Networking Basics
This 7-layer conceptual framework includes layers like Application, Transport, and Physical.
What is the OSI Model?
The protocol that uses the four-step DORA process to automatically assign IP addresses.
What is DHCP?
This pillar of the CIA Triad ensures that systems are online and accessible to authorized users.
What is Availability?
The Nmap switch used to perform a "ping scan" for host discovery without port scanning.
What is -sn?
The two golden rules of ethical hacking are to get written permission and to stay within this.
What is the scope?
The permanent, 48-bit hardware address burned into a network card.
What is a MAC Address?
This connectionless protocol is favored for its speed in applications like DNS lookups and online gaming.
What is UDP?
An attacker who uses pre-made tools and scripts without fully understanding them, often motivated by ego.
Who is a Script Kiddie?
A unique identifier, such as CVE-2021-44228, for a publicly known vulnerability.
What is a CVE?
The Metasploit module that contains the code that takes advantage of a specific vulnerability.
What is an Exploit?
This protocol uses port 22 for secure remote command-line administration.
What is SSH (Secure Shell)?
The most secure and modern Wi-Fi encryption standard.
What is WPA3?
The stage of the Cyber Kill Chain where an attacker creates a malicious payload, such as a backdoored PDF file.
What is Weaponization?
The Nmap switch that enables "aggressive" mode, turning on OS detection, version detection, and script scanning.
What is -A?
A type of payload that makes the victim machine connect back to a listener on the attacker's machine.
What is a Reverse Shell?
The process of dividing a large network into smaller ones, often using CIDR notation like /26.
What is Subnetting?
The three packets, in order, that make up the TCP three-way handshake.
What are SYN, SYN/ACK, and ACK?
A threat actor, such as a disgruntled employee, who abuses their legitimate access to harm an organization.
Who is an Insider Threat?
The scoring system from 0.0 to 10.0 used to rate the severity of a vulnerability.
What is CVSS (Common Vulnerability Scoring System)?
The ' OR 1=1 # string is a classic payload for this type of web application attack.
What is SQL Injection?
The service on a router that translates between one public IP and many private IPs.
What is NAT (Network Address Translation)?
The type of Wi-Fi security used in businesses that requires a unique username and password for each user, authenticated by a RADIUS server.
What is WPA2/WPA3-Enterprise?
This framework, managed by MITRE, is a comprehensive knowledge base of adversary tactics, techniques, and procedures (TTPs).
What is the ATT&CK framework?
A type of vulnerability scan where the scanner has login credentials, allowing it to perform much more accurate, in-depth local checks.
What is an Authenticated (or Credentialed) Scan?
Metasploit's advanced, in-memory payload that is stealthy and provides a wide range of post-exploitation capabilities.
What is Meterpreter?