What does this mean?
DDOS is the common abbreviation for this acronym.
What is a Distributed Denial of Service?
This describes a vulnerability that have not been found or have not been published.
What is a zero day attack?
This is when an attacker changes their MAC address to match the MAC address of an existing device.
What is MAC cloning or MAC spoofing?
Name one example of a source to research common and known vulnerabilities and attacks.
What is the National Vulnerability Database (NVD)?
What is the Common Vulnerabilities and Exposures (CVE)?
What is the Microsoft Security Bulletins?
What is penetration testing?
Log collection of security alerts, real-time information, log aggregation and long-term storage, and advanced reporting features are functions of this security tool.
What is an SIEM or Security Information and Event Management?
Telnet, FTP, SMTP, and IMAP are all examples of these types of protocols.
What are insecure or plain text protocols?
Shredding your documents protects against this type of attack.
What is dumpster diving?
Publicly available sources such as the internet, government data, commercial data are examples of this type of intellegence.
What is Open Source Intelligence or OSINT?
This is an important document that defines purpose and scope and makes everyone aware of the test parameters.
What is the rules of engagement?
“Hello sir, my name is Wendy and I’m from Microsoft Windows. This is an urgent check up call for your computer as we have found several problems with it.”
The above conversation is an example of this method.
What is pretexting?
Tampering with the underlying infrastructure or manufacturing process is an example of this type of attack vector.
What are supply chain attacks?
A Chief Financial Officer (CFO) has been receiving email messages that have suspicious links embedded from unrecognized senders. The emails ask the recipient for identity verification. The IT department has not received reports of this happening to anyone else. This is the MOST likely explanation for this behavior?
What is a whaling attack.
Unusual amount of network activity, uncommon login patterns, or changes to file hash values are examples.
What are indicators of compromise? (IoCs)
Exploiting vulnerabilities, offensive security, ethical hacking, and web application scanning are activities of this type of team.
What is a red team?
Joe, an employee, knows he is going to be fired in three days. This characterization describes the employee.
What is an insider threat?
This is a type of risk when you have lack of vendor support or outsourced code development.
What are third party risks?
The IT department receives a call one morning about users being unable to access files on the network shared drives. An IT technician investigates and determines the files became encrypted at 12:00 a.m. While the files are being recovered from backups, one of the IT supervisors realizes the day is the birthday of a technician who was fired two months prior. This describes what was likely placed.
What is a logic bomb?
This four letter acronym means to automate routine, tedious, and time intensive activities.
What is security orchestration, automation, and response, or SOAR?
Creating a network map and footprinting are examples of this activity.
What is reconnaissance?
Redirecting your traffic, ARP poisoning, are examples of this type of attack, formerly known as man-in-the-middle.
What is an on-path network attack?
In June 2017, 14 million Verizon records were exposed because a third-party left an Amazon S3 data repository open and a researcher found the data before anyone else, describing this type of vulnerability.
What are open permissions?
This attack takes advantage of the trust that a web application has for the user. Because the web site trusts your browser, requests are made without your consent or your knowledge.
What is a cross-site request forgery?
This was made because the intelligence industry needed a standard way to share important threat data.
What is automated indicator sharing (AIS) or Structured Threat Information eXpression (STIX) or Trusted Automated eXchange of Indicator Information (TAXII)?
In May through July 2017 - Equifax had a data breach impacting 147.9 million Americans, 15.2 million British citizens, and 19,000 Canadian citizens including names, SSNs, birthdates, addresses, some driver’s license numbers. As a result of this breach, there is a potential for this impact.
What is identity theft?