1.1
This is the first phase of the cyber kill chain. (Explain what happens in it)
What is reconnaissance, and where attackers gather information about the targeted system or network to identify vulnerabilities?
This is the formula for finding out Risk. (Risk = ?)
What is Likelihood * Severity?
This is a type of social engineering attack where a person tries to gain entry into a building without being authenticated or authorized, most commonly seen as following a person through a doorway.
What is Tailgating?
A device used to detect any movement or activity.
What is a motion sensor?
(Answer this question while doing pushups)
This is relatively low-skilled adversaries who rely on malicious code and tactics, often not understanding the tools or targets they use.
What are script kiddies?
This is an attack where the attacker interrupts the data stream between two parties and captures or alters the data(AKA On-path attack).
What is a man-in-the-middle attack?
This is a type of control meant to fix problems and restore systems to the operational state. (Hint: _____ control)
What is Corrective Control?
These are ways to keep a device's privacy. (Provide 2)
Include 2 of the following:
What are locking computers, clearing sensitive paper documents, using privacy screens, and using more complex passwords?
This is a tool/method that allows companies to keep records of everyone who comes in and out of the center.
What are visitor logs?
(Answer this question like you're are a conductor. Your two partners must be the musicians.)
This is a physical safety device used to protect electronic devices from sudden spikes in voltage/power.
What is a surge protector?
These are common principles used in social engineering attacks. (Only need to say one)
Any of the following could be used:
What are Authority, Intimidation, Consensus, Scarcity, Urgency, and Familiarity?
This is the difference between Qualitative and Quantitative analysis.
What is:
Qualitative: addressing risk through descriptions, like likelihood and severity
Quantitative: addressing risk through numerical values, often associated with monetary costs
This is an attack where the adversary makes a copy of a user's access card to gain unauthorized access.
What is card cloning?
This is a physical tool used to secure ports and prevent unauthorized data access or malware infections.
What are USB port blockers?
(Answer this by hitting a dance of your own choice)
A government data center contains valuable data, yet under a recent audit, it was found that the data server room lacked a lock and had an unmonitored hallway in front of it.
This is a _________ risk. (Explain)
What is a high risk, due to having severe vulnerabilities and sensitive data being protected?
These are the definitions of grey, black, and white hat hackers and examples of each.
What are:
Black hat: malicious criminals committing illegal acts for their own gain. Ex: Cyberterrorists
Gray hat: works in a legal gray area, accessing systems without authorization but without malicious intent. Ex: Hacktivists
White hat: ethical, authorized security experts. Ex: Pentration testers
These are the differences between Physical, Technical, and Managerial Controls and examples of each.
What are:
Physical: provide physical security. Ex: camera
Technical: provide security to digital/online systems. Ex: Firewall
Managerial: rules, guidelines, policies, & procedues for what security should be. Ex: Incident Response Plan(IPR)
This is a policy or procedure that specifically describes how the company can quickly resume work after an incident like a natural disaster or cyberattack.
What is a Disaster Recovery Plan(DPR)?
This is a consequence/negative side effect of placing motion sensors in high-traffic areas.
What is "the potential to create many false alarms, resulting in the alarm being taken less seriously in real instances?"
(Answer this question by rapping your answer, with flow)
This is the definition of a credential harvester.
What is a fake login site that looks like the real login site to harvest the unsuspecting users credentials?
These are all the phases of the Cyber Kill Chain in order.
These are the 4 options companies have to manage risk. (Explain)
What are:
Avoid: Removes the risk entirely
Transfer: Hands off the risk to a third party
Mitigation: Lowers the chance or impact of the risk from happening again
Accept: Recognizes the risk but is willing to accept it
4 ways to environmentally protect a data center:
Include at least 4 of the following:
What are water sensors, humidity/temperature monitors, flood control systems, UPS, fire suppression systems, smoke detectors, backup generators, raised server racks?
This is an attack where an unauthorized person tricks an employee into letting them into a secure area without getting their identity verified.
(Provide the tool used to prevent this attack and how it does it)
What is piggybacking and using an access control vestibule at entry points to monitor and authorize all personnel entering or leaving the facility?
(Answer this question while acting like you're a runway model, so strut down the classroom)
These are the differences between hot, cold, and warm sites.
What are:
Hot: fully equipped backup sites that can immediately take over operations after a disaster in minutes to hours
Warm: has most hardware needed and can be ready to go in hours or days
Cold: empty facility without equipment that takes days to weeks to be ready