Show:
Definitions
Cyber Kill Chain
Types of Hackers
Frameworks & Standards
Security Controls
100

What is the type of malware that is designed specifically to damage or disrupt a system?

VIRUS

100

Exploitation

This phase involves attackers taking advantage of vulnerabilities in target systems to execute their payload and gain initial access.

100

Inexperienced Hackers

Script Kiddies

100

Standards for the protection of sensitive patient health information.

HIPPA

100

Name one detective control measure

IDS

IPS

Log Analysis

SIEM

Audit Trails

200

Define Cyber Security

Cybersecurity is the practice of protecting systems, networks, and programs from unauthorized access or digital attacks.

200

This phase involves crafting an exploit or malware payload, often tailored to specific vulnerabilities discovered during reconnaissance.

Weaponization

200

What are ethical hackers called?

White Hat Hackers

200

This framework used for adversary emulation and threat intelligence.

MITRE ATT&CK Framework

200

What are preventive controls?

Controls put in place to prevent security incidents from occurring by reducing vulnerabilities and deterring threats

300

The Principle of Cyber security that ensures your digital messages, files, or data remain unchanged from sender to receiver.

INTEGRITY

300

Gathering information about potential targets, such as IP addresses, domain names, and employee email addresses.

Reconnaissance

300

These hackers operate between the realms of ethical and malicious hacking. 

Grey Hat Hackers

300

Nigerian Act that aims to strengthen data protection and privacy for Nigerian citizens.

NDPA

300

Name 3 preventive control measures.

Firewalls

Encryption 

Access controls

Security polices

Anti-malware 

400

An Internet-based conflict that involves the penetration of computer systems and networks of other nations is called?

Cyberwarfare 

400

Communication channels are being established to remotely control the compromised system.

Command and Control

400

Employees that misuse their authorized access for malicious purposes

Insider Threats

400

This industry standard aims to enhance payment card data security and reduce credit card fraud.

PCI DSS

400

Define corrective controls, and name 1

They are security measures used to mitigate the effects of a security incident after it has occurred. 

Backup and Recovery

Patch Management

Incident Response Plans

Data Recovery

System Hardening, etc.

500

Define BEC

 A type of cyberattack where criminals impersonate trusted individuals within an organisation to defraud it.

500

This involves achieving the attacker's ultimate goal, which could include data theft, system disruption, or espionage.

Actions on Objectives

500

Cyberattacks for political or ideological reasons, often targeting government agencies, corporations, or individuals.

Hacktivists

500

Mention 3 frameworks, standards, or laws

NIST Cybersecurity Framework

NDPA

GDPR

ISO/IEC 27001

PCI DSS

FISMA

HIPAA

NIST SP 800-53

500

Name one preventive, detective, and corrective control measure and explain

Preventive - firewalls, encryption, policies, anti-malware, etc.

Detective – IDS, IPS, SIEM, Log analysis, etc.

Corrective - Backup & Recovery, Incident response plan, Data recovery, Patch Management, etc.