Ports
This encrypted alternative to HTTP uses this port by default.
What is port 443?
Switches primarily operate at this OSI layer.
What is Layer 2 – Data Link?
This Linux‑based distribution is designed for security testing.
What is Kali Linux?
This AAA component tracks user actions after login.
What is accounting?
This long‑term attack combines stealth, persistence, lateral movement, and evasion—often associated with nation‑states.
What is an Advanced Persistent Threat (APT) or Bruno Mars?
This protocol securely replaces Telnet, what port number and protocol is it?
What is port 22 and SSH?
At this OSI layer, data is handled as packets and routed between networks using logical addresses such as IP addresses.
What is Layer 3 – Network?
This network scanning tool is commonly used for port discovery.
What is Nmap?
This process verifies a user’s identity before access is granted.
What is authentication?
This attack allows execution of unintended database commands due to insufficient input validation.
What is SQL injection?
This file transfer protocol uses port 21 for control traffic.
What is FTP?
This OSI layer is closest to the end user.
What is Layer 7 – Application?
This framework is commonly used for penetration testing and exploitation.
What is Metasploit?
This access control model assigns permissions based on job roles.
What is Role‑Based Access Control (RBAC)?
This attack collects authentication secrets through memory inspection, keystrokes, or API misuse.
What is credential harvesting?
This range of ports is considered “well‑known ports.”
What is ports 0–1023?
This OSI layer ensures reliable data transfer and flow control.
What is Layer 4 – Transport?
This SIEM tool is used for log aggregation and correlation.
What is Splunk?
This security concept ensures users cannot deny actions they performed.
What is non‑repudiation?
This attack exploits reused credentials from previously breached services rather than guessing passwords.
What is credential stuffing?
This protocol resolves IP addresses to MAC addresses and does not use a port number.
What is ARP?
This layer handles data formatting, compression, and encryption.
What is Layer 6 – Presentation?
This vulnerability scanner is widely used in enterprise environments.
What is Nessus?
This centralized authentication protocol is commonly used in Windows domains.
What is Kerberos?
This attack abuses the trust of an authenticated session by forcing a browser to issue unauthorized requests.
What is Cross‑Site Request Forgery (CSRF)?