Social Engineering
What is the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes?
Social Engineering
What is a software that has been created for nefarious purposes?
Malware
What is it called when an attacker is able to place themselves in the middle of two other hosts that are communicating?
Man in the middle (MITM) attack
SQL Injection
Anti-malware software fails to detect a ransomeware attack that is supposed to be within its capabilities of detecting. What is this an example of?
False negative
What is defined as the use of telephones to conduct a phishing attack?
Vishing
What is it called when an attacker uses a predetermined database to attempt to crack passwords?
What is a Distributed Denial-of-Service (DDoS) attack?
The employing of multiple attacking systems to ultimately deny the use of or access to a specific service or system
An attacker exploits a vulnerability from the user level and now has root access. What is this called?
Privilege escalation
What type of scan shows the view of the a true outsider on the network?
Non-credentialed
If someone follows another through a locked door what type of attack is this?
Tailgating
An organization puts a limit on the amount of failed password attempts a user has, what type of attack does this mitigate?
Brute force
What is an initialization vector (IV)
Used in wireless systems, the randomization element at the beginning of a connection
When an attacker captures network traffic and retransmits at a later time, what type of attacks are they attempting?
Replay attack
What is the process of examining services on computer systems for known vulnerabilities in software?
Vulnerability scanning
What is it called when an attacker attempted to phish a CEO?
Whaling
What is a rainbow attack?
Using a dictionary of password hashes to guess the plaintext password
Your network scan is showing a large number of address changes to the MAC tables and lots of ARP and RARP messages. What type of attack is this?
MAC Flooding
While examining a laptop infected with malware, you notice that it loads on startup, and a file called netutilities.dll every time Word is opened. What is this an example of?
DLL Injection
What is the practice of proactively searching for cyber threats that are inside a network, yet remaining undetected?
Threat hunting
Scarcity
you notice TCP Port 31337 is open on your server. The you connect to the port via Netcat, you are prompted to enter a password. What type of malware is this?
Backdoor
At the airport, you get a message on your phone. It is a picture of a duck with the word "Pwned" and you don't know who sent the message. What type of attack did you just experience?
Bluejacking
A web app has an input field for a username and indicates it should be between 6 and 12 characters. You discovered that if you input 150 characters, it crashes. What is this an example of?
Buffer overflow
Log aggregation