1. Which of the following are examples of injection attacks?
Check all that apply.
- SYN flood attack
- Social engineering attack
- SQL injection
attack
- XSS attack
2. An attacker could redirect your browser to a fake website
login page using what kind of attack?
- DDoS attack
- SYN flood attack
- Injection attack
- DNS cache
poisoning attack
Explanation: What you have described seems like a
textbook example of a phishing attempt. Phishing is a sort of cybercrime in
which potential victims are tricked into divulging important information such
as usernames and passwords by hackers who build phony websites or emails that
are designed to seem like authentic ones. It is important to exercise extreme
caution and verify URLs in order to avoid falling into phishing traps.
3. A SYN flood occurs when the attacker overwhelms a server with
______.
- ACK packets
- SYN packets
- Injection attacks
- Malware
Explanation: The
term "SYN flood" refers to the situation in which an attacker
overwhelms a server with a large number of TCP connection requests, more
precisely SYN (synchronize) packets. The objective is to deplete the server's
resources to the point when it is unable to receive connection requests that
are intended to be genuine.
4. The best defense against injection attacks is to ______.
- Use input validation
- Use antimalware software
- Use a firewall
- Use strong passwords
Explanation: It
is recommended to make use of parameterized queries and prepared statements as
the most effective protection against injection attacks. It is possible to
dramatically lessen the likelihood of injection attacks by isolating SQL code
from user input and making use of placeholders. Due to the use of this
approach, it becomes more difficult for malicious code to be injected into your
queries.
5. Which of these is an example of the integrity principle that
can ensure your data is accurate and untampered with?
- Keeping a symmetric key secret
- Implementing flood guards
- Using MACs (Message Authentication
Codes)
- Using
Encapsulating Security Payload
Explanation: Hash functions are a nice example of
a metric that may be used to guarantee the integrity of data. If you generate a
hash value, which is a string of characters with a set length, depending on the
contents of the data, you will be able to determine whether or not the data has
been changed. If there is any manipulation of the data, the hash value will
shift, which is an indication that there may have been a breach of integrity.
Checksums and digital signatures are two examples of procedures that often make
use of this.
6. If there are cyber threats and vulnerabilities to your
system, what does that expose you to? Check all that apply.
- Attacks
- The CIA triad
- Exploits
- Tailgating
7. Which of these is a characteristic of Trojan malware?
- A Trojan
infection needs to be installed by the user.
- A Trojan may get installed without the user’s
consent.
- A Trojan is the same thing as a rootkit.
- A Trojan is
basically backdoor malware.
Explanation: One
of the characteristics of Trojan malware is that it makes an attempt to deceive
people into downloading it by disguising itself as something that is either
genuine or harmless. Once installed, Trojans may execute dangerous operations
without the user's awareness, such as stealing data, allowing illegal access,
or building backdoors for other malware. Trojans sometimes arrive disguised as
beneficial software, games, or files. However, once they are installed, they
can do these activities anonymously.
8. What is it called when a hacker is able to get into a system
through a secret entryway in order to maintain remote access to the computer?
- Ransomware
- Adware
- A backdoor
- A Trojan
Explanation: The
act of a hacker gaining unauthorized access to a system and establishing a
concealed entry point for the purpose of sustaining remote access is sometimes
referred to as the creation of a "backdoor." The backdoor gives the
hacker the ability to access the system without being discovered, and it may be
used for a variety of nefarious actions, including the theft of information,
the initiation of assaults, or the remote control of the hacked machine.
9. Which of these are ways a hacker can establish a
man-in-the-middle attack? Check all that apply.
- Tailgating
- Rogue Access Point (AP)
- Evil Twin
- Session hijacking
10. Which of these is where a victim connects to a network that
the victim thinks is legitimate, but is really an identical network controlled
by a hacker to monitor traffic?
- A Denial of Service (DoS)
- A logic bomb
- DNS Cache Poisoning
- Evil Twin
Explanation: The
kind of assault that you are describing is often referred to as a "Evil
Twin" strike. A hacker will create a Wi-Fi network that has a name and
features that are similar to those of a legal network in order to fool victims
into joining to it. This kind of attack is known as an Evil Twin attack. As
soon as the hacker is connected, they are able to monitor and record the
network activity of the victim, which gives them the opportunity to possibly
obtain access to important information. An attack of this kind takes advantage
of the faith that users have in well-known network names, which makes it an
approach that is both misleading and effective for listening in on confidential
conversations.
11. What is it called if a hacker takes down multiple services
very quickly with the help of botnets?
- Distributed denial-of-service (DDoS)
- Cross-site Scripting (XSS)
- A password attack
- A SQL injection
Explanation: When
a hacker shuts down many services in a short amount of time by flooding them
with traffic from a large number of infected devices, this kind of assault is
often referred to as a "Distributed Denial of Service" (DDoS) attack.
In these kinds of assaults, the hacker often takes control of a network of
hacked computers, which is referred to as a botnet. The botnet is used to flood
the target services with traffic, which causes the services to become
inaccessible to users who are authorized to use them. As a result of the
attack's widespread and coordinated nature, it is difficult to fight against
and minimize its effects.
12. If a hacker targets a vulnerable website by running commands
that delete the website’s data in its database, what type of attack did the
hacker perform?
- A Denial-of-Service (DoS) attack
- A dictionary attack
- Cross-site Scripting (XSS)
- SQL injection
Explanation: It
is common practice to refer to the kind of attack that you are describing as a
"SQL Injection" assault. This form of attack occurs when a hacker
executes instructions to erase data from a website's database. SQL Injection
attacks are carried out by hostile actors that take advantage of weaknesses in
the input validation features of a website in order to insert malicious SQL
(Structured Query Language) code into database queries. It is possible that
this may result in the illegal access, alteration, or destruction of data
contained inside the database, depending on the goals of the attacker. Web
applications that depend on databases for the purpose of storing and retrieving
information are susceptible to this danger, which is both prevalent and
significant.
13. An end-user received an email stating his bank account was
compromised, and that he needs to click a link to reset his password. When the
user visited the site, he recognized it as legitimate and entered his
credentials which were captured by a hacker. What type of social engineering
attack does this describe?
- A baiting attack
- A phishing attack
- A tailgating attack
- A SQL injection attack
Explanation: It
is clear that the situation you described is an example of a
"Phishing" assault, more precisely an attack that includes sending
misleading emails and creating a false website. In this particular instance,
the user was sent a bogus email that said that their bank account had been
hijacked. The email then referred them to a website that seemed to be authentic
in order to change their password. The website, on the other hand, was under
the hands of a hacker, and the user inadvertently gave their credentials, which
were subsequently taken by the attacker. The use of social engineering
techniques is often used in phishing attacks in order to deceive people into
giving sensitive information.
14. When cleaning up a system after a compromise, you should
look closely for any ______ that may have been installed by the attacker.
- Injection attacks
- Backdoors
- Poisoned DNS caches
- Rogue Aps
Explanation: When
you are cleaning up a system after it has been compromised, you should pay
special attention to any "backdoors" that the attacker may have used
to gain access to the system. Backdoors are concealed entry points that provide
illegal access to the system. Attackers often make use of backdoors in order to
continue exercising control over the system even after the initial penetration
has been made. Once the security of the system has been restored, it is
essential to locate and close any backdoors that may have been present.
15. The best defense against password attacks is using strong
_______.
- Passwords
- Antimalware software
- Firewall configs
- Encryption
Explanation: The
use of robust "passwords" is the most effective security against
assaults that target passwords. Passwords that are considered to be strong
often consist of a mix of capital and lowercase letters, numbers, and special
characters. Furthermore, it is of the utmost importance to refrain from using
information that may be readily guessed, such as names or popular terms, and to
change passwords on a consistent basis. With the implementation of multi-factor
authentication (MFA), an additional layer of protection is added. This is
because users are required to provide various forms of identity before they are
granted access.
16. A hacker stood outside a building and spun up a wireless
network without anyone’s knowledge. At that point, the hacker was able to gain
unauthorized access to a secure corporate network. Which of these is the name
of this type of attack?
- A Denial-of-Service (DoS) attack
- SYN flood attack
- A Rogue AP (Access Point) attack
- A DNS Cache Poisoning attack
Explanation: Your
description of the situation is an example of what is known as a "Evil
Twin" assault. A hacker will set up a rogue wireless network that is
designed to seem like a legal network in order to fool people into joining to
it. This kind of attack is known as an Evil Twin assault. The attacker is able
to intercept and alter the communication after they have successfully joined to
the network, which might result in them getting unauthorized access to the
protected corporate network. This sort of attack takes advantage of the faith
that users have in well-known network names, which makes it an approach that is
both misleading and effective for gaining illegal information.
17. What can occur during a ping of death (POD) attack? Check
all that apply.
- A Denial-of-Service (DoS)
- Remote code execution
- Baiting
- A buffer overflow
18. How can injection attacks be prevented? Check all that
apply.
- Log analysis systems
- Input validation
- Flood guards
- Data sanitization
19. How can you increase the strength of your passwords? Check
all that apply.
- Incorporate symbols and numbers.
- Exclude dictionary words.
- Use passwords from a precompiled list.
- Use a mix of capital and lowercase
letters.
20. A network-based attack where one attacking machine
overwhelms a target with traffic is a(n) _______ attack.
- Denial of Service
- Injection
- Malware
- Brute force password
Explanation: A
"Denial of Service" (DoS) assault is a kind of network-based attack
in which a single attacker computer attacks a target by flooding it with an
excessive amount of data. The purpose of a denial of service assault is to
render a network, system, or service inaccessible to the users for whom it was
designed. This is accomplished by flooding the system or network with an
overwhelming amount of traffic, which disrupts the regular functioning of the
system or network. It is often referred to as a "Distributed Denial of
Service" (DDoS) assault when numerous computers are actively participating
in the attack and working together to launch it at the same time.
21. What makes a DDoS attack different from a DoS attack? Check
all that apply.
- A DDoS attack has attack traffic coming from one
source.
- A DoS attack has attack traffic coming
from one source.
- A DoS attack has attack traffic coming from many
different sources.
- A DDoS attack has attack traffic coming from many
different sources.
22. Which of these is an example of the confidentiality
principle that can help keep your data hidden from unwanted eyes?
- Making sure the data hasn’t been
tampered with
- Preventing an unwanted download
- Preventing data loss
- Protecting online accounts with password protection
Explanation: One
example of a measure that is in accordance with the secrecy principle is the
encryption of sensitive data. The process of encrypting data involves
converting it into a safe format that can only be decoded by using the correct
decryption information. This helps to guarantee that even if unauthorized
persons obtain access to the data, they are unable to comprehend or make use of
it without the decryption key, therefore preserving the secrecy of the
information.
23. What’s the difference between a virus and a worm?
- Viruses replicate through files, but
worms live on their own.
- Viruses do not replicate like worms do.
- Worms replicate, viruses do not.
- Worms replicate through files, but viruses live on
their own.
24. A hacker infected your computer to steal your Internet
connection and used your machine’s resources to mine Bitcoin. What is the name
of this kind of attack?
- Ransomware
- Adware
- A bot
- Spyware
Explanation: An
example of a "Cryptojacking" assault is shown by the situation that
you just detailed. A kind of cybercrime known as cryptojacking involves hackers
stealthily mining cryptocurrencies like Bitcoin using the computational power
of users who are unaware of the activity and without their knowledge or
agreement. Infecting computers with malware that executes cryptocurrency mining
activities in the background, taking advantage of the victim's hardware and
energy to create digital money for the attacker, is the method that is used to
accomplish this goal.
25. Which of these sends tons of packets to a system in order to
crash it or prevents services from being available? Check all that apply.
- SYN flood
- Ping flood
- An Evil Twin
- Ping of Death (POD)
26. You receive a legitimate-looking email from a sender that
you recognize asking you to click a funny link. But, once you do, malware
installs on your computer. What is most likely the reason you got infected?
- The sender’s email has been hacked.
- The sender’s email password was cracked.
- The sender’s email address was spoofed.
- The sender’s email password was used in a DNS Cache
Poisoning attack.
Explanation: According
to what you have mentioned, the situation is consistent with a
"Phishing" assault. Through the use of an email that seemed to be
received from a known source, the attacker was able to convince you to click on
a link that was included in the message. On the other hand, clicking on the
link will take you to a malicious website that, if opened, will install malware
on your machine.
Within the context of this situation, the most important cause
for infection is that the victim fell prey to the social engineering techniques
that were used by the attacker. Phishing is a sort of social engineering that
involves the conjuring up of a false feeling of trust or urgency in order to
trick someone into doing certain activities, such as clicking on links or
disclosing sensitive information. It is crucial to exercise caution and check
the legitimacy of emails that are unexpected, especially if they seem to be
from sources that are the recipient is acquainted with.
27. Which of these is a way to help prevent brute-force attacks?
Check all that apply.
- Strong passwords
- Password crackers
- Using a precompiled list of common passwords
- Captchas
28. A(n) _____ attack is meant to prevent legitimate traffic
from reaching a service.
- Password
- DNS Cache poisoning
- Injection
- Denial of Service
Explanation: An
attack known as a "Denial of Service" (DoS) is created with the
intention of preventing genuine traffic from accessing a service. In a denial
of service assault, the objective is to flood a system, network, or service
with an excessive amount of traffic in order to render it inaccessible to those
who are authorized to use it. As a consequence, this may lead to the
interruption of services and the rejection of access to resources.
29. Which of these is true of vulnerabilities? Check all that
apply.
- A vulnerability is a flaw in the code
of an application that can be exploited.
- An exploit is the possibility of taking advantage
of a vulnerability bug in code.
- A vulnerability is the possibility of suffering a
loss in the event of an attack.
- An exploit takes advantage of bugs and
vulnerabilities.
30. What type of attack can a hacker perform that involves
injecting malicious code into a website to hijack a session cookie?
- A password attack
- Cross-site Scripting (XSS)
- Ping flood
- SQL injection
Explanation: The
kind of attack that you are describing is referred to as a "Session
Hijacking" or "Session Cookie Hijacking" assault. A hacker will
inject malicious code into a website in order to either grab session cookies or
change them. This kind of attack is used. Authentication and identification of
users throughout a browser session are accomplished via the usage of session
cookies.
The attacker is able to obtain unauthorized access to a user's
account, impersonate the user, or carry out operations on the website on behalf
of the compromised user if they are successful in hijacking a session cookie. A
security threat that compromises the confidentiality and integrity of user
sessions on a website is referred to as a website session compromise. Sessions
hijacking attacks may be mitigated by taking precautions such as using secure
connections (HTTPS), following secure coding techniques, and routinely
upgrading software. These are all examples of measures that can assist.
31. Phishing, baiting, and tailgating are examples of ________
attacks.
- Password
- Malware
- Social engineering
- Network
32. An attack that would allow someone to intercept your data as
it’s being sent or received is called a(n) _________ attack.
- SYN flood
- Denial of Service
- Man-in-the-middle
- Injection
Explanation: An
assault that is known as a "Man-in-the-Middle" (MitM) attack is one
that gives an individual the ability to intercept your data while it is being
sent or received. An assault known as a "Man in the Middle" occurs
when an adversary stealthily intercepts and maybe modifies the communication
that is taking place between two parties without the awareness of those
parties. Because of this, the integrity and confidentiality of the data that is
being communicated may be jeopardized. It is possible for man-in-the-middle
attacks to take place in a variety of settings, including during online
purchases, communication via Wi-Fi, or email exchanges. A reduction in the
likelihood of Man-in-the-Middle attacks may be achieved by the use of secure
communication routes, encryption, and the verification of the validity of
communication endpoints.
33. If a hacker can steal your passwords by installing malware
that captures all the messages you type, what kind of malware did the hacker
install? Check all that apply.
- A logic bomb
- A rootkit
- A keylogger
- Spyware