Layer by Layer
This layer of the OSI model is responsible for logical addressing and routing using IP addresses
What is the Network Layer (Layer 3)?
The protocol that acts as the internet's phonebook, translating domain names to IP addresses on port 53.
What is DNS?
This pillar of the CIA Triad ensures that systems are online and accessible to authorized users.
What is Availability?
The Nmap switch used to perform an "aggressive" scan, which includes OS and version detection.
What is -A?
The two golden rules of ethical hacking are to get written permission and to stay within this.
What is the scope?
This layer of the TCP/IP model combines the functions of the OSI model's Application, Presentation, and Session layers.
What is the Application Layer?
This connectionless protocol is favored for its speed in applications like live streaming and online gaming.
What is UDP?
A threat actor motivated by political causes, often using DDoS attacks or website defacement.
Who is a Hacktivist?
The unique identifier for a publicly known security flaw, such as CVE-2017-0144.
What is a CVE?
A type of payload that makes the victim machine connect back to a listener on the attacker's machine, often bypassing firewalls.
What is a Reverse Shell?
The natural weakening of a Wi-Fi signal as it passes through solid objects like walls.
What is Attenuation?
The three packets, in order, that make up the TCP three-way handshake.
What are SYN, SYN/ACK, and ACK?
The stage of the Cyber Kill Chain where an attacker sends a phishing email.
What is Delivery?
The command-line interface for the Metasploit Framework.
What is msfconsole?
This defensive tool sits in-line with traffic and can actively block a detected threat.
What is an IPS (Intrusion Prevention System)?
The four-step process of Discover, Offer, Request, and Acknowledge is used by this protocol.
What is DHCP?
The open-source firewall and router software that can turn a computer into an enterprise-grade security appliance.
What is pfSense?
The framework from MITRE that provides a detailed knowledge base of adversary tactics, techniques, and procedures (TTPs).
What is the ATT&CK framework?
A type of vulnerability scan where the scanner has login credentials, allowing it to perform more accurate, in-depth local checks.
What is an Authenticated (or Credentialed) Scan?
The ' OR 1=1 # string is a classic payload for this type of web application attack.
What is SQL Injection?
The type of Wi-Fi security used in businesses that requires a unique username and password for each user, often via a RADIUS server.
What is WPA2/WPA3-Enterprise?
The most widely deployed open-source Intrusion Prevention System (IPS) in the world, now developed by Cisco.
What is Snort?
This type of threat actor is considered the most sophisticated and well-resourced, known for creating Advanced Persistent Threats (APTs).
Who is a Nation-State Actor?
The open-source platform that combines SIEM, HIDS, and XDR capabilities into a single security monitoring solution.
What is Wazuh?
Metasploit's advanced, in-memory payload that is stealthy and provides a wide range of post-exploitation capabilities.
What is Meterpreter?