01 Great White Wireshark
These are the three main port states Nmap might report after conducting a scan.
What are Open, Closed, and Filtered?
This is the paid alternative to GPG. (PROVIDE FULL NAME)
What is Pretty Good Privacy (PGP)?
In the same way onions have layers, this security posture prevents network compromise at a single point of failure.
What is Defense in Depth (DiD)?
These are the three modes that Snort can operate in.
What are sniffer, packet logger, and NIDS?
This social engineering technique involves threatening to release information to defame someone, in order to coerce them into performing a desired action.
Blackmail
This command line tool will utilize Twofish encryption to conduct: port scanning, file transfers, remote administration, banner grabbing, proxying, or listening...
What is Cryptcat?
Base 64, UTF-8, ASCII, UTF-16, Hexadeimal, URL, JSON, and XML are all forms of what?
What is encoding?
This would be the term to describe a device that is analyzing packets; placed behind the firewall and off a span port so as not to interrupt traffic flow.
What is a Network-Based Intrusion Detection System (NIDS)?
These are uniquely identifying characteristics of known malware/threats that can be compared against to find malicious activity.
What are signatures?
This social engineering technique involves establishing a false narrative to trick a victim into providing sensitive information.
Pretexting
Nmap scans these ports by default.
What are 1,000 well-known ports?
This property of symmetric encryption hides the statistical relationship between cipher text and key.
What is confusion?
These are the two types of packet filtering conducted by firewalls.
What is stateless and stateful/dynamic?
This is the event classification to describe the following scenario:
My IDS alerts with the following message: "BRUTE FORCE LOGIN DETECTED". Upon inspection, it is revealed that a user simply forgot their password and made too many attempts.
What is a false positive?
DAILY DOUBLE!!!
The answering team may wager as many points as they like and if they answer correctly those points are doubled. If not, they lose those points and no team will have the opportunity to steal. If the team has less than 500 points, they may still wager up to 500.
These three branches of the military have never had an insider threat incident, at least according to public knowledge.
This method of facilitating a buffer overflow attack will cause the program to jump to a known pointer stored within a register which points to the controlled buffer and thus the shellcode.
What is a trampoline sled?
This is the key I would use to encrypt a message via asymmetric encryption.
What is the recipient's public key?
This component of an IDS/IPS collects traffic for analysis.
What is the sensor/data processor?
Using a series of 0x90 opcodes, I can facilitate the execution of shellcode in this type of attack.
What is a buffer overflow attack?
Deemed the "worst breach of U.S. military computers in history", this attack began its infection via a road apple. It led to the formation of the US Cyber Command.
What is Operation Buckshot Yankee or Agent.BTZ?
This component of IPv6 creates a host's IP based on their MAC address. (FULL PROPER NAME)
What is Stateless Address Auto-configuration (SLAAC)?
This layer 3 security protocol provides a cryptographic layer to both IPv4 and IPv6.
What is IPSec?
This technique can be used by network administrators to separate your network into smaller parts, allowing you to isolate those sections if needed.
What is network segmentation?
These are the four categories of baseline configurations.
What are operating systems, network devices, applications, and cloud services?
LimeWire would be an example of this type of attack.
What is a drive-by-download?