Ethical Hacking - Unit 1 Quiz

Questions and Answers

Which of the following best defines 'Authentication'?

A method to assess the risk level of an asset

The approval process for authorized users

A process by which a person proves their identity (correct)

A measure of resource accessibility

What does the term 'Attack Surface' refer to?

The hardware vulnerabilities present in a system

The collection of executable software services that can be exploited (correct)

The total number of attacks a system has experienced

The physical area of a network exposed to potential breaches

Which of the following represents a component of the CIA triad?

Integrity (correct)

Reliability

Authenticity

Accessibility

What characterizes 'Malware'?

Malicious software inserted for harmful purposes

What is meant by 'Vulnerability' in the context of information security?

Weaknesses in hardware or software that can be exploited

Which type of rootkit modifies the core components of the operating system?

Kernel-Level Rootkit

What is 'Risk' in terms of information security?

The likelihood of a resource being attacked

What is a primary function of an encrypted virus?

It encrypts itself to prevent detection.

What is the main action performed by Cross-site scripting (XSS)?

Inject malicious scripts into web pages

How do polymorphic viruses primarily avoid detection?

By constantly rewriting their own code.

Which option best describes 'Authorization'?

The specification of access levels for authorized users

What are common storage media that need protection?

Hard Drives, SD cards, and CD-ROMs

Which of the following is a common countermeasure against Cross-site request forgery (CSRF)?

Validate cookies, query strings, and form fields

What is a common way Trojans can affect a user's system?

They monitor user activity without consent.

Which of the following accurately describes rootkits?

They are designed to provide privileged access.

What kind of attack allows an attacker to perform actions on behalf of an authenticated user without their consent?

Cross-site request forgery (CSRF)

Which characteristic isNOT typical of spyware?

Creating backdoors for remote access.

In SQL injection, what is the purpose of entering '1=1' in an SQL query?

To return all records in the database

What important feature distinguishes metamorphic viruses from polymorphic viruses?

They completely rewrite their code with each infection.

Which type of rootkit is typically embedded within the hardware or firmware of components?

Hardware/Firmware Level Rootkit

Which of the following is a characteristic of adware?

It displays unwanted advertisements.

What is one consequence of a successful SQL injection attack?

Gaining unauthorized access to sensitive data

Hypervisor Level Rootkits exploit which of the following?

Hardware-assisted Virtualization features

Which statement best describes stealth viruses?

They hide themselves from detection by antivirus software.

What can result from failures in the access control mechanism?

Data destruction or modification

Which of the following is NOT a common access control vulnerability?

Viewing account history with guest access

What is a potential consequence of insufficient logging and monitoring?

Difficulty in detecting malicious activities

Which OWASP Top 10 Mobile Threat relates to poorly executed coding practices during development?

M2: Inadequate Supply Chain Security

How can XML External Entities be exploited?

By including hostile content in XML documents

Which of the following best defines Insufficient Binary Protections in mobile applications?

Retention of sensitive information within the binary

What type of vulnerability is associated with allowing changes to primary keys in databases?

Data Integrity Violations

Which OWASP mobile threat is concerned with the security of data stored within the app?

M9: Insecure Data Storage

What is the method used in whaling attacks?

Targeting specific individuals within an organization for sensitive information.

How do fake WAPs typically lure users to connect to them?

By using names that appear trustworthy.

What characterizes in-band SQL injection?

It utilizes the same channel for both attack and result gathering.

What common security measure can help protect against eavesdropping attacks?

Using a VPN.

How does error-based SQL injection work?

It elicits error messages from the database to gather structural information.

What primarily enables a man-in-the-middle (MITM) attack to occur?

The presence of unsecured networks.

What is a key characteristic of a session hijacking attack?

It allows attackers to take control of a user's active session.

What is the primary goal of a time-based SQL injection attack?

To force the server to delay its response.

Which method is NOT a recommended prevention technique for SQL injection?

Ignoring user input validation.

Which of the following is NOT a method to protect against fake WAPs?

Always connecting to public networks.

What role does ARP poisoning play in a MITM attack?

It allows attackers to position themselves between the victim and the host.

What happens in blind Boolean-based SQL injections?

Attackers obtain responses based on true or false conditions.

Which type of attack uses fake text messages to deceive individuals into revealing information?

Smishing.

What does credential stuffing attack utilize?

A standard list of default usernames and passwords.

Which of the following is a characteristic of broken authentication?

It compromises session tokens, passwords, and other identifiers.

What is one reason prepared statements protect against SQL injection?

They separate SQL logic from user input.

Study Notes

Ethical Hacking - Unit 1

• This unit covers ethical hacking
• A graphic displays a figure running, with a money sack, against a black background with the words "ETHICAL HACKING" and "UNIT 1"
• Another graphic shows a figure breaking into a phone graphic, the word "Information Security" and "Attacks and Vulnerabilities"

Introduction to Information Security

• Assets: Any resource needing protection from attackers.
• System Resources:
  • Computer Equipment (Desktops, Laptops, Tablets, Servers)
  • Communication Equipment (Routers, Switches, Firewalls, Modems)
  • Storage Media (Hard Drives, CDs, DVDs, SD cards)
• Access Control: Defines the spectrum of access granted to entities.
• Confidentiality, Integrity, and Availability (CIA): Ensuring data privacy, consistency from origin to destination, and availability to users 24/7.

Authentication and Authorization

• Authentication: Process where a person proves their identity (passwords, cards, biometrics).
• Authorization: Specifies the access levels for authorized users to resources.
• Risk: The chances of a resource or asset being attacked.
• Risk Analysis: Determines the level of risk associated with system assets.
• Threat: The amount of danger the system faces from attackers.
• Threat Types: Snooping, Traffic Analysis, Modification, Masquerading, Replaying, Denial of Service,

Vulnerability and Attack Surface

• Vulnerability: System weaknesses or loopholes in hardware, software, applications, and protocols exploited by attackers.
• Attack Surface: The combination of software services an attacker can exploit due to vulnerabilities or insecure configurations.
• Malware: Malicious software intentionally included or inserted into a system for harmful purposes.

Types of Malware

• Worms: Self-replicating malware that spreads across networks without a host program.
• Viruses: Malware that attaches itself to programs and replicates copies of itself.
  • Structure: Has infection mechanism, trigger, and payload.
  • Phases: Dormant, propagation, triggering, execution.
  • Types: Encrypted, Stealth, Polymorphic, Metamorphic
• Trojans: Malware disguised as legitimate software, while secretly executing unwanted tasks.
  • Possible damages: Data theft, system crashes, slowdowns, launchpads for DDoS attacks, remotely run commands, keystroke interception.
• Spyware: Software for gathering user interaction information and details without permission.
• Adware: Spyware that displays advertisements.
• System Monitors: Spyware that monitors system activities.
• Tracking Cookies: Spyware that collects data about user behavior on the Internet.
• Rootkits: Software designed to provide privileged access to a remote user.
  • Types: Application level, kernel level, hardware/firmware level, hypervisor level

Types of Vulnerabilities (Identified by OWASP)

• Cross-Site Scripting (XSS): Injects malicious scripts into web pages.
• Cross-Site Request Forgery (CSRF/XSRF): Tricks users into performing unwanted actions on a website.
• SQL Injection (SQLI): Inserts harmful SQL code to access data or control the system.
  • Types: In-band, Error-based, Blind Boolean-based, Time-based
• Broken Authentication: Vulnerable authentication that allows attackers to compromise credentials, tokens, etc.
• Input Parameter Manipulation: Modifies data between the browser and web application.

Types of Attacks & Prevention Mechanisms

• Keystroke Logging: Records keystrokes covertly, either by software or hardware.
• Denial of Service (DoS): Prevents normal communication with a resource by overwhelming requests.
• Distributed Denial of Service (DDoS): Same as DoS, but uses multiple computers or machines.
• Watering Hole Attack: Targets trusted services to deliver a malicious payload to an organization.
• Brute-Force Attack: Uses trial-and-error to crack passwords/credentials.
• Phishing : Tries to acquire sensitive data like bank account info, emails, passwords and credit card information
• Cat Phishing : Includes creating a fake personality to steal personal data
• Voice Phishing (Vishing): Malicious calls to steal sensitive data
• SMS Phishing (Smishing) : Uses fake mobile texts to trick people into downloading malware,
• Whaling : Targets high-profile individuals,
• Fake WAP: Mimic legitimate Wi-Fi hotspots
• Eavesdropping : Passively observing communications between devices.
• Man-in-the-Middle (MITM): Places a hacker in between the communication channels

Other attack types

• Session Hijacking: Stealing sensitive information by hijacking a valid online session.
• Clickjacking: Tricks users into clicking on different objects(link) than what they intended to click.
• URL Obfuscation : Modifies a URL to conceal the legitimate location

Other security aspects

• Buffer Overflow: When more data than allocated is put into a buffer, leading to data corruption.
• DNS Cache Poisoning : Modifies DNS cache to point to a false IP address
• ARP Poisoning : Changes the relationship between IP address and MAC address to redirect traffic to a attacker's machine
• Identity Theft: Stealing personal information to commit fraud.
• IoT Attacks: Gaining access to sensitive data via Internet of Things (IoT) devices.
• Bots and Botnets: Automated malicious software and networks of infected computers.
• CVE Database: Centralized database of common vulnerabilities and exposures in software and hardware.

Additional Information

• OWASP Mobile Top 10: List of top 10 mobile security threats identified by Open Web Application Security Project (OWASP).

Description

Test your knowledge on Ethical Hacking with this unit 1 quiz. Explore key concepts such as information security, attacks and vulnerabilities, and the CIA triad. Prepare to dive into the essentials of securing assets and system resources effectively.