COMPUTER SECURITY JEOPARDY FINAL PART 1

Linux/Unix (CLI and structure)

Tools We Used

Vocab Words

Security Concepts

Long Answer Questions (?!)

100

This command lists all files and directories inside of the one you're currently in.

What is ls?

100

This Java framework was used to provide easy authentication and authorization.

What is Spring Security?

100

This european privacy law contains the 'right to be forgotten'

What is GDPR?

100

This client-side attack injects a script into the system, intending for the script to run on another user's machine.

What is XSS (Cross Site Scripting)?

100

When should imaging a disk happen in the digital forensics process?

It should happen before any changes to the digital system have been made.

200

This command is used to find specific patterns in a file.

What is grep?

200

This tool was used to recover 'deleted' files from an image.

What is Foremost (or Autopsy)?

200

This type of attack is an attempt to get some credentials from a user by impersonating a trusted authority.

What is a phishing attack? (I'll also take social engineering)

200

These are the three pillars of the CIA triad.

What are Confidentiality, Integrity, and Availability?

300

This tool was used to intercept network requests by establishing a proxy.

Burpsuite (or ZAP)

300

This firewall filter is configured based on the contents of an incoming network request

What is a packet filter?

300

This form of control focuses on a user's role within an organization.

What is RBAC? (Role Based Access Control).

300

What is a DNS? Why would you want to use a different one from default?

DNS = Domain Name System!

An ip is given to every site/service, used to identify your own system.

You want to change it because your ISP can see all the domains you visit by default. Also not all default DNS support encryption.

400

Where would your hashed passwords be located in a Linux directory?

/etc/shadow

400

This tool is used to generate free Certificates for websites.

What is Let's Encrypt?

400

This attack focuses on accessing information by manipulating file paths.

What is path injection?

400

This security concept states that you should only need the minimum amount of access in order to perform tasks.

What is Principle of Least Privilege?

400

What are two reasons you would receive a warning when visiting a website?

Certificate not present or expired, outdated cipher suites/cipher suite mismatch, domain/hostname mismatch, CA not trusted

500

This open-source tool is a database management system.

What is MariaDB?

500

This OWASP Vulnerability focuses on a system being set up with improper security measures.

What is Security Misconfiguration?

500

These two types of encryption are used (in order) in a TLS handshake to first exchange keys, and then perform the rest of communication.

What are asymmetric encryption and symmetric encryption?

500

What is a pro and a con of implementing multi factor authentication?

Pro:

-More secure

Con:

-Could annoy users, causing insecure behavior

-Is is out of band?