Network Attack and Defense Strategies Quiz

Questions and Answers

Which principle ensures that information is accurate and has not been tampered with?

• Integrity (correct)
• Availability
• Authentication
• Confidentiality

What type of network security approach focuses on responding to and mitigating the effects of security incidents?

• Preventive Approaches
• Retrospective Approaches
• Proactive Approaches
• Reactive Approaches (correct)

Which term describes the measure ensuring that actions or transactions cannot be denied after they have occurred?

• Authentication
• Non-repudiation (correct)
• Confidentiality
• Availability

Which of the following approaches is aimed at analyzing and learning from past security incidents?

Retrospective Approaches (A)

Which principle involves verifying the identity of an individual by the system or service?

Authentication (D)

Which of the following accurately describes a threat?

A potential danger that can exploit a vulnerability. (A)

What is an example of an intentional threat?

A hacker launching a ransomware attack. (B)

Which type of vulnerability arises from the failure to change default passwords?

Default Password Vulnerabilities (C)

Natural threats can include which of the following?

Floods damaging data centers. (C)

Which of these vulnerabilities is associated with TCP/IP protocols?

IP spoofing and SYN flooding. (D)

User account vulnerabilities can be caused by which of the following?

Having weak passwords and excessive permissions. (D)

What characterizes unintentional threats?

Accidental actions that lead to harm. (A)

Which threat actor is typically motivated by socio-political agendas?

Hacktivists (C)

What is a primary tactic used in social engineering attacks?

Manipulating individuals into revealing confidential information (D)

Which of the following is an example of an SQL injection attack?

An attacker enters ' OR '1'='1 into a login form (B)

What is a common outcome of cross-site scripting (XSS) attacks?

Cookies of users are stolen (B)

How does a social engineer typically manipulate their target?

By pretending to be someone they are not (B)

What is a consequence of opening a malicious email attachment?

The system may become infected with malware or ransomware (C)

Which attack method involves injecting a script that runs in another user's browser?

Cross-site scripting (XSS) (A)

What is the goal of phishing attacks?

To manipulate individuals into providing login information (C)

What is a potential method for preventing SQL injection attacks?

Validating and sanitizing user input before processing (C)

What is the primary purpose of credential theft in cyber attacks?

To capture login credentials by impersonating legitimate entities (B)

What are the consequences of rooting an Android device?

Increased susceptibility to malicious applications (A)

How does an Evil Twin attack function?

By creating a duplicate Wi-Fi network to intercept data (B)

What is a characteristic of a jamming signal attack?

It disrupts communication by broadcasting interference (B)

Which principle of network defense focuses on ensuring data accuracy and prevention of unauthorized alterations?

Integrity (B)

What is a goal of compliance in network defense?

To adhere to legal and regulatory data protection requirements (D)

What is one of the main risks of jailbreaking an iOS device?

Exposure to malware through unauthorized apps (C)

What does ensuring the availability of network resources entail?

Ensuring resources are accessible to authorized users when needed (C)

What can the lack of formalized security policies lead to within an organization?

Inconsistent security practices (A)

Which of the following represents the correct formula for assessing risk?

Risk = Assets + Threats + Vulnerabilities (D)

What type of cyber attack is characterized by gathering information about a target system?

Reconnaissance attack (D)

Which motive behind a cyber attack involves causing disruption to operations?

Disruption (A)

How does lack of cybersecurity awareness among employees typically manifest?

Risky behavior, such as falling for phishing attacks (A)

Which of the following components is NOT part of the cyber attack formula?

Asset Value (C)

What does the term 'vulnerability' refer to in the context of risk?

Weaknesses or flaws that can be exploited (B)

Which of the following is an example of an asset that needs protection?

Sensitive data (A)

Study Notes

Essential Terminologies

• Asset: Anything valuable needing protection, such as customer data, intellectual property, network infrastructure, or financial records.
• Threat: A potential danger that could exploit vulnerabilities to harm an asset; examples include cyber attacks or natural disasters.
• Natural Threats: Events like earthquakes and floods that can physically damage servers.
• Unintentional Threats: Accidental harm from individuals or systems, such as accidentally deleting critical files.
• Intentional Threats:
  • Internal Threats: Malicious actions from within the organization, e.g., data theft by employees.
  • External Threats: Attacks from outsiders, including hackers and industrial espionage.

Threat Actors/Agents

• Diverse groups involved in cyber threats, including:
  • Hacktivists
  • Cybercriminals
  • Nation-state actors
  • Insiders and disgruntled employees
  • Organized crime and terrorist organizations
  • Competitors and cyber espionage groups

Vulnerabilities

• TCP/IP Protocol Vulnerabilities: Weaknesses leading to denial-of-service (DoS) attacks or man-in-the-middle (MITM) exploitation.
• Operating System Vulnerabilities: Flaws or misconfigurations allowing unauthorized access or malware installation.
• Network Device Vulnerabilities: Outdated firmware in routers, switches, or firewalls make them susceptible to attacks.
• Default Password Vulnerabilities: Unaltered default passwords can lead to control over systems by attackers.
• User Account Vulnerabilities: Weak passwords and lack of multi-factor authentication increase the risk of account compromise.
• Unwritten Policy: Absence of formal security policies leads to inconsistent practices and potential risks.
• Politics: Internal conflicts can hinder robust security implementations.
• Lack of Awareness: Insufficient cybersecurity knowledge among employees can result in risky behaviors.

Risk

• Represents potential loss or harm when a threat exploits a vulnerability.
• Formula: Risk = Asset + Threat + Vulnerability
• Example scenario includes customer data under threat of a cybercriminal data breach due to an unpatched web application.

Cyber Attack

• An attempt to damage, disrupt, steal, or gain unauthorized access to information systems.
• Motives for attacks can include:
  • Financial gain (e.g., fraud, ransomware)
  • Espionage (theft of sensitive information)
  • Political reasons (hacktivism)
  • Disruption of services (DDoS)
  • Revenge or sabotage

Attack Framework

• Components: Attack = Motive + Method (TTPs) + Vulnerability
• Motives include stealing data or causing disruption, and methods involve tactics like phishing or malware.

Examples of Network-level Attack Techniques

• Reconnaissance Attacks: Gathering information about targets to identify vulnerabilities.
• SQL Injection Attacks: Inserting malicious SQL queries to bypass authentication.
• Cross-site Scripting (XSS) Attacks: Injecting scripts into web pages to steal user cookies.
• Social Engineering Attacks: Manipulating individuals into revealing sensitive information or performing compromising actions.
• Email Attacks: Includes sending malicious email attachments or phishing to capture sensitive data.

Mobile Specific Attacks

• Rooting/Jailbreaking: Gaining unauthorized access to mobile operating systems to bypass security measures.
• Example: Malicious apps installed post-rooting can steal data.

Wireless Network Attacks

• Rogue Access Point Attack: Setting up unauthorized Wi-Fi access points to intercept traffic.
• Jamming Signal Attack: Disrupting communications by broadcasting interference on the same frequency.

Goals of Network Defense

• Protect the CIA (Confidentiality, Integrity, Availability) of network information systems.
• Provide timely detection and response to threats.
• Ensure compliance with data protection regulations.

Information Assurance Principles

• Confidentiality: Limiting accessibility to authorized individuals only.
• Integrity: Verifying data accuracy and preventing tampering.
• Availability: Ensuring resources are accessible to authorized users.
• Authentication: Verifying user identities accurately.
• Non-repudiation: Ensuring actions cannot be denied post-event.

Network Security Approaches

• Preventive Approaches: Measures to prevent incidents (e.g., firewalls).
• Reactive Approaches: Responses to mitigate after incidents occur (e.g., incident response plans).
• Retrospective Approaches: Learning from past incidents for future improvements.
• Proactive Approaches: Anticipating and addressing potential threats beforehand (e.g., regular audits).

Description

Test your knowledge on essential terminologies related to network attack and defense strategies. This quiz covers key concepts such as assets and threats, helping you understand the importance of protecting organizational values. Prepare to explore the terminology that defines the field of cybersecurity.