Cybersecurity Quiz: Understanding Cyberattacks

Questions and Answers

What is the primary goal of a cyberattack?

• To conduct market research
• To upgrade a computer system
• To access sensitive and valuable resources (correct)
• To provide technical support

Which of the following is considered a subtype of malware?

• Denial-of-Service attack
• Ransomware (correct)
• Phishing
• Social Engineering

Which attack aims to disrupt business operations by flooding a network?

• AI-Powered Attack
• Code Injection Attack
• Denial-of-Service (DoS) Attack (correct)
• Spoofing

What type of cyberattack involves deceptive communication to acquire sensitive information?

Phishing (D)

Which of the following types of attacks is categorized under identity-based attacks?

Email Spoofing (A)

What distinguishes malware from other types of cyberattacks?

It is software designed to harm systems (A)

Which of these attacks does NOT fall under the category of malware?

Denial-of-Service (DoS) (A)

Which is an example of a phishing attack?

Sending fake login requests (C)

What is a primary outcome of a DoS attack for an organization?

Disruption of business operations (D)

What differentiates a DDoS attack from a DoS attack?

DDoS attacks originate from multiple systems (B)

Which of the following is a characteristic of spear-phishing?

It uses malicious emails to target specific individuals (D)

The purpose of a whaling attack is primarily to:

Steal sensitive information from senior executives (D)

What type of attack is smishing?

Fraudulent text messages seeking sensitive information (D)

Which of these techniques involves disguising as a trusted source?

Spoofing (B)

What is the main goal of vishing attacks?

To convince individuals to reveal private information (A)

Which method is NOT a form of phishing?

DDoS (A)

What is the primary goal of an attacker engaging with a target's systems or devices?

Steal information or extort money (B)

How does domain spoofing deceive users?

By impersonating a known business or person (C)

What method do hackers use in an ARP spoofing attack?

Tricking a device into sending messages to the hacker (A)

Why are identity-based attacks, such as MITM attacks, hard to detect?

They often disguise themselves as normal user behavior (A)

What information do cybercriminals typically target during credential harvesting?

User IDs, email addresses, and passwords (A)

What is a common tactic used in email spoofing attacks?

Forging sender addresses to gain trust (D)

What is the ultimate goal of a Man-in-the-Middle (MITM) attack?

To collect personal data without detection (D)

Which of the following distinguishes ARP spoofing from other types of attacks?

It exploits the Address Resolution Protocol (B)

What is the primary method of a brute force attack?

Submitting various combinations systematically until a correct one is found (B)

How does a password spraying attack differ from a brute force attack?

It targets multiple accounts with a single password (A)

What is a key characteristic of the Pass-the-Hash attack?

It uses a hashed credential to create a new user session (B)

What type of attack primarily aims to manipulate a database through malicious SQL code?

SQL Injection Attack (D)

What is not a type of code injection attack mentioned?

Phishing Attack (C)

Which attack method uses a trial-and-error approach on usernames and passwords?

Dictionary Attack (C)

Which of the following best describes Cross-Site Scripting (XSS)?

Injecting malicious scripts into a web page viewed by users (B)

What is the effect of a buffer overflow attack?

Causing a program to operate incorrectly by overflowing its memory (D)

What does piggybacking refer to in a security context?

A criminal following an authorized person into a secure area (C)

Which term describes the practice of following an authorized person into a restricted area?

Tailgating (C)

What is a potential consequence of forwarding non-work-related emails at a workplace?

Disciplinary actions for violating policies (B)

What defines a rogue access point?

An unauthorized access point on a secure network (A)

Which of the following describes RF jamming?

Disrupting signal transmission to prevent access (D)

What is Bluejacking?

Sending unauthorized messages to another Bluetooth device (D)

What is the main improvement that WPA offers over WEP?

Stronger encryption standards (D)

Which issue can affect wireless signals besides cybersecurity threats?

Physical jamming from external sources (B)

What is one of the vulnerabilities of WEP compared to WPA2?

WEP does not allow for key management. (D)

Which of the following describes Dark AI?

AI engineered to exploit vulnerabilities unnoticed. (C)

What type of attack uses AI-generated forgeries to influence public perception?

Deepfake. (B)

What is a characteristic of adversarial AI/ML?

Manipulating training data to disrupt operations. (C)

How do attackers utilize AI-generated chatbots in social engineering?

To engage users in conversations and gather sensitive data. (D)

What is a significant drawback of using WEP for WLAN security?

An increasing number of users with access to the same key. (B)

What is a common method used to launch AI-powered cyberattacks?

Exploiting vulnerabilities without detection. (D)

Which of the following statements about wireless local area networks (WLAN) is correct?

WLANs utilize encryption for securing data transmission. (D)

Flashcards

Malware

Any software crafted to harm computers, networks, or servers. This encompasses various types like ransomware, trojans, spyware, viruses, worms, keyloggers, bots, and more.

Denial-of-Service (DoS) attack

A type of attack that overwhelms a targeted network with false requests, disrupting normal operations.

Spyware

A software designed to steal sensitive information from your computer without your knowledge.

Trojan

Software disguised as harmless but actually steals data and transmits it to a third party.

Ransomware

Software that encrypts your data and demands payment to unlock it.

Rootkit

Software that gives attackers full control of your computer, allowing them to access your data and monitor everything you do.

Adware

Malware that secretly displays ads on your computer.

Botnet

A network of compromised computers controlled by a single attacker, often used for malicious purposes like spamming or launching attacks.

DoS attack

An attack where a single system floods a target with requests, causing it to become overwhelmed and unable to respond to legitimate users.

DDoS attack

An attack where multiple systems are used to flood a target with requests, making it even more difficult to stop.

Phishing attack

A type of social engineering attack where attackers lure victims into giving up sensitive information, like passwords, through emails, texts, phone calls, or social media messages.

Spear Phishing

A phishing attack targeting specific individuals or organizations, often using emails with personalized content.

Whaling attack

A type of social engineering attack targeting high-level executives with the goal of stealing information or money.

Smishing Attack

A type of phishing attack using fraudulent text messages to trick victims into sharing sensitive information like passwords or credit card details.

Vishing attack

A type of phishing attack using fraudulent phone calls or voice messages, mimicking a reputable organization to trick victims into giving away information.

Spoofing

A technique used by attackers to disguise themselves as a trusted source, deceiving victims into revealing information or taking actions they wouldn't otherwise.

Email Spoofing

A type of cyberattack using emails with forged sender addresses to trick recipients into opening them and interacting with malicious content.

Domain Spoofing

A form of phishing where an attacker creates a fake website or email domain impersonating a known business or person to deceive users into trusting them.

ARP Spoofing

A type of attack where hackers trick devices into sending messages to them instead of the intended recipient, intercepting data and gaining access to communications.

Man-in-the-Middle (MITM) Attack

A type of attack in which a hacker secretly listens in on a conversation between two targets, attempting to steal personal data, passwords, or financial details.

Credential Harvesting

A cybercrime where attackers collect user credentials like logins and passwords and then use them to access systems, steal data, or sell the information on the dark web.

Identity Based Attack

An attack where a hacker impersonates a legitimate user after stealing their credentials, making it difficult to identify the real user from the imposter

Cyberattack

An attacker attempting to gain unauthorized access to a computer system or network by exploiting vulnerabilities, often trying to steal data or take control of the system.

Rogue Access Point

A rogue access point is a wireless access point installed on a secure network without explicit authorization.

RF Jamming

Radio-frequency (RF) jamming disrupts the transmission of a radio or satellite station so that the signal does not reach the receiving station.

Bluejacking

Bluejacking is the term used for sending unauthorized messages to another Bluetooth device.

Bluesnarfing

Bluesnarfing occurs when the attacker copies the victim's information from his device. This information can include emails and contact lists.

WEP Security

WEP is a security protocol that attempted to provide a level of security, but is now very outdated and vulnerable.

WPA & WPA2 Security

WPA and WPA2 are improved security protocols designed to replace WEP.

Piggybacking

Piggybacking occurs when a criminal tags along with an authorized person to gain entry into a secure location or a restricted area.

Web-based Trickery

Forwarding hoax emails and other jokes, funny movies, and non-work-related emails at work may violate the company's acceptable use policy.

Brute Force Attack

An attack that uses a trial-and-error approach to guess login credentials or encryption keys by systematically trying all possible combinations.

Dictionary Attack

An attack that uses a list of common passwords or phrases to guess the password.

Password Spraying

An attack that uses a single common password against multiple accounts on the same application. It avoids account lockouts that occur with brute force attacks by spreading the attempts across multiple accounts.

Pass-the-Hash Attack

An attack where an attacker steals a hashed user credential without knowing the actual password. The attacker then uses the hash to create a new user session on the same network.

Code Injection Attack

An attack where an attacker injects malicious code into a vulnerable computer or network to change its course of action.

SQL Injection Attack

A type of code injection attack that exploits vulnerabilities in a database to inject malicious SQL statements. This allows hackers to steal, alter, or delete data within the database.

Cross-Site Scripting (XSS) Attack

A type of code injection attack that injects malicious scripts into a website, exploiting vulnerabilities to steal sensitive information or hijack user accounts.

WLAN Security

A type of wireless network that uses encryption to protect data transmitted over the airwaves.

Buffer Overflow Attack

A type of code injection attack that exploits a vulnerability in a program's memory management, allowing an attacker to run malicious code with elevated privileges.

WEP (Wired Equivalent Privacy)

An encryption protocol that uses a shared key to protect data transmitted over a WLAN.

WPA2

An encryption protocol designed to strengthen WLAN security by providing a more secure key management system than WEP.

WPA2 Vulnerability

A vulnerability in WPA2 that allows attackers to decrypt data transmitted over a WLAN.

Packet Sniffer

Software designed to eavesdrop on network traffic, capturing data packets that can be used for malicious purposes.

Offline Attack

A technique used by cybercriminals to extract information from captured data packets at a later time, potentially uncovering sensitive data.

Adversarial AI/ML

A type of AI-powered attack that aims to disrupt the operations of AI and ML systems by manipulating or misleading them.

Dark AI

A type of AI-powered attack that uses AI and ML to exploit vulnerabilities in systems, often going undetected until significant damage is done.

Study Notes

Chapter 4: Understand Information Security Attacks

• This chapter outlines information security attacks
• The objectives of the chapter include understanding motives, goals, and objectives of information security attacks, overview of the classification of attacks, and understanding hacking methodologies and frameworks.
• A cyberattack is an attempt by cybercriminals, hackers, or other digital adversaries to access a computer network or system to alter, steal, destroy, or expose information.
• Cyberattacks target individuals, enterprises, and governments, often focusing on sensitive company resources like intellectual property (IP), customer data, or payment details.

Motives, Goals, and Objectives of Information Security Attacks

• Attacks are a result of motive, goal, method, and vulnerability
• Motives behind information security attacks include disrupting business continuity, stealing information and manipulating data, creating fear and chaos, causing financial loss to the target, and damaging the target's reputation.

Attack Classification

• Passive Attacks: These attacks do not tamper with data but involve intercepting and monitoring network traffic and data flow. Examples include sniffing and eavesdropping.
• Active Attacks: These attacks tamper with data in transit or disrupt communication between systems. Examples include denial-of-service (DoS), man-in-the-middle, session hijacking, and SQL injection.
• Close-in Attacks: These attacks happen when the attacker is physically close to the target system or network. Examples include social engineering tactics like eavesdropping, shoulder surfing, and dumpster diving.
• Insider Attacks: These attacks involve using privileged access to violate rules or intentionally cause harm to the organization's information systems. Examples include theft of physical devices, planting keyloggers, backdoors, and malware.
• Distribution Attacks: Attacks where attackers tamper with hardware or software before installation, or while in transit
• Common Types of Cyberattacks: Malware, Denial-of-Service (DoS) Attacks, Phishing, Spoofing, Identity-Based Attacks, Code Injection Attacks, Supply Chain Attacks, Social Engineering Attacks, Wireless and Mobile Attacks, AI-Powered Attacks.

1. Malware

• Malware is malicious software designed to do harm to computers, networks, or servers.
• Common types of malware include ransomware, trojans, spyware, viruses, worms, keyloggers, bots, cryptojacking.
• Malware attacks utilize software in malicious ways.

2. Denial-of-Service (DoS) Attacks

• DoS attacks flood a network with false requests to disrupt operations, making resources unavailable.
• DoS attacks aim at critical business operations.
• Distributed DoS (DDoS) attacks originate from multiple systems, making them harder to block than single-source DoS attacks.

3. Phishing

• Phishing is a social engineering attack using emails, SMS, phones, or social media to trick victims into sharing sensitive information (passwords, accounts) or downloading malicious files that install viruses.
• Types of Phishing include Spear Phishing, Whaling, SMiShing, and Vishing.

4. Spoofing

• Spoofing is a technique where a cybercriminal disguises themselves to access systems.
• Types include Domain Spoofing, Email Spoofing, and ARP Spoofing.

5. Identity-Based Attacks

• These attacks exploit compromised user credentials. It's difficult to detect when an adversary masquerades as a valid user.
• Common types include Man-in-the-Middle (MITM) Attack, Credential Harvesting, Credential Stuffing, Brute Force Attacks, Dictionary Attacks, Password Spraying, and Pass-the-Hash Attacks

6. Code Injection Attacks

• Code injection attacks involve inserting malicious code into vulnerable systems to alter their course of action.
• Common types include SQL Injection, Cross-Site Scripting (XSS), Buffer Overflow, Remote Code Executions, ActiveX Controls and Java controls, and Malvertising.

7. Supply Chain Attacks

• Software supply chain attacks inject malicious code into applications to infect all users.
• Hardware supply chain attacks compromise physical components for the same purpose. Modern software depends on many external components (APIs, open source code, proprietary vendors).

8. Social Engineering Attacks

• Social engineering uses psychological tactics to manipulate people into desired actions or revealing information.
• Attackers exploit people's willingness to be helpful or prey on people's weaknesses.
• Common types include Pretexting, Something for Something (Quid pro Quo), Shoulder Surfing, and Dumpster Diving, Impersonation and Hoaxes, Piggybacking and Tailgating, Online, Email, and Web-based Trickery.

9. Wireless and Mobile Attacks

• Wireless and mobile networks are susceptible to interference, jamming, and attacks such as rogue access points (unauthorized points on a secure network) and RF jamming.
• Bluejacking and Bluesnarfing (sending unauthorized messages or copying information from other Bluetooth devices).
• Attacks on WEP and WPA protocols

10. AI-Powered Attacks

• Adversarial AI/ML attacks manipulate or mislead AI systems, Dark AI exploits vulnerabilities using AI and ML, Deepfakes create realistic but fake media, and AI-generated social engineering uses human-like interactions to collect information.

Hacking Methodologies and Frameworks

• EC-Council Hacking Methodology: Includes Phases: Planning and Reconnaissance, Scanning, Gaining Access, Maintaining Access, and Clearing Tracks.
• Cyber Kill Chain Methodology: This method describes the stages of an attack from reconnaissance to actions on objectives. Stages involved are reconnaissance, weaponization, exploitation, delivery, installation, and actions on objectives.
• Tactics, Techniques, and Procedures (TTPs): These frameworks help describe how attackers are operating.
• MITRE Attack Framework: This is a knowledge base of adversary tactics and techniques.
• Diamond Model of Intrusion Analysis: A framework to correlate events in an intrusion, helping analyze and develop mitigation strategies.

Additional Concepts

• Hacking means exploiting vulnerabilities in systems to gain unauthorized access. It can be used to steal data or disrupt services.
• Motives behind hacking include thrill, challenge, financial gain, prestige, revenge, and vindictiveness.

Description

Test your knowledge of various cyberattacks and malware in this quiz. Explore the definitions, types, and implications of different attack methods used in cybersecurity. Perfect for students and professionals aiming to expand their understanding of cyber threats.