Introduction to Security Quiz

Questions and Answers

What type of malicious activity involves targeting a specific individual or organization for an attack?

• Whaling
• Spear phishing (correct)
• Vishing
• Spamming

Which type of attack targets a website frequented by a group of individuals to compromise multiple users?

• Watering hole (correct)
• Hoax
• Whaling
• Vishing

What term refers to when attackers use links in instant messages to spread malicious content across a network?

• Spamming
• Vishing
• Whaling
• Spimming (correct)

Which type of threat actor is known for selling information to other criminals or governments?

Brokers (D)

Which method is widely recognized as the primary way that malware is delivered to users?

Email (D)

Which computing platform is considered particularly susceptible to security threats due to its outdated technology?

Legacy (C)

What type of vulnerability is likely to occur if an enterprise network uses default credentials for equipment?

Configuration vulnerability (D)

What do script kiddies primarily rely on to conduct their attacks?

Automated attack software made by other hackers (C)

What is the term for a software security update that addresses and fixes known vulnerabilities?

Patch (C)

What is a key motivation for gray hat hackers when they violate computer security?

To fulfill their financial needs (D)

How do hacktivists differ from state actors in their motivations?

Hacktivists engage in attacks for social or political causes, while state actors are government-sponsored to target enemies. (D)

Which best describes the activities of script kiddies compared to gray hat hackers?

Script kiddies use pre-made tools for personal gain, while gray hat hackers expose vulnerabilities to highlight issues. (C)

What would best characterize the motivations of hacktivists?

Political or social causes driving their activities. (D)

Which type of threat actor would benefit the most from accessing your enterprise's new machine learning algorithm research and development program?

Competitors (A)

Which of the following types of platforms is known for its vulnerabilities due to age?

Legacy platform (C)

Which type of threat actor is an employee who wishes to expose the enterprise's failure to secure customer information?

Insider (C)

Threat actors focused on financial gain often attack which of the following main target categories?

Individual users (A)

Which issue can arise from security updates and patches?

Difficulty patching firmware (A)

Which of the following is an attack vector used by threat actors to penetrate a system?

Phishing (A)

What is a variation of a common social engineering attack targeting a specific user?

Spear phishing (A)

Which of the following is a social engineering method that attempts to influence the subject before the event occurs?

Spear phishing (B)

What defines a zero-day vulnerability?

An unknown vulnerability in released software that is exploited before a fix is available. (A)

Which of the following examples illustrates a configuration vulnerability?

Using outdated encryption methods. (B), Incorrectly set user permissions on software. (C)

If an enterprise primarily uses the Windows XP operating system, which vulnerability should be prioritized for fixing?

Configuration vulnerability due to common outdated software settings. (C)

In a situation where an unauthorized individual gained network access by impersonating an authority figure, which social engineering technique was employed?

Impersonation to create trust. (B)

How should zero-day vulnerabilities and configuration vulnerabilities be compared?

Configuration vulnerabilities are the result of improper settings in software or hardware. (A)

What term describes the practice of obtaining sensitive information by manipulating individuals?

Social engineering. (B)

Which of the following issues is not associated with zero-day vulnerabilities?

They originate from improper settings applied by users. (C)

Which statement is accurate regarding the differences between a configuration and a zero-day vulnerability?

Configuration vulnerabilities often result from improper user or developer settings. (A)

How do phishing and pharming differ in their approach to targeting users?

Phishing sends out general messages to many users, whereas pharming redirects users from legitimate URLs to fraudulent ones. (C)

What is the term for the technique where malicious sites use URLs similar to legitimate ones to lure users?

Typo squatting (D)

Which type of hacker is primarily motivated by personal financial gain?

Black hat hackers (A)

What motivates hacktivists when carrying out cyber attacks?

Political or social activism (D)

In the context of threat actors, what distinguishes script kiddies from gray hat hackers?

Script kiddies only use existing scripts, whereas gray hat hackers create original scripts. (C)

Which of the following best describes insiders as threat actors?

Employees within an organization who exploit their access to data. (D)

What is a key characteristic of cyberterrorists in the realm of computer security?

They operate with the aim of causing fear or disruption. (A)

Which group would likely conduct attacks on a federal website to express dissent?

Hacktivists (C)

Flashcards

Threat Actor Targeting ML Research

Competitors are the most likely threat actors to want access to a company's new machine learning algorithm research.

Vulnerable Platform (Age)

Legacy platforms are known for having vulnerabilities due to their age and lack of modern security updates.

Insider Threat (Example)

An insider threat is an employee who intentionally exposes a company to harm, possibly by leaking customer information.

Threat Actor Target: Financial Gain

Financial gain-focused threat actors frequently target individual users and REST services for financial data.

Security Updates/Patches Issue

Security updates and patches can sometimes cause complications like difficulty in patching firmware or updating settings.

Attack Vector (Example)

Phishing is a common attack vector, where the goal is to get someone to reveal sensitive data.

Spear Phishing (Detail)

Spear phishing is a targeted social engineering attack, customizing the message to be more effective.

Social Engineering (Pre-Event)

Social engineering methods that target a subject before the actual attack attempt are called "prepending."

Spamming

Sending unsolicited bulk messages, often emails, for advertising or malicious purposes.

Watering hole attack

An attack that targets a specific group of users by compromising a website frequently visited by them.

Spimming

Sending unsolicited bulk messages, often over instant messaging platforms.

Threat Brokers

Individuals or groups who sell their attack knowledge or tools to other malicious actors.

Malware delivery

The methods used to spread malicious software to a computer system.

Legacy computing platform

Older technology that may be less secure and harder to maintain.

Configuration vulnerability

A security flaw caused by improper or default settings in a system.

Security Patch

An officially released software update designed to fix a known vulnerability.

Zero-day vulnerability

An unknown vulnerability in released software, exploited by a threat actor before the software developer can fix it.

Configuration vulnerability example

Vulnerabilities arising from weak encryption or improper settings in the enterprise's cloud platform and on-premises computers.

Social engineering (technique)

The art of manipulating individuals into revealing confidential information or performing actions that compromise security.

Hoaxes and impersonation (social engineering)

A fraudulent technique that tricks users into performing actions by pretending to be a high-level official or authority figure.

Third-party vulnerability

Vulnerability in software or systems not developed directly by the enterprise.

Prioritize vulnerability fixing

Focus on fixing the most critical vulnerabilities first. This includes outdated systems or configuration issues first, before zero-day vulnerabilities.

Weak encryption

An example of a configuration vulnerability that may lead to data breaches.

Phishing vs. Pharming

Phishing uses deceptive emails or websites to trick users into revealing sensitive information, while pharming redirects users to fake websites by manipulating DNS settings.

Typo Squatting

A social engineering technique where websites are created with similar URLs to legitimate websites, aiming to capture traffic from users who mistype the legitimate URL.

Who are Black Hat Hackers?

Black hat hackers are malicious actors who violate computer security for their own personal gain, potentially for financial profit or to cause harm.

Hacktivism

Hacktivism is a type of cyberattack motivated by political or social ideologies, often targeting websites to make a statement or raise awareness.

What's a Script Kiddie?

A script kiddie is a novice hacker who uses pre-written scripts and tools to carry out basic attacks, often lacking deep technical understanding.

Gray Hat Hackers

Gray hat hackers operate in a gray area between ethical and malicious hacking. They might exploit vulnerabilities to demonstrate flaws but may not necessarily intend to cause harm.

Different Threat Actor Motives

Threat actors can have various motives behind their attacks, including financial gain, political activism, espionage, or simply to demonstrate skills.

What's an Insider Threat?

An insider threat refers to an individual with authorized access to a system who intentionally or unintentionally compromises its security, often being an employee.

Script Kiddie vs. Gray Hat Hacker

Script kiddies use automated attack software created by others for personal gain, while gray hat hackers develop their own attack software to publicly expose vulnerabilities in systems.

Hacktivist Motivation

Hacktivists misuse computer systems for political or social reasons, often targeting governments or corporations to promote a cause or protest.

State Actor Motivation

A state actor is covertly sponsored by a government to attack its foes, often using cyberspace for espionage or sabotage.

Gray Hat Hacker Motivation

Gray hat hackers break into systems for financial gain, often exploiting vulnerabilities for personal profit, but sometimes also revealing vulnerabilities to the public good.

Script Kiddie Motivation

Script kiddies often lack technical knowledge and rely on tools made by others, targeting systems for pranks or personal gain.

Study Notes

Introduction to Security

• Threat Actor Benefitting from Machine Learning Research: Criminal syndicates could gain the most from accessing machine learning research.

• Vulnerable Platform Due to Age: Legacy platforms are known for vulnerabilities due to their age.

• Employee Threat Actor: An employee who wants to expose the company and block access to customer information until security protocols improve is known as an insider.

• Threat Actors Targeting Financial Gain: Threat actors seeking financial gain often target individual users, product lists, and social media assets.

• Security Update Issues: Issues like difficulty patching firmware, updating settings, resetting passwords, and installing databases can arise from security updates and patches.

• Attack Vector: Phishing is an attack vector used by threat actors to penetrate a system.

• Social Engineering Variation: Spear phishing is a variation of common social engineering attacks.

• Malware Delivery Method: Removable media is the most common method for delivering malware.

• Vulnerable Computing Platforms: Legacy platforms are highly vulnerable to attacks.

• Critical Vulnerability for Enterprise Network: Zero-day vulnerabilities pose the greatest risk to an enterprise network when a third-party accesses it for updates.

• Software Security Update: A patch is an officially released software security update intended to fix vulnerabilities.

• Security Breach Cause: Default settings on newly purchased routers are often the source of a breach.

• Zero-day vs. Configuration Vulnerabilities: A zero-day vulnerability is an unknown weakness exploited before a patch is available, while a configuration vulnerability comes from improper software settings.

• Script Kiddie vs. Gray Hat Hacker: Script kiddies use readily available tools for attacks, while gray-hat hackers might probe systems for weaknesses and then privately inform the owner.

Description

Test your knowledge on security concepts such as threat actors, vulnerabilities, and attack vectors. This quiz covers the principles of security, including insider threats, phishing attacks, and update issues. Perfect for those looking to understand the landscape of cybersecurity better.