Security Concepts
A weakness that could be triggered accidentally or exploited intentionally to cause a security breach.
What is a vulnerability?
This actor or agent is one that has no account or authorized access to the target system
What is an external threat?
This is a variation of an ARP poisoning attack where a switch's cache table is inundated with frames from random source MAC addresses.
What is MAC flooding?
An attack that exhausts a DHCP server's address pool
What is DHCP starvation attack?
A triathlon is an endurance multisport race consisting of swimming, cycling and running over various distances. These are the two sports of a biathlon in the winter olympics.
What is cross-country skiing and rifle shooting?
This is data that can be used to identify or contact an individual (or, in the case of identity theft, to impersonate them)
What is Personally Identifiable Information (PII)?
This allows a threat actor to discover the topology and general configuration of the network and security systems.
What is footprinting?
This is exploiting a misconfiguration to direct traffic to a different VLAN without authorization.
What is VLAN hopping?
An attack where a threat actor injects false resource records into a client or server cache to redirect a domain name to an IP address of the attacker's choosing.
What is poisoning?
What is spoofing?
This was the one song sung in English during Super Bowl XL (60).
What is Die with a Smile by Lady Gaga?
(100 points each) Data can be described as being in one of three states:
What is at rest?
What is in transit/motion?
What is in use/processing?
A group of hosts or devices that has been infected by a control program, which enables attackers to exploit the hosts to mount attacks. Also referred to as a zombie.
What is a botnet?
This is an attack where the threat actor makes an independent connection between two victims and is able to read and possibly modify traffic. A.K.A. "Man-in-the-Middle (MitM)," "Manipulator in the Middle," "Machine in the Middle," and "Adversary in the Middle (AitM)"
What is on-path attack?
This is a common indicator of a compromised machine in the context of DNS attacks.
What is Suspect entries in the HOSTS file?
Name one of the next few GCIT events within the next month.
What is the Talent Show (Feb 20th)?
What is the Red Cross Blood Drive (Feb 25th)?
What is the School Musical (Mar 10-14th)?
What is NJGPA State Testing (Mar 16-19th)?
This is an audit process and tools for verifying compliance with a compliance framework or configuration baseline. For example verifying compliance with a health policy by using host health checks.
What is posture assessment?
This sophisticated malware attack that remains undetected.
What is an advanced persistent threat (APT)?
This feature of 802.1Q do VLAN hopping attacks exploit.
What is Native VLANs?
This is the MOST likely cause of clients ending up with an incorrect IP configuration.
What is A rogue DHCP server on the network?
Mr. Favat is obsessed with Milano Cortina Winter Olympics 2026. This country is leading in the medal count (all gold, silver, & bronze).
What is Norway?
(100 points each) This unit talks about five specific social engineering techniques. Two are very similar.
What is phishing?
What is shoulder surfing?
What is tailgating & piggybacking?
What is dumpster diving?
(100 points each) This unit talks about five types of malware attacks.
What is viruses?
What is worms?
What is Trojans?
What is PuPs? PuAs?
This is the primary purpose of the Spanning Tree Protocol (STP) in a network.
What is to prevent switching loops?
This is where users purchase or introduce computer hardware or software to the workplace without the sanction of the IT department and without going through a procurement and security analysis process.
What is shadow IT?
Tralalero Tralala, Chimpanzini Bananini, Bombardiro Crocodilo, Tung Tung Tung Sahur, Ballerina Cappuccina, Frigo Camelo, Trippi Troppi Troppa Trippa
What is Italian brainrot?