SENG 411 Cyber Security Quiz
54 Questions
1 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What are the primary focuses of defense in cybersecurity?

  • Prevention and threat detection (correct)
  • Increasing attack surfaces and exploiting vulnerabilities
  • Alerting stakeholders about potential vulnerabilities
  • Hacking systems to test their resilience
  • What distinguishes a threat from a vulnerability in cybersecurity?

  • Threats only arise if vulnerabilities are exploited.
  • A vulnerability refers to a threat that is likely to occur.
  • A vulnerability is an actual attack while a threat can be merely a suggestion.
  • A threat is an actual attack whereas a vulnerability is a potential weakness. (correct)
  • Which of the following is NOT a basic component of cybersecurity?

  • Encryption (correct)
  • Threat
  • Vulnerability
  • Countermeasure
  • In the context of cybersecurity, what does a countermeasure aim to do?

    <p>Prevent a vulnerability from being exploited</p> Signup and view all the answers

    How was cyber warfare recognized as a significant threat in 2011?

    <p>The Pentagon classified it as the fifth domain of battle.</p> Signup and view all the answers

    What does the principle of confidentiality in information security ensure?

    <p>Information is accessible only to authorized users.</p> Signup and view all the answers

    Why is integrity important in information security?

    <p>It prevents unauthorized modifications to data.</p> Signup and view all the answers

    Which of the following is closely related to the availability principle in information security?

    <p>Disaster recovery plans.</p> Signup and view all the answers

    What does non-repudiation guarantee in the context of information security?

    <p>That the sender cannot deny sending a message.</p> Signup and view all the answers

    In the context of info assurance, what additional elements are combined with the CIA triad?

    <p>Authenticity and non-repudiation.</p> Signup and view all the answers

    Which method is primarily used to ensure data integrity?

    <p>Hash functions.</p> Signup and view all the answers

    To verify the identity of a user, which type of authentication is NOT commonly used?

    <p>Something you interact with (mouse).</p> Signup and view all the answers

    How is authenticity typically ensured in communications?

    <p>By checking identities and using digital signatures.</p> Signup and view all the answers

    What is the primary aim of information security?

    <p>To ensure the confidentiality, integrity, and availability of information</p> Signup and view all the answers

    Which of the following is NOT a component of the hacking methodology discussed?

    <p>Distributing malware</p> Signup and view all the answers

    What does the term 'APT' refer to in the context of malware threats?

    <p>Advanced Persistent Threat</p> Signup and view all the answers

    Which type of encryption involves a single key for both encryption and decryption?

    <p>Symmetric encryption</p> Signup and view all the answers

    Which session hijacking technique involves intercepting communication between the user and the server?

    <p>Man-in-the-Middle Attack</p> Signup and view all the answers

    What is one of the main purposes of digital forensics in security operations?

    <p>To analyze and preserve digital evidence</p> Signup and view all the answers

    What is a primary focus of risk management in security governance?

    <p>Identifying, assessing, and prioritizing risks</p> Signup and view all the answers

    Which of these topics is covered under mobile and cloud security?

    <p>Threats and countermeasures</p> Signup and view all the answers

    What is the primary focus of ethical hacking?

    <p>Test and improve security systems</p> Signup and view all the answers

    Which concept is closely associated with the analysis and prevention of social engineering threats?

    <p>User training and awareness</p> Signup and view all the answers

    What is considered a passive attack?

    <p>Intercepting and monitoring network traffic</p> Signup and view all the answers

    Which motive is related to disrupting the operational capabilities of a business?

    <p>Disrupting business continuity</p> Signup and view all the answers

    Which of the following is an active attack?

    <p>DNS and ARP poisoning</p> Signup and view all the answers

    What characterizes insider attacks?

    <p>Trusted individuals exploit privileged access.</p> Signup and view all the answers

    Which type of attack involves an attacker being in physical proximity to the target?

    <p>Close-in attack</p> Signup and view all the answers

    What is the main goal of distribution attacks?

    <p>To tamper with hardware or software prior to installation</p> Signup and view all the answers

    Which method is typically associated with footprinting?

    <p>Gaining information about a target's IP address range</p> Signup and view all the answers

    Which technique is commonly used in active attacks?

    <p>Spoofing attacks</p> Signup and view all the answers

    Which motive involves seeking revenge on an individual or organization?

    <p>Taking revenge</p> Signup and view all the answers

    What type of attack includes methods like dumpster diving and shoulder surfing?

    <p>Close-in attack</p> Signup and view all the answers

    What is the primary role of the blue team in cybersecurity?

    <p>Defend against attackers and red teams</p> Signup and view all the answers

    What is a disadvantage of conducting black box penetration testing?

    <p>It can leave parts of the infrastructure untested</p> Signup and view all the answers

    What is the purpose of penetration testing tools?

    <p>Simulate real-world attack scenarios</p> Signup and view all the answers

    What is a significant pro of white box penetration testing?

    <p>Maximizes the testing time available</p> Signup and view all the answers

    What must be established before beginning a penetration test?

    <p>Rules of Engagement including IP addresses</p> Signup and view all the answers

    Which of the following best describes 'defense in depth'?

    <p>Multiple protection layers across the infrastructure</p> Signup and view all the answers

    What is the definition of cyber resilience?

    <p>Maintaining functionality despite adverse cyber events</p> Signup and view all the answers

    What is a key limitation of black box testing compared to white box testing?

    <p>It has a narrower testing scope</p> Signup and view all the answers

    What is the primary purpose of vulnerability analysis?

    <p>To examine the effectiveness of security controls</p> Signup and view all the answers

    Which phase is NOT part of system hacking methodology?

    <p>Threat Modeling</p> Signup and view all the answers

    What do Tactics, Techniques, and Procedures (TTPs) help identify?

    <p>Behavior of threat actors during attacks</p> Signup and view all the answers

    Which of the following is NOT a category of Indicators of Compromise (IoCs)?

    <p>Environmental Indicators</p> Signup and view all the answers

    What best describes the role of the Cyber Kill Chain methodology?

    <p>To enhance intrusion detection and response</p> Signup and view all the answers

    Which of the following is a technique used in the social engineering stage of an attack?

    <p>Sending spoof emails to collect information</p> Signup and view all the answers

    Which type of actions does the procedures within TTPs describe?

    <p>The sequence of actions performed by attackers</p> Signup and view all the answers

    What type of data is NOT considered as an indicator of compromise?

    <p>Standard firewall configurations</p> Signup and view all the answers

    What is a key aspect of the MITRE ATT&CK Framework?

    <p>A globally accessible knowledge base of adversary tactics and techniques</p> Signup and view all the answers

    What is NOT one of the four categories of IoCs?

    <p>File Indicators</p> Signup and view all the answers

    Which of the following describes 'Tactics' in the context of TTPs?

    <p>Guidelines that outline how attackers approach their attacks</p> Signup and view all the answers

    Which of the following is a common sign of a potential intruder within a network?

    <p>Increased database read volume</p> Signup and view all the answers

    Which of these is NOT part of the phases that attackers follow according to the Cyber Kill Chain?

    <p>Data Collection</p> Signup and view all the answers

    Study Notes

    Course Information

    • Course name: SENG 411 Cyber Security
    • Instructor: Dr. Emin Emrah Özsavaş
    • Email: [email protected]

    Course Aims & Scope

    • Describe the elements of cyber security
    • Explain cyber threats and attacks
    • Describe hacking methodologies
    • Understand security controls and countermeasures
    • Understand security governance

    Textbooks & Material

    • Ethical Hacking and Countermeasures Ver. 12, EC-Council 2022
    • Praise for CISSP All-in-One Exam Guide, Fernando Maymi, Shon Harris, McGraw Hill 2022
    • Practical Information Security Management: A Complete Guide to Planning and Implementation, Tony Campbell, Apress 2016

    Syllabus

    • Week 1: Introduction and Basics - Language of security, overview, Identity and Access Management, System Architectures - Identification, authentication, authorization, access control, system architecture concepts
    • Week 2: Identity and Access Management, Systems Architectures - Access control, architecture concepts, identity and access management
    • Week 3: Cryptography - Symmetric and asymmetric encryption, hash functions, digital signatures
    • Week 4: Network Security - Network attacks, security architectures, countermeasures
    • Week 5: Hacking Methodology - Footprinting and reconnaissance, scanning networks, enumeration, vulnerability analysis
    • Week 6: Hacking Methodology and Sniffing - System hacking (gaining access, escalating privileges, maintaining access, clearing logs) sniffing concepts and techniques
    • Week 7: Malware Threats - Malware concepts, APT, trojan, virus, worm, analysis, countermeasures
    • Week 8: Social Engineering and Session Hijacking - Concepts, threats, countermeasures
    • Week 9: Web Server and Web Application Security - Concepts, threats, countermeasures
    • Week 10: Mobile and Cloud Security - Concepts, threats, countermeasures
    • Week 11: Wireless, IoT, and OT Security - Concepts, threats, countermeasures
    • Week 12: Security Operations, Role of AI/ML - Threat intelligence, digital evidence and incident response, digital forensics, AI/ML in security posture
    • Week 13: Security Governance - Risk management, organizational security, security implementation, secure system development
    • Week 14: General Review

    Grading

    • Assignments & quizzes
    • Midterm exam
    • Final exam

    InfoSec Concepts

    • Information Security: Protection of information from unauthorized access, use, disclosure, disruption, modification, or destruction. Confidentiality, integrity, and availability are key aspects.
    • Information Technology Security (IT Security): Protection of information technologies.
    • Cybersecurity: Protecting cyberspace from cyberattacks. Includes information and non-information assets.

    CIA Triad

    • Confidentiality: Access is limited to authorized users.
    • Integrity: Data and resources are trustworthy and free of unauthorized changes.
    • Availability: Resources are accessible when needed by authorized users.

    InfoSec Details

    • Vulnerability: Weakness in a system that can be exploited.
    • Threat: An action that exploits a vulnerability.
    • Attack: Intentional exploitation of a vulnerability.
    • Countermeasure: Measures to resolve vulnerabilities and mitigate threats.
    • Risk: Potential for loss, damage, or destruction of an asset, resulting from a threat exploiting a vulnerability.

    Cyber Security

    • Motive: Goal behind cyberattacks,
    • Attacks: Motive + Method + Vulnerability
    • Cyberwarfare: Cyberattacks related to conflict (fifth domain of battle).
    • Cyber Resilience: Delivering the intended outcome despite adverse cyber events.

    Hacking Methodology (CEH)

    • Footprinting: Gathering information about the target.
    • Scanning: Identifying active hosts and open ports.
    • Enumeration: Actively probing the target system.
    • Vulnerability Analysis: Identifying weaknesses.
    • System Hacking: Gaining access, escalating privileges, maintaining access, and clearing logs.
    • Cyber Kill Chain: Methodology for understanding and preventing attacks (reconnaissance, weaponization, delivery, exploitation, installation, and actions on objectives).
    • Tactics, Techniques, and Procedures (TTPs): Activities, methods, and procedures employed by attackers (tactics are high-level, techniques are specific actions, and procedures are the sequence).
    • Indicators of Compromise (IOCs): Clues or artifacts indicating a possible intrusion.
    • MITRE ATT&CK: Framework for understanding and responding to cyberattacks.

    Penetration Testing (PenTesting)

    • Methods: Black-box (no prior knowledge), White-box (complete knowledge), Gray-box (limited knowledge)
    • Goals: Assessing security before an attack.
    • Tools: Software that simulates real-world attacks.
    • Rules of Engagement (RoE): Clear permission before starting with appropriate constraints.

    Teams

    • Blue Team: Defensive security team
    • Red Team: Attack team, simulates malicious activity

    Types of Attackers

    • Amateur: Uses readily available tools
    • Hacker (Cracker): Knows hacking techniques (intentional)
    • State-Funded Spy: Government-supported
    • Terrorist: Actively harmful agendas

    Ethical Hackers' Attributes

    • Professional and ethical values.
    • No hidden agenda.
    • Obtain permission.
    • Proper reporting.
    • No damage to systems tested.
    • Technical expertise (OS, networking, attacks)
    • Organizational security policies and standards.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Related Documents

    Description

    Test your knowledge on the fundamentals of cyber security covered in SENG 411. This quiz will assess your understanding of threats, attacks, and security controls based on the course syllabus and textbooks. Review concepts from identity management to system architectures.

    More Like This

    Use Quizgecko on...
    Browser
    Browser