, ethical hackers can move within the network to explore further vulnerabilities.

Virtualization Technologies

• Type II Hypervisor: Operates as software within an operating system, providing virtualization capabilities over host machines.

Security Technologies and Systems

• Unified Threat Management (UTM): Security solutions unlikely to include a file server, focusing instead on comprehensive threat protection.
• Intrusion Detection System (IDS): An IDS that operates in cloud settings is considered inline when it forwards traffic for analysis after it enters the network.

Access Control Models

• Discretionary Access Control (DAC): The owner of an object (file, printer) decides who has access, providing flexible yet potentially insecure permissions.

Cryptography and Hashing

• SHA (Secure Hash Algorithm): A hashing function used to generate a data hash for integrity verification.
• Input Validation: Essential to prevent cross-site scripting, an injection attack exploiting application vulnerabilities by inserting invalid data.

Password and Authentication Mechanisms

• Pass the Hash: An attack where a hacker reuses a password hash to gain system access, sidestepping the need for the actual password.
• Birthday Attack: A cryptographic attack that generates two different messages with identical hashes, resulting in a collision.
• Smurf Attack: A DDoS attack that sends ping requests to multiple systems, spoofing the source address to flood a target with responses.
• Transitive Trust: A relationship formed by established direct trust accounts, creating indirect trust pathways.

Key Management

• Bcrypt: A tool for key stretching, enhancing password security by making brute-force attacks more difficult through increased computational workload.

Description

Test your knowledge on various network attacks and the strategies to protect against them. This quiz covers topics like replay attacks, SQL injections, and data loss prevention measures. Additionally, you'll explore encryption methods and the use of VPNs in securing communications.