Infosec 101
An Unauthorized practice of obtaining confidential information by manipulating people into disclosing sensitive data is referred to as:
Social engineering
se le pide a un hacker ético que que ejecute pruebas y lo único que le porporcionan es una URL
qué tipo de hackeo es:
caja negra
you'll likely shake ur head when u see telnet available normally seen on this port
23
jelly bean, kitkat, lollipop, marshmallow, nougat, oreo,
son versiones de... ?
android
Before applying a software update to production systems, it is MOST important that
a) Full disclosure information about the threat that the patch addresses is available
b) The patching process is documented
c) The production systems are backed up
d) An independent third party attests the validity of the patch
c) The production systems are backed up
Beware of these types of programs that track every stroke you make while typing in an effort to glean your password
Keylogger
Dispositivo utilizado para bloquear el espectro de radiofrecuencias
jammer
una compañía sufre un ataque de DDoS; tienen la dirección IP del atacante y quieren contactar al ISP para reportar
qué comando pueden ejecutar para obtener más información de la IP que tienen?
whois lookup
A network technician is connecting to a switch to modify the configuration. DHCP is not enabled on the management port. Which of the following does the technician need to configure to connect to the device?
IP Address
Technical evaluation of assurance to ensure that security requirements have been met is known as?
a) Accreditation
b) Certification
c) Validation
d) Verification
b) Certification
Phishing scams targeting people holding high positions in an organizations or business are known as:
Whaling
Malicious code activated by a specific event is called:
Logic Bomb
Qué protocolo de autenticación transmite las contraseñas sin cifrado y por lo tanto es considerado inseguro
RADIUS
PAP
TACACS+
CHAP
PAP
In a linux based OS, You are trying to find out which of your plugged in network adapters supports WiFi, what command should you use in your terminal window?
iwconfig
A software or hardware-based security solution designed to detect and prevent unauthorized use and transmission of confidential information outside of the corporate network (data exfiltration) is known as:
DLP
Logging is an example of which type of defense against systems compromise?
A. Containment
B. Detection
C. Reaction
D. Recovery
B. Detection
a malicious collection of software tools used by a hacker to mask instrusion and obtain administrator-level access to a computer or a computer network is known as
rootkit
Jason is the local network administrator who has been tasked with securing the network from possible DoS attacks. Within the last few weeks, some traffic logs appear to have internal clients making requests from outside the internal LAN. Based on the traffic Jason has been seeing, what action should he take?
A. Throttle network traffic.
B. Update antivirus definitions.
C. Implement egress filtering.
D. Implement ingress filtering.
D. Implement ingress filtering.
What is a rainbow table?
Port knocking (Tocar puertos) es un metodo discreto de abrir puertos que, por default, el firewall mantiene cerrado. Funciona requiriendo intentos de conexion a una serie de puertos predefinidos cerrados. Cuando la sequencia correcta de "toquidos" a puertos (intentos de coneccion) es recibida, el firewall abre entonces cierto(s) puerto(s).
El beneficio es que, en un escaneo de puertos normal, pareceria que el servicio del puerto simplemente no esta disponible.
A. ensure information security covers all business functions.
B. ensure information security aligns with business goals.
C. raise information security awareness across the organization.
D. implement all decisions on security management across the organization.
B. ensure information security aligns with business goals.
Explica que es port knocking y cuál es su beneficio
Port knocking (Tocar puertos) es un metodo discreto de abrir puertos que, por default, el firewall mantiene cerrado. Funciona requiriendo intentos de conexion a una serie de puertos predefinidos cerrados. Cuando la sequencia correcta de "toquidos" a puertos (intentos de coneccion) es recibida, el firewall abre entonces cierto(s) puerto(s).
El beneficio es que, en un escaneo de puertos normal, pareceria que el servicio del puerto simplemente no esta disponible.
Given the following logs:
Aug 18 11:00:57 comptia sshd[5657]: Failed password for root from 10.10.10.192 port 38980 ssh2
Aug 18 23:08:26 comptia sshd[5768]: Failed password for root from 18.70.0.160 port 38156 ssh2
Aug 18 23:08:30 comptia sshd[5770]: Failed password for admin from 18.70.0.160 port 38556 ssh2
Aug 18 23:08:34 comptia sshd[5772]: Failed password for invalid user asterisk from 18.70.0.160 port 38864 ssh2
Aug 18 23:08:38 comptia sshd[5774]: Failed password for invalid user sjobeck from 10.10.1.16 port 39157 ssh2
Aug 18 23:08:42 comptia sshd[5776]: Failed password for root from 18.70.0.160 port 39467 ssh2
Which of the following can be suspected?
a) An unauthorized user is trying to gain access from 10.10.10.192.
b) An authorized user is trying to gain access from 10.10.10.192.
c) An authorized user is trying to gain access from 18.70.0.160.
d) An unauthorized user is trying to gain access from 18.70.0.160.
d) An unauthorized user is trying to gain access from 18.70.0.160.
08. The SELinux and AppArmor security frameworks include enforcement rules that attempt to prevent which of the following attacks?
a) Lateral movement
b) Sandbox escape
c) Cross-site request forgery (CSRF)
d) Cross-site- scripting (XSS)
b) Sandbox escape
bitcoins blocks area hashed using this cryptographyc algortihm
sha 256
Which of the following can BEST be used to capture detailed security requirements?
a) Threat modeling, covert channels, and data classification. b) Data classification, risk assessments, and covert channels c) Risk assessments, covert channels, and threat modeling d) Threat modeling, data classification, and risk assessments
d) Threat modeling, data classification, and risk assessments