Information Security Terminology Quiz

Questions and Answers

Which of the following describes a phishing attack?

• An attempt to recover sensitive financial information using fake URLs in unsolicited emails. (correct)
• A method where an attacker hijacks a session between a host and a server to gain unauthorized access.
• A process of redirecting traffic from one website to another without user consent.
• An attack that exploits a weakness in a remote system to make it unavailable.

What is the main goal of a 'Man-in-the-Middle' attack?

• To redirect website traffic to malicious sites.
• To flood a server with false requests and make it unavailable.
• To reset a router using physical access to the target system.
• To intercept and benefit from data exchanged between network components. (correct)

Which type of Denial of Service attack involves flooding a machine with false requests?

• Denial of service by saturation (correct)
• Pharming attack
• Man-in-the-Middle attack
• Session hijacking

What distinguishes a DDoS attack from a regular DoS attack?

It is executed from multiple geographically dispersed computers. (D)

What does the term 'spoofing' refer to in the context of network attacks?

Disguising communication as coming from a trusted source. (C)

Which of the following actions could qualify as a close proximity attack?

Using physical access to reset a router or manipulate a server. (C)

What technique do attackers most commonly exploit to gain control of a network machine?

Approval relationships between machines and peripherals (C)

Which method is often used in mixed attacks to collect user information?

Combining characteristics of viruses and worms. (A)

Which of the following is not a recommended network security measure?

Open all user permissions (B)

What is a characteristic of a pharming attack?

Redirecting a user's requests from a legitimate site to a malicious one. (C)

What does the least privilege rule emphasize regarding user access?

Each user must have only the minimal level of access necessary for their tasks (C)

Which measure is part of vulnerability audit measures aimed at stopping breaches?

Preventive measures (C)

What is the primary purpose of reconnaissance attacks?

To gather information about vulnerabilities in a target network (D)

What is the role of detective measures in a computer network audit?

To identify and record information about intrusions (D)

Which method is specifically used in password attacks to try every possible combination of characters?

Brute force attack (C)

Which of the following actions best exemplifies recovery measures after a security incident?

Restoring systems to operational status (B)

What are access attacks primarily aimed at recovering?

Sensitive information about network components (A)

Which method specifically discourages individuals from attempting to breach network security?

Deterrence measures (C)

In a dictionary attack, what is utilized to find passwords?

A targeted list of commonly used passwords (A)

What security benefit is achieved by separating sensitive data into different security zones?

Minimization of unauthorized access and attacks (C)

What does packet sniffing allow an attacker to capture?

Data being transmitted over a network (A)

Which of the following is NOT a common method used in password attacks?

Phishing attack (C)

The aim of which attack is to collect information on services running on a target computer?

Port scanning (B)

Which of the following best describes intrusion prevention systems (IPS)?

They monitor network traffic and take action against potential threats (D)

Flashcards

Phishing

An attempt to get sensitive information (like passwords or credit card details) by sending fake emails with fake links.

Pharming

Redirecting web traffic to a fake website to steal information.

Man-in-the-Middle Attack

An attacker intercepts communication between two parties to steal or modify data.

Spoofing

Making a communication appear to come from a trusted source.

Session Hijacking

Taking over an existing connection between a user and a service.

Denial-of-Service (DoS) Attack

Making a service unavailable by overwhelming it with requests.

Distributed Denial-of-Service (DDoS) Attack

A DoS attack from multiple computers.

Close Attack

An attacker physically close to the target system to disrupt it.

Network Security Measures

Actions taken to protect a company network from unauthorized access or attacks.

Separation of Resources

Dividing company network and sensitive data into different secure zones.

Deep Protection

Utilizing security devices at multiple points in the network.

Least Privilege

Giving users only the access needed to do their job.

Vulnerability Audit

A review of a computer network to find security weaknesses.

Preventive Measures

Security actions taken to stop vulnerabilities from being exploited, like firewalls.

Detective Measures

Finding and tracking network intrusions or attacks using logs and monitoring.

Network Attacks on Relationships

Exploiting approval relationships with peripheral devices to gain greater network control.

Password Attacks

Attempts to discover usernames and passwords to access network resources.

Reconnaissance Attacks

Passive attacks aiming to gather information about a target network's vulnerabilities.

Ping Sweep

Network scanning technique using ping packets to identify active hosts.

Port Scanning

Analyzing open ports on a target computer to discover running services.

Packet Sniffing

Capturing network traffic to identify data like MAC addresses, IP addresses, and ports.

Dictionary Attack

Trying common passwords from a list to gain access.

Brute-Force Attack

Trying all possible password combinations.

Administrative Security

Internal monitoring and control of an organization via procedures.

Study Notes

Information Security Terminology

• Resource: Any valuable object needing protection.
• Vulnerability: A system weakness exploitable by a threat.
• Threat: Potential danger to a resource or network.
• Attack: Action intended to harm a resource.
• Risk: Likelihood of loss, modification, or destruction of a resource due to a threat exploiting a vulnerability.
• Risk = Resource + Threat + Vulnerability
• Countermeasure: Protection mitigating a threat or risk.

Types of Hackers

• Hackers: Individuals fascinated by network systems.
• White Hat Hackers: Ethical hackers performing security audits to improve systems.
• Black Hat Hackers: Unethical hackers aiming for illicit purposes, like data theft.
• Gray Hat Hackers: Individuals with a mix of white and black hat characteristics.
• Blue Hat Hackers: Individuals testing software applications for bugs.
• Script Kiddies: Novice hackers using scripts to launch attacks without in-depth knowledge.
• Hacktivists: Hackers motivated by ideological causes.
• Phreakers: Experts in attacking telephonic systems.
• Carders: Hackers specializing in attacking smart card systems.

Malicious Codes (Malware)

• Virus: Program attaching to software to perform unintended actions. Requires user activation; can be programmed to run passively.
• Worms: Standalone programs that exploit vulnerabilities to spread throughout a network rapidly. Do not require user interaction.
• Spyware: Software tracking user activity and collecting information. Often used for targeted advertising or unauthorized data gathering.
• Adware: Software displaying advertisements, often pop-up windows.
• Scaryware: Software designed to convince users their system is infected and promote solutions, often for profit.
• Trojan Horse: Program with seemingly useful functionality but hidden malicious actions, often leading to unauthorized access.
• Ransomware: Malware blocking access to a system until a payment is made.

Network Security

• Physical Security: Protecting the physical environment where resources are located, including server rooms, networks equipment, preventing accidents, and uninterrupted power supply.
• Logical Security: Implementing policies using software to control access. Includes using strong passwords, access models (authentication, authorization, and traceability), configuring firewalls, implementing Intrusion Prevention Systems (IPS), and using Virtual Private Networks (VPNs).
• Administrative Security: Rules and procedures used by an organization to monitor and control its network, including preventing errors and fraud, defining responsibilities of staff, and protecting property.

Types of Network Attacks

• Reconnaissance Attacks (Passive): Goal is to gather info about the target network. Techniques like ping sweeps (identifying active hosts), port scanning (determining open ports), and packet sniffing (capturing network traffic).
• Password Attacks: Goal is to discover usernames and passwords. Approaches include dictionary attacks (using a list of common words) and brute-force attacks (trying all possible combinations).
• Access Attacks: Goal is to gain unauthorized access. Techniques like phishing (sending fraudulent emails), pharming (redirecting traffic), man-in-the-middle attacks (intercepting communication), and spoofing (making a system appear legitimate).
• Network Attacks against Availability: Goal is to render a network resource unavailable. Methods include denial-of-service (DoS) attacks, flooding the system with requests, and distributed denial-of-service (DDoS) attacks using multiple sources.
• Close Attacks: Attacker is physically present at the target system.
• Attacks on Approval Relationships: Exploiting approval relationships between network devices to gain greater control.

Network Security Measures

• Separation of Resources: Categorizing resources into different security zones, such as DMZ.
• Deep Protection: Deploying security devices strategically across a network.
• Least Privilege: Limiting access rights to the minimum necessary.
• Adequate Protection: Implementing strong protection mechanisms at all network levels.
• Restricting Information: Limiting access based on employee roles and tasks.
• Separation of Tasks/Job Rotation: Reducing vulnerabilities caused by individuals having too much responsibility.

Vulnerability Audit Measures

• Preventive Measures: Precautions to reduce the possibility of an attack.
• Detective Measures: Identifying security violations using logs and monitoring tools.
• Corrective Measures: Rectifying security breaches or weaknesses.
• Recovery Measures: Procedures to restore network functionality after an incident.
• Deterrence Measures: Discouraging potential attackers.

Description

Test your knowledge on key information security terms and types of hackers. This quiz covers essential vocabulary such as vulnerabilities, threats, and countermeasures, as well as different categories of hackers. Challenge yourself and learn more about the landscape of cybersecurity!