Vulnerabilities
Attack Patterns
Prevention
Malware
Trivia
100
A vulnerability of a software or technology that is only discovered once an attack is launched
What is a zero day vulnerability?
100
Software that tracks the user's key input, hoping to figure out sensitive information like passwords or credit card information
What is a keylogger?
100
The technique by which data is converted into some code, so as to ensure no third party can view it.
What is encryption?
100
A kind of malicious software that holds data from users until money is provided.
What is Ransomware?
100
The process by which nations try to gain advantage over each other online.
What is cyberwarfare?
200
Vulnerability by which user input is never checked by the software, enabling injection attacks
What is unvalidated input?
200
The practice of sending emails pretending to be from known companies or individuals in order to lure people to share sensitive information
What is phishing?
200
Collection of repeatable queries against security event data sources that lead to incident detection and response
What is a playbook?
200
A type of malware that propagates by inserting a copy of itself into and becoming part of another program.
What is a virus?
200
A network of multiple compromised machines, that can be used by malicious users to launch attacks.
What is a botnet?
300
Anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory locations.
What is a buffer overflow?
300
a trial and error method used by application programs to decode encrypted data by trying all possible permutations
What is a brute force attack?
300
a network security system, either hardware- or software-based, that uses rules to control incoming and outgoing network traffic.
What is a firewall?
300
A type of malware that exploit network vulnerabilities to propagate itself to multiple machines independently.
What is a worm?
300
Operating system for which there are no known security exploits
What is nothing?
400
Scenario where the execution of programs is mistimed, leading to possible security vulnerabilities
What is a race condition?
400
An attack pattern that relies on multiple machines sending request to a server in order to overwhelm it, bringing it down or denying other users access.
What is DDOS?
400
An authentication strategy that relies on a physical device or biometric data.
What is two-factor authentication?
400
A harmful software that is disguised as a legitimate software, relying on users to willingly download and install it on their machines.
What is a Trojan?
400
The most recent version of an authentication strategy that relies on a middle man. This enables logging in with google or facebook etc.
What is OAuth 2.0?
500
The greatest, hardest to fix, most constant security issue that affects all organizations.
What is the people who work there?
500
an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.
What is a man-in-the-middle attack?
500
data or software designed to lure an attacker, in order to learn from their attack patterns
What is a honeypot?
500
Software that enables privileged access to a machine or part of a machine.
What is a rootkit?
500
The first documented worm in history. This software accidentally brought down a large chunk of the US internet in 1988.
What is the Morris worm?