Cyber Semester 1 Final Review

Hacking Techniques

Social Engineering

Cybersecurity Basics

Password Security

System Hardening

100

Which two steps of hacking are most likely to involve social engineering?

Reconnaissance, Gaining Access

100

What is the goal of social engineering?

To manipulate individuals into divulging sensitive information

100

In the CIA Triad, what does the “C” stand for?

Confidentiality

100

A password is an example of ___________ to prove who you are.

Something you know

100

Administrator privileges provide a user with ___________.

Full control of system settings

200

What type of attack tests weak passwords against a large number of accounts?

Credential stuffing

200

Which is NOT a reason that social engineering is so successful?

Technology-based systems are easy to bypass

200

What is the single most important thing you can do to secure a system?

Install updates regularly

200

Which of these is NOT a good practice to create a secure password?

Using your birthdate

200

A ___________ is a tweak to the OS code that will fix an issue in how it runs or compatibility with devices and applications.

Patch

300

A software program that automates the process of trying all possible combinations of characters to determine a password is called?

Brute force attack

300

Which social engineering technique is best protected against by using a security guard or turnstile?

Tailgating

300

What is the term for proving who you are so trust can be established between you and another party?

Authentication

300

What are two reasons a passphrase is recommended instead of a password?

Easier to remember, Harder to crack

300

Before deciding on hardening procedures, it is a good idea to use ___________ as a reference for best practices.

NIST guidelines

400

What type of attack tries a lot of known passwords against just one account?

Dictionary attack)

400

What is a phishing attack that targets a specific individual or organization?

Spear Phishing

400

When a database is exposed or stolen, it is said to be a?

Data breach

400

A one-way algorithm used to encrypt a password for secure storage is called?

Hashing

400

The best way to survive a ransomware attack is ___________.

Having secure backups

500

Hackers use a special tool called ___________ to scan the Internet for open devices.

Shodan

500

Explain the two conditions data must meet to be considered OSINT.

Be publicly available, Be legally obtained

500

For backups, the 3-2-1 rule is the best practice. What does it mean

3 copies of data, 2 different storage media, 1 offsite backup)

500

What is a common method used to mitigate the effectiveness of rainbow table attacks?

Salting passwords

500

What is the primary purpose of penetration testing during the hardening process?

To identify and remediate vulnerabilities before attackers can exploit them.