Network Nightmares
Hacker Tactics
Blue Teaming
Malware Madness
Acronyms
100

What protocol uses port 80 and is it secure or not? 

HTTP and it is not secure

100
What is the practice of tricking people into revealing confidential information, often via email or phone?

Social Engineering 

100
What tool collects and analyzes logs from multiple systems to detect suspicious activity?

Security Information and Event Manager (SIEM) 

100

What type of malware disguises itself as a legitimate program?

Trojan

100

What is the CIA triad?

Confidentiality, Integrity, Availability 

200

What protocol is used to securely connect to a remote system and uses port 22?

Secure Shell (SSH)

200

What type of attack involves trying every possible combination of characters to guess a password?

Brute-Force Attack

200

What systems monitor network or host activity for malicious behavior and can alert or block on attacks? 

Intrusion Detection / Prevention System (IDS/IPS)

200

What type of malware spreads automatically across networks without user interaction?

Worm

200

What is MFA?

Multi-Factor Authentication

300

What does DNS stand for, what does it do and what port does it run on?

Domain Name System translates human readable domains into IP addresses. It runs on port 53

300
This attack exploits a website's database by inserting malicious code into input fields

SQL Injection 

300

This team is responsible for detecting, investigating, and responding to cybersecurity incidents within an organization.


Incident Response Team

300

What malware encrypts a victim's files and demands payment to restore access

Ransomware

300

What is RBAC?

Role-Based Access Control

400

This device forwards packets based on MAC address 

Switch 

400

This attack tricks users into connecting to a fake Wi-Fi network that looks legitimate 

An Evil Twin Attack 

400

What security tool continuously monitors endpoints to detect, investigate, and respond to suspicious activity?

EDR, Endpoint Detection and Response

400

This type of malware records keystrokes to steal sensitive information like passwords 

Keylogger

400

What is a VPN?

Virtual Private Network

500

What protocol is used to automatically assign IP addresses to devices on a network?

Dynamic Host Configuration Protocol (DHCP)

500
What is the name of the framework that provides a detailed knowledge base of adversary tactics, techniques and procedures (TTPs)1/

MITRE ATT&CK framework 

500

What is the 2nd step of the Incident Response Plan?

Identification - detecting and confirming an incident 

500

What type of adversary is highly sophisticated and is known for developing advanced malware 

Nation-State actors 

500

What is the IAAA?

Identification, Authentication Authorization, and Accounting

M
e
n
u