Hacking Wizardry
Digital Detective Work
Shark Nmap Attacks
Cryptic Ciphers
Malware Madness
100

What is a "C2 server" short for?  
______ and _______ server.

Command and Control server

100

Ghidra is a software reverse engineering (SRE) suite of tools developed by?

NSA

100

___ is designed to transfer files with ease, so it focuses on simplicity rather than security (uses port 21 / 20).

FTP
100

What encoding converts "HELLO" to "EB61EEAD90E3B899C6BCBE27AC581660"?

MD5

100

This organization often provides guidelines for malware analysis.

MITRE

200

A name for a collection of compromised systems that can be used as a platform for a DDoS (Distributed Denial of Service) attack?

Botnet

200

What do EnCase, Forensic Toolkit (FTK) and The Sleuth Kit (TSK) all have in common?

Forensic tools used to examine data on a hard drive

200

what does  "nmap -sS" command do?

TCP SYN Port scan

200

A technique to add additional data to an input before it is stored as a hash (which can also provide protection against attacks that use rainbow tables).

Salting 

(Provides protection against precomputed tables and can also prevent duplicate passwords from being identified).

200

Inetsim is a program that only runs on which operating system?

Linux

300

What tool can recover Windows account passwords from RAM?

Mimikatz

300
Name everyone in the room that is PRESENT 

Who is Michael, Jonathan, Parker, Howard, Austin, Pranava 

300

Which service uses port 53 by default?

DNS

300

What term is used to describe the property of a secure network where a sender cannot deny having sent a message?

Non-repudiation

300

Malicious code activated by a specific event is called

Logic Bomb

400

A type of connection in which the attacker machine has a listener port open to receive a connection from the victim machine?

reverse shell

400

In this case, forensic experts analyzed email accounts from his time at Harvard and found no signs of the email chain this individual produced alleging an agreement between the two to share the company 50/50.

What is the case of Paul Ceglia vs Mark Zuckerberg

400

How many legs does a spider have?

8

400

A technique that uses a cryptographic hash function or a block cipher repeatedly in a loop (hashing a hash in iteration).

Key stretching

400

This type of analysis analyzes malware without executing it.

Static analysis

500

The name of the computer that beat the best human Jeopardy player ever.

IBM Watson

500

A Digital forensic tool highlighted in the BTK serial killer case.

What is EnCase?

500

What is the name of the pcap driver used when running Wireshark on a Windows computer?

winpcap

500

How many bones does a shark have?

0

500

A DLP (Data Loss Prevention) solution that scans endpoints and mail on production servers is to prevent what?

Data exfiltration