kyou
  • WHOAMI
    • Robemar Aviles
  • Tryhackme
    • View
      • Advent of Cyber 2024
        • Day 01
        • Day 02
      • Boiler CTF
      • Anonymous
      • Archangel
      • Lian_Yu
      • Gaming Server
      • Chocolate Factory
      • Easy Peasy
      • Brute It
      • Ignite
      • Brooklyn Nine Nine
      • TryHack3M: Bricks Heist
      • Dreaming
      • Overpass 1
      • SQLMAP
      • Chill Hack
      • Year of the rabbit
      • Become a hacker
      • Golden Eye
      • Mr. Robot
      • Linux File System Analysis
      • Skynet
      • Fowsniff
      • Introduction to OWASP Zap
      • Brute Force Heroes
      • Game Zone
      • Lazy Admin
      • Bounty Hacker
      • OOB XXE
      • HackPark
      • Alfred
      • Windows Local Persistence
      • Hacking with PowerShell
      • Phishing
      • Python for Pentesters
      • Wireshark: The Basics
      • Hydra
      • Governance & Regulation
      • Junior Security Analyst Intro
      • Wonderland
      • Burp Suite: The Basics (Old)
      • Burp Suite: Extensions
      • Burp Suite: Other Modules
      • Burp Suite: Intruder
      • Net Sec Challenge
      • Nmap Post Port Scans
      • Nmap Advanced Port Scans
      • Nmap Basic Port Scans
      • Nmap Live Host Discovery
      • Protocols and Servers 2
      • Protocols and Servers
      • Command Injection
      • Cross-Site Scripting
      • Vulnerability Capstone
      • Exploit Vulnerabilities
      • Intro to SSRF
      • File Inclusion
      • IDOR
      • Authentication Bypass
      • Subdomain Enumeration
      • Windows Privilege Escalation
      • Steel Mountain
      • Upload Vulnerabilities
      • Blue
      • Looking Glass
      • Metasploit: Exploitation
      • Metasploit: Meterpreter
      • What the shell?
      • Common Linux Privesc
      • John The Ripper
      • Hashing - Crypto 101
      • Crack the hash
      • Res
      • Wireshark: The Basics
      • Network Services 2
      • Network Services
      • Break Out The Cage
      • Anthem
      • Ice
      • Startup
      • Kenobi
      • Bolt
      • Basic Pentesting
      • Linux Privilege Escalation
      • Source
      • Agent Sudo
      • Red Team Fundamentals
      • Red Team Engagement
      • Cyborg
      • Pre Security
        • OSI Model
        • Packets & Frames
        • Extending your network
        • Putting it all together
        • How websites work
      • Introduction to Cyber Security
        • Intro to Defensive Security
        • Careers in Cyber
        • Network Security
        • Security Operations
        • Operating System Security
  • Hack the box
    • View
      • Oopsie
      • Windows Fundamentals
      • Archetype
      • Bizness
      • Three
      • Redeemer
      • Dancing
      • Fawn
      • Meow
      • Responder
      • Crocodile
      • Sequel
      • Appointment
  • Academy HTB
    • View
      • Bug Bounty Hunter
        • Before exam
        • Exploits
          • HTML Injection
          • Cross-Site Scripting (XSS)
          • Cross-Site Request Forgery (CSRF)
          • SQL Injection
          • Local File Inclusion (LFI)
          • Remote File Inclusion
          • Command Injection
          • Insecure Direct Object Reference (IDOR)
          • XML External Entity (XXE)
        • Commands
          • curl
          • mysql
        • Web Requests
          • Hypertext Transfer Protocol (HTTP)
          • Hypertext Transfer Protocol Secure (HTTPS)
          • HTTP Requests and Responses
          • HTTP Headers
          • HTTP Methods and Codes
          • GET
          • POST
          • CRUD API
        • Introduction to Web Applications
          • Introduction
          • Web Application Layout
          • Front End vs. Back End
          • HTML
          • CSS
          • JavaScript
          • Sensitive Data Exposure
          • HTML Injection
          • Cross-Site Scripting (XSS)
          • Cross-Site Request Forgery (CSRF)
          • Back End Servers
          • Web Servers
          • Databases
          • Development Framework & APIs
          • Common Web Vulnerabilities
          • Public Vulnerabilities
          • Next Steps
        • Attacking Web Application with Ffuf
          • Introduction
          • Web Fuzzing
          • Directory Fuzzing
          • Page Fuzzing
          • Recursive Fuzzing
          • DNS Records
          • Sub-domain Fuzzing
          • Vhost Fuzzing
          • Filtering Results
          • Parameter Fuzzing - GET
          • Parameter Fuzzing - POST
          • Value Fuzzing
          • Skills Assessment
        • SQL Injection Fundamentals
          • Introduction
          • Intro to Databases
          • Types of Databases
          • Intro to MySQL
          • SQL Statements
          • Query Results
          • SQL Operators
          • Intro to SQL Injections
          • Subverting Query Logic
          • Using Comments
          • Union Clause
          • Union Injection
          • Database Enumeration
          • Reading Files
          • Writing Files
          • Mitigating SQL Injection
          • Skills Assessment - SQL Injection Fundamentals
        • File Inclusion
          • Intro to File Inclusions
          • Local File Inclusion (LFI)
          • Basic Bypasses
          • PHP Filters
          • PHP Wrappers
          • Remote File Inclusion (RFI)
          • LFI and File Uploads
          • Log Poisoning
          • Automated Scanning
          • File Inclusion Prevention
          • Skills Assessment - File Inclusion
        • Web Attacks
          • Introduction to Web Attacks
          • Intro to HTTP Verb Tampering
          • Bypassing Basic Authentication
          • Bypassing Security Filters
          • Verb Tampering Prevention
          • Intro to IDOR
          • Identifying IDORs
          • Mass IDOR Enumeration
          • Bypassing Encoded References
          • IDOR in Insecure APIs
          • Chaining IDOR Vulnerabilities
          • IDOR Prevention
          • Intro to XXE
          • Local File Disclosure
          • Advanced File Disclosure
          • Blind Data Exfiltration
          • XXE Injector
          • XXE Prevention
          • Web Attacks - Skills Assessment
      • Penetration Tester
        • Getting Started
          • Infosec Overview
          • Getting Started with a Pentest Distro
          • Staying Organized
          • Connecting Using VPN
          • Common Terms
          • Basic Tools
          • Service Scanning
          • Web Enumeration
          • Public exploits
          • Types of shells
          • Privilege Escalation
          • Transferring Files
          • Starting Out
          • Navigating HTB
          • Nibbles - Enumeration
          • Nibbles - Web Footprinting
          • Nibbles -Initial Foothold
          • Nibbles - Privilege Escalation
          • Nibbles - Alternate User Method - Metasploit
          • Common Pitfalls
          • Getting Help
          • Next Steps
          • Knowledge Check
        • File Transfer
          • Introduction
          • Windows File Transfer Methods
          • Linux File Transfer Methods
          • Transferring Files with Code
          • Miscellaneous File Transfer Methods
          • Protected File Transfers
          • Living off The Land
          • Detection
          • Evading Detection
        • Using the Metasploit Framework
          • Preface
          • Introduction to Metasploit
          • Introduction to MSFconsole
          • Modules
          • Targets
          • Payload
          • Encoders
          • Databases
          • Plugins
          • Sessions
          • Meterpreter
          • Writing and Importing Modules
          • Introduction to MSFVenom
          • Firewall and IDS/IPS Evasion
          • Metasploit-Framework Updates - August 2020
        • Shells & Payloads
          • Shells Jack Us In, Payloads Deliver Us Shells
          • CAT5 Security's Engagement Preparation
          • Anatomy of a Shell
          • Bind Shells
          • Reverse Shells
          • Introduction to Payloads
          • Automating Payloads & Delivery with Metasploit
          • Crafting Payloads with MSFvenom
          • Infiltrating Windows
          • Infiltrating Unix/Linux
          • Spawning Interactive Shells
          • Introduction to Web Shells
          • Laudanum, One Webshell to Rule Them All
          • Antak Webshell
          • PHP Web Shells
          • The Live Engagement
          • Detection & Prevention
        • Penetration Testing Process
          • Introduction to the Penetration Tester Path
          • Academy Modules Layout
          • Academy Exercises & Questions
          • Penetration Testing Overview
          • Laws and Regulations
          • Penetration Testing Process
          • Pre-Engagement
          • Information Gathering
          • Vulnerability Assessment
          • Exploitation
          • Post-Exploitation
          • Lateral Movement
          • Proof-of-Concept
          • Post-Engagement
          • Practice
        • Network Enumeration with Nmap
          • Enumeration
          • Introduction to Nmap
          • Host Discovery
          • Host and Port Scanning
          • Saving the Results
          • Service Enumeration
          • Nmap Scripting Engine
          • Performance
          • Firewall and IDS/IPS Evasion
          • Firewall and IDS/IPS Evasion - Easy Lab
          • Firewall and IDS/IPS Evasion - Medium Lab
          • Firewall and IDS/IPS Evasion - Hard Lab
        • Footprinting
          • Enumeration Principles
          • Enumeration Methodology
          • Domain Information
          • Cloud Resources
          • Staff
          • FTP
          • SMB
          • NFS
          • DNS
          • SMTP
          • IMAP / POP3
          • SNMP
          • MySQL
          • MSSQL
          • Oracle TNS
          • IPMI
          • Linux Remote Management Protocols
          • Windows Remote Management Protocols
          • Easy Lab
          • Medium Lab
          • Hard Lab
        • Information Gathering - Web Edition
          • Information Gathering
          • Whois
          • DNS
          • Passive Subdomain Enumeration
          • Passive Infrastructure Identification
          • Active Infrastructure Identification
          • Active Subdomain Enumeration
          • Virtual Hosts
          • Crawling
          • Information Gathering - Web - Skills Assessment
        • Attacking Common Services
          • Interacting with Common Services
          • The Concept of Attacks
          • Service Misconfigurations
          • Finding Sensitive Information
          • Attacking FTP
          • Latest FTP Vulnerabilities
          • Attacking SMB
          • Latest SMB Vulnerabilities
          • Attacking SQL Databases
          • Latest SQL Vulnerabilities
          • Attacking RDP
          • Latest RDP Vulnerabilities
          • Attacking DNS
          • Latest DNS Vulnerabilities
          • Attacking Email Services
          • Latest Email Service Vulnerabilities
          • Attacking Common Services - Easy Lab
          • Attacking Common Services - Medium
          • Attacking Common Services - Hard
        • Login Brute Forcing
          • Introduction to Brute Forcing
          • Password Attacks
          • Default Passwords
          • Username Brute Force
          • Hydra Modules
          • Determine Login Parameters
          • Login Form Attacks
          • Personalized Wordlists
          • Service Authentication Brute Forcing
          • Skills Assessment
          • Skills Assessment 2
        • Password Attacks
          • Theory of Protection
          • Credential Storage
          • John The Ripper
          • Network Services
          • Password Mutations
          • Password Reuse / Default Passwords
          • Attacking SAM
          • Attacking LSASS
          • Attacking Active Directory & NTDS.dit
          • Credential Hunting in Windows
          • Credential Hunting in Linux
          • Passwd, Shadow & Opasswd
          • Pass the Hash (PtH)
          • Pass the Ticket (PtT) from Windows
          • Pass the Ticket (PtT) from Linux
          • Protected Files
          • Protected Archives
          • Password Policies
          • Password Managers
          • Password Attacks Lab - Easy
          • Password Attacks Lab - Medium
          • Password Attacks Lab - Hard
        • Pivoting, Tunneling, and Port Forwarding
          • Introduction to Pivoting, Tunneling, and Port Forwarding
          • The Networking Behind Pivoting
          • Dynamic Port Forwarding with SSH and SOCKS Tunneling
          • Remote/Reverse Port Forwarding with SSH
          • Meterpreter Tunneling & Port Forwarding
          • Socat Redirection with a Reverse Shell
          • Socat Redirection with a Bind Shell
          • SSH for Windows: plink.exe
          • SSH Pivoting with Sshuttle
          • Web Server Pivoting with Rpivot
          • Port Forwarding with Windows Netsh
          • DNS Tunneling with Dnscat2
          • SOCKS5 Tunneling with Chisel
          • ICMP Tunneling with SOCKS
          • RDP and SOCKS Tunneling with SocksOverRDP
          • Skills Assessment
        • Active Directory Enumeration & Attacks
          • Introduction to Active Directory Enumeration & Attacks
          • Tools of the Trade
          • Scenario
          • External Recon and Enumeration Principles
          • Initial Enumeration of the Domain
          • LLMNR/NBT-NS Poisoning - from Linux
          • LLMNR/NBT-NS Poisoning - from Windows
          • Password Spraying Overview
          • Enumerating & Retrieving Password Policies
          • Password Spraying - Making a Target User List
          • Internal Password Spraying - from Linux
          • Internal Password Spraying - from Windows
          • Enumerating Security Controls
          • Credentialed Enumeration - from Linux
          • Credentialed Enumeration - from Windows
      • SOC Analyst
        • Incident Handling Process
          • Incident Handling
          • Cyber Kill Chain
          • Incident Handling Process Overview
          • Preparation Stage (Part 1)
          • Preparation Stage (Part 2)
          • Detection & Analysis Stage (Part 1)
          • Detection & Analysis Stage (Part 2)
          • Containment, Eradication, & Recovery Stage
          • Post-Incident Activity Stage
        • Security Monitoring & SIEM Fundamentals
          • SIEM Definition & Fundamentals
          • Introduction To The Elastic Stack
          • SOC Definition & Fundamentals
          • MITRE ATT&CK & Security Operations
          • SIEM Use Case Development
          • SIEM Visualization Example 1: Failed Logon Attempts (All Users)
          • SIEM Visualization Example 2: Failed Logon Attempts (Disabled Users)
          • SIEM Visualization Example 3: Successful RDP Logon Related To Service Accounts
          • SIEM Visualization Example 4: Users Added Or Removed From A Local Group (Within A Specific Timeframe
        • Understanding Log Sources & Investigating with Splunk
          • Introduction To Splunk & SPL
      • Windows Fundamentals
        • Introduction to Windows
        • Operating System Structure
        • File System
        • NTFS vs. Share Permissions
        • Windows Services & Processes
        • Service Permissions
        • Windows Sessions
        • Interacting with the Windows Operating System
        • Windows Management Instrumentation (WMI)
        • Microsoft Management Console (MMC)
        • Windows Subsystem for Linux (WSL)
        • Desktop Experience vs. Server Core
        • Windows Security
        • Skills Assessment - Windows Fundamentals
      • Introduction to Active Directory
        • Why Active Directory?
        • Active Directory Research Over the Years
        • Active Directory Structure
        • Active Directory Terminology
        • Active Directory Objects
        • Active Directory Functionality
        • Kerberos, DNS, LDAP, MSRPC
        • NTLM Authentication
        • User and Machine Accounts
        • Active Directory Groups
        • Active Directory Rights and Privileges
        • Security in Active Directory
        • Examining Group Policy
        • AD Administration: Guided Lab Part I
        • AD Administration: Guided Lab Part II
        • Wrapping It Up
      • Introduction to Networking
        • Networking Overview
        • Network Types
        • Networking Topologies
        • Proxies
        • Networking Models
        • The OSI Model
        • The TCP/IP Model
        • Network Layer
        • IP Addresses
        • Subnetting
  • Over The Wire
    • View
      • Bandit
        • Level 0
        • Level 1
        • Level 2
        • Level 3
        • Level 4
        • Level 5
        • Level 6
        • Level 7
        • Level 8
        • Level 9
        • Level 10
        • Level 11
        • Level 12
  • Under The Wire
    • View
  • PicoCTF
    • View
      • flag_shop
      • plumbing
      • Based
      • useless
      • chrono
      • First Find
      • runme.py
      • Serpentine
      • repetitions
      • Permissions
      • ASCII Numbers
      • Big Zip
      • PW Crack 4
      • PW Crack 3
      • PW Crack 2
      • PW Crack 1
      • HashingJobApp
      • Glitch Cat
      • fixme2.py
      • fixme1.py
      • convertme.py
      • Codebook
      • First Grep
      • Bases
      • strings it
      • what's a net cat?
      • Magikarp Ground Mission
      • Tab, Tab, Attack
      • Static ain't always noise
      • Transformation
      • Nice netcat...
      • information
      • Wave a flag
      • Python Wrangling
      • Mod 26
      • Obedient Cat
  • Portswigger
    • View
  • Hacker101
    • View
      • Micro-CMS v1
      • Trivial
  • Python
    • View
      • Files
        • Number 1 to 100
      • Hackerrank
        • Power - Mod Power
        • Mod Divmod
        • String Split and Join
        • What's Your Name?
        • Find the Runner-Up Score!
        • Print Function
        • Loops
        • Division
        • Arithmetic
        • Python If-Else
        • Hello World
  • SQL
    • View
      • Hackerrank
        • Higher Than 75 Marks
        • Weather Observation Station 1
        • Weather Observation Station 3
        • Weather Observation Station 4
        • Select By ID
        • Select All
        • Revising the Select Query II
        • Revising the Select Query I
        • Japanese Cities' Attributes
        • Japanese Cities' Name
  • Notes
    • View
      • IMPORTANTTTTT
        • Metasploit
        • Nmap
        • Laudanum
        • Sudo
        • LXD/LXC
      • Windows
        • Windows Management Instrumentation (WMI)
        • Windows Remote Management (WinRM)
        • NTDS.DIT
        • Built-in AD Groups
        • Schema Active Directory
        • Trusts Active Directory
        • Foreign Security Principals (FSPs)
        • Replication
        • SYSVOL
        • Fully Qualified Domain Name (FQDN)
        • Read-Only Domain Controller (RODC)
        • FSMO Roles
        • Global Unique Identifier (GUID)
        • Registry
        • User Account Control (UAC)
        • Access Control Entries (ACE)
        • Copying SAM Registry Hives
        • Security Accounts Manager (SAM)
        • Security Identifier (SID)
        • Execution Policy
        • Windows non-interactive accounts
        • Security Descriptor Definition Language (SDDL)
        • Windows System Structure
        • DACL and SACL
      • Nmap
        • Nmap UDP Scan
        • Nmap TCP Scans
        • Nmap Scripting Engine
      • Endpoint Detection and Response
      • SIEM
      • DMARC
      • Forward Proxy and Reverse Proxy
      • Brute Force/ Dictionary Attack
      • SMTP/IMAP/POP
      • Downloading subfinder
      • DNS
      • MITRE ATT&CK
      • Staged vs. Stageless Payloads
      • Server Log Poisoning
      • PHP Session Poisoning
      • secure_file_priv
      • Metasploit Payload
      • Metasploit Types
      • Types of Box
      • Vulnerable Machine/Applications
      • Cron Jobs
      • Webroot
      • Subdomains and Virtual hosts
      • Fuzzing/Gobuster Extensions
      • URI and URL
      • eXtensible Markup Language (XML)
      • Time to Live (TTL)
      • Stateful and Stateless Firewalls
      • IDS vs IPS vs SIEM
      • Intrusion Detection System (IDS) and Intrusion Prevention System (IPS)
      • Reconnaissance and Enumeration
      • Address Resolution Protocol
      • SSL Certificate
      • Transmission Control Protocol (TCP)
      • Dictionary and Brute Force Attack
      • Encoding, Encryption, Cryptography
  • Commands
    • View
      • Windows
        • Get-ADGroupMember
        • Get-ADGroup
        • Get-ADTrust
        • Get-ADUser
        • Get-ADDomain
        • Discover Modules
        • Get-LAPSComputers
        • Find-AdmPwdExtendedRights
        • Get-AppLockerPolicy
        • DomainPasswordSpray
        • PowerView
        • Inveight
        • Rubeus.exe
        • mimikatz.exe
        • Invoke-TheHash
        • laZagne.exe
        • Copying NTDS.dit via evil-winrm
        • Copying Registry Hives with reg.exe
        • reg add
        • net start
        • tscon
        • query user
        • New-PSDrive
        • findstr
        • dir
        • net use
        • net
        • Get-MpComputerStatus
        • Get-WmiObject
        • Get-ExecutionPolicy
        • get-alias
        • Get-ChildItem
        • Get-ACL
        • services.msc
        • tree
        • wmic
        • sc
        • icacls
        • winPEAS
        • Invoke-WebRequest
        • Certutil
        • Get-Service
      • Linux
        • steganography
          • Binwalk
          • Exiftool
          • steghide
          • stegseek
        • password cracking
          • John
          • Hashcat
        • remote desktop
          • rdesktop
          • xfreerdp
          • Remmina
        • common commands
          • grep
          • sed
          • env
          • watch
          • locate
          • tree
          • who
          • last/lastlog
          • stat
          • $PATH
          • 4 characters rockyou.txt
          • TR / CUT
          • Find
          • hexedit
          • Background Process
          • Sudo
          • netstat
          • xxd
        • web enumeration
          • Gobuster
          • ffuf/wfuzz
          • whatweb
        • linux blue team
          • chkrootkit
          • rkhunter
        • linux priv esc
          • laZagne
          • Getcap
          • Linpeas/LinEnum
          • SUID
          • crontab
        • credential hunting
          • Configuration Files
          • Credentials in Configuration Files
          • Databases
          • Notes
          • Scripts
          • Cronjobs
          • SSH
          • Bash History
          • Logs
          • mimipenguin.py
          • laZagne.py
          • firefox_decrypt.py
        • Zip files
          • gunzip
          • unzip
        • FTP
          • FTP - Connect
        • SSH
          • SSH - Connect
          • scp
        • DNS
          • host
          • subbrute
          • sublist3r
          • dnsdumpster
          • subfinder
          • dnsenum
          • dig
          • nslookup
          • fierce
        • SMTP
          • swaks
          • o365spray
          • smtp-user-enum
          • msfconsole
        • SMB
          • Hydra
          • metasploit
          • Sans SMB Cheatsheet
          • ntlmrelayx
          • Mount
          • SMB - Connect
          • netexec
          • Enum4Linux-ng
          • CrackMapExec
          • smbmap
          • rpcclient
          • impacket
          • Psexec
        • IMAP/POP3
          • telnet
          • Evolution
          • curl
          • openssl
          • IMAP - Commands
          • POP3 - Commands
        • SNMP
          • onesixtyone
          • snmpwalk
          • braa
        • Oracle TNS
          • odat
          • sqlplus
        • IPMI
          • msfconsole
        • Rsync
          • rsync
          • nc
          • nmap
        • R-Services
          • nmap
          • rlogin
          • rwho
          • rusers
        • MSSQL
          • MSSQL Commands
          • mssqlclient.py
          • sqsh
          • xp_cmdshell
        • RDP
          • Hydra
          • Crowbar
        • MySQL
        • NFS
        • WinRM
          • crackmapexec
          • Evil-Winrm
        • LDAP
          • ldapsearch
          • windapsearch
        • impacket
          • impacket-wmiexec
          • impacket-smbserver
          • impacket-samrdump
          • impacket-psexec
          • impacket-secretdumps
        • Port Forward
          • ssh
          • proxychains
          • chisel
          • rpivot
          • Netsh
        • bloodhound-python
        • kerbrute
        • tcpdump
        • Ping sweep
        • static binaries
        • Linikatz
        • Finding keytab
        • PS
        • realm
        • pypykatz
        • creds
        • cewl
        • username-anarchy
        • cupp
        • theHarvester
        • Responder
        • msf-virustotal
        • perl
        • php
        • ruby
        • aquatone
        • wafw00f
        • curl
        • msfconsole/meterpreter
        • sqlmap
        • arp-scan
        • nmap
        • Msfvenom
        • Res/PHP
        • enum4linux
        • md5sum
        • Python
        • Redis
        • Telnet
        • RSA
        • Medusa
        • Hydra
        • curl to python
      • LOLbas/GTFObins
      • SQL Injection
      • LFI
  • Google Chrome Password
    • Decrypt Google Chrome Password
    • LaZagne
  • Comptia Security+ 701
    • Professor Messor
      • Security Control
      • Zero Trust
      • Deception and Disruption
      • Change Management
      • Key exchange
      • Encryption Technologies
      • Obfuscation
      • Hashing and Digital Signatures
      • Blockchain Technology
      • Certificates
      • Threat Actors
      • Common Threat Vectors
      • Race Conditions
      • Hardware Vulnerabilities
      • Virtualization Vulnerabilities
      • Mobile Device Vulnerabilities
      • Spyware and Bloatware
      • Other Malware Types
      • Wireless Attacks
      • On-path Attacks
      • Replay Attacks
      • Cryptographic Attacks
      • Indicators of Compromise
      • Segmentation and Access Control
      • Mitigation Techniques
      • Hardening Techniques
      • Cloud Infrastructures
      • Network Infrastructure Concepts
      • Other Infrastructure Concepts
      • Infrastructure Considerations
      • Secure Infrastructures
      • Intrusion Prevention
      • Network Appliances
      • Port Security
      • Firewall Types
      • Secure Communication
      • Data Types and Classifications
      • States of Data
      • Protecting Data
      • Resiliency
      • Recovery Testing
      • Backups
      • Power Resiliency
      • Secure Baselines
      • Hardening Targets
      • Securing Wireless and Mobile
      • Wireless Security Settings
      • Application Security
      • Asset Management
      • Vulnerability Scanning
      • Threat Intelligence
      • Analyzing Vulnerabilities
      • Security Tools
      • Firewalls
      • Operating System Security
      • Email Security
      • Monitoring Data
      • Endpoint Security
      • Identity and Access Management
      • Access Controls
      • Multifactor Authentication
      • Password Security
      • Scripting and Automation
      • Incident Planning
      • Digital Forensics
      • Log Data
      • Security Policies
      • Security Procedures
      • Security Considerations
      • Data Roles and Responsibilities
      • Risk Management
      • Risk Analysis
      • Risk Management Strategies
      • Third-party Risk Assessment
      • Agreement Types
      • Compliance
      • Privacy
      • Audits and Assessments
      • Security Awareness
      • User Training
    • Incident Response Plan, Cyber kill chain
    • SD-WAN
    • MTTR, MTBF, RTO, RPO
    • NetFlow Logs
    • MTBF, MTTR, RPO, RTO
    • Data in-use, at-rest, in-transit
    • Disassociate vs Deauthentication
    • Data Custodians, Data Stewards, Data states, Data subject
    • Data Owners, Data Controllers, Data Processors
    • Public, Sensitive, Confidential, Restricted, Private, Critical
    • Bluejacking, Bluesnarfing, Bluebugging, Blueborne, Bluesmack
    • Private,Secret,Legal,Confidential
    • CTO,DPO,CIO,CSO
    • Amplified, Volumetric, Reflected, Application
    • Resource reuse, Resource exhaustion, Concurrent session usage
    • Rootkit, Backdoor
    • WPS,WAP,WPA,WAF,WPA2,WEP
    • MD5, SHA-3, RIPEMD-160,HMAC
    • CBC, GCM, ECB, CFB
    • ECDHE, ECDSA
    • PFS, PFX, ECB
    • Symmetric, Asymmetric
    • KEK
    • ECC, RC4, MD5, SHA-1, IDEA, DHE,DES,AES
    • TKIP, CCMP
    • AH, ESP, IKE
    • SMTPS,SRTP,SHTTP,S/MIME
    • GPG, PGP
    • FDE, EFS, SED
    • PKCS, PKI
    • BPA, BIA, SLE, and BCP
    • DLP, Radius, IPsec
    • keylogger
    • Compliance reporting, chain of custody, password vaults
    • SLE, ARO,ALE,RTO
    • Data owner, processor, subject, custodian
    • SCAP
    • SASE, RTOS, CRL
    • Playbook, Responsibility matrix, audit committee, right-to-audit
    • Blockchain, Secure enclave, Hashing
    • COPE, CYOD, SSO, BYOD
    • 802.1X, WPA3, PSK, MFA
    • Journaling
    • Record & Full-disk encryption
    • DMARC, SPF ,NAC, DKIM
    • RAS server
    • Vendors, Supplier, Distributors and MSP
    • Gap Analysis
    • Deception and disruption technology
    • Honeypot, token, file and net
    • Non-Repudiation
    • Data masking / Tokenization
    • open public ledger vs block chain
    • cryptographic key management (HSM, TPM, Secure Enclave, KMS)
    • Authentication methods
    • Wi-Fi Evolution | 802.11 Standards Explained
    • AAA and RADIUS vs TACACS+
    • asdasd
    • Phishing tactics
    • IDS/IPS - True/False Positive/Negative
    • Login Pacific
      • Chapter 1
      • Chapter 2
      • Chapter 3
      • Chapter 4
      • Chapter 5
      • Chapter 6
      • Chapter 7
    • Exam Compass
      • 601 - Test 1
      • Data Protection Concepts Quiz
      • Indicators of Malicious Activity Quiz
      • Application Attacks Quiz
      • Network Attacks Quiz
      • Malware Attacks Quiz
      • Security Vulnerabilities Quiz
      • Social Engineering Quiz
      • Threat Vectors & Attack Surfaces Quiz
      • Threat Actor Types Quiz
      • Digital Signatures Quiz
      • Hashing Quiz
      • Encryption Quiz
      • Security Controls Quiz
      • 701 - Test 1
      • 701 - Test 2
      • 701 - Test3
    • Udemy
      • CompTIA Security+ SY0-701: The Ultimate Practice Exam 2024
    • Crucial exam
      • Just 20 free qusetions
  • CCNA
    • Cisco Router, Firewall, Switch
    • UTP Cables / IEEE Ethernet Standard
    • OSI Model & TCP/IP Suite
    • Intro to the CLI
    • Ethernet LAN Switching
    • Ethernet LAN Switching (Part 2)
    • IPv4 Addressing (Part 1)
    • IPv4 Addressing (Part 2)
    • Switch Interfaces
    • IPv4 Header
    • Routing Fundamentals (Part 1)
    • Static Routing (Part 2)
    • The Life of a Packet
    • TRUE FORM OF SUBNET
    • Subnetting (Part 1)
    • Subnetting (Part 2)
    • Subnetting (Part 3 - VLSM)
    • VLANs (Part 1)
    • VLANs (Part 2)
    • VLANs (Part 3)
    • DTP/VTP
  • Malware Analysis Lab
  • TCM
    • Linux 100: Fundamentals
      • IP Sweep
    • Programming 100: Fundamentals
      • Functions
      • Basic Calculator
      • Lists
      • Tuples
      • Dictionaries
      • Importing
      • Sockets
      • Strings Revisite
      • Scanner
      • Writing Reusable and Testable Code
    • Practical Bug Bounty
      • LABS
        • Authentication 0x01
        • Authentication 0x02
        • Authentication 0x03 [Challenge]
        • Auth 0x04 IDOR 0x01
        • Auth 0x05 APIs 0x01
        • Auth 0x06
        • File Inclusion 0x01
        • File Inclusion 0x02
        • File Inclusion 0x03 [Challenge]
        • Injection 0x01
        • Injection 0x02
        • Injection 0x03 [Challenge]
        • Injection 0x04
        • XSS 0x01
        • XSS 0x02
        • XSS 0x03
        • Command Injection 0x01
        • Command Injection 0x02
        • Command injection 0x03 [Challenge]
        • SSTI 0x01
        • SSTI 0x02
        • XXE 0x01
        • Insecure file upload 0x01
        • Insecure file upload 0x02
        • Insecure file upload 0x03
        • CSRF 0x01
        • CSRF 0x02
        • SSRF 0x01
        • Open Redirect 0x01
      • Importantttttttt
      • Automated Scanner
      • XXE
      • SSTI
      • Command Injection
      • LFI/RFI
      • XSS
      • SQLi
      • Sites
      • sqlmap
      • curl
      • nmap
      • ffuf
      • dirb
      • dirbuster
      • subfinder
      • assetfinder
      • amass
      • Combining all result
      • httprobe
      • gowitness
      • burpsuite
      • hydra
      • JWT
      • authorize - burpsuite
    • Practical Web Hacking
      • Authentication
        • Lab: Password reset broken logic
        • Lab: Username enumeration via different responses
        • Lab: Username enumeration via subtly different responses
        • Lab: Username enumeration via response timing
        • Lab: Brute-forcing a stay-logged-in cookie
        • Lab: 2FA simple bypass
      • Access Control
        • Lab: User ID controlled by request parameter
        • Lab: Unprotected admin functionality
        • Lab: Insecure direct object references
        • Lab: Multi-step process with no access control on one step
        • Lab: Referer-based access control
      • SSRF
        • Lab: Basic SSRF against the local server
        • Lab: Basic SSRF against another back-end system
        • Lab: Blind SSRF with out-of-band detection
        • Lab: Blind SSRF with Shellshock exploitation
      • LFI/RFI
        • lab 1
        • lab 2
        • Lab: File path traversal, simple case
        • Lab: File path traversal, traversal sequences blocked with absolute path bypass
        • Lab: File path traversal, validation of start of path
      • XXE
        • Lab: Exploiting XXE using external entities to retrieve files
        • Exploiting XXE via image file upload
        • Lab: Exploiting XInclude to retrieve files
      • JWTs
        • jwt.io
        • Lab: JWT authentication bypass via unverified signature
        • Lab: JWT authentication bypass via flawed signature verification
      • find
      • ffuf
    • Web pen
Powered by GitBook
On this page
  1. Comptia Security+ 701
  2. Login Pacific

Chapter 6

What is one way to minimize the effectiveness of social engineering attacks?

Teaching users about social engineering tactics and underlying principles

What is the potential risk associated with opening a malicious attachment associated with invoice scams?

The user’s system might get infected with ransomware or other malware

What is the primary goal of a watering hole attack?

To infect a trusted website with malware and target its visitors

What is one way to thwart keyloggers as discussed in the text?

Using two-factor authentication (2FA)

What is the purpose of the Trusted Automated eXchange of Indicator Information (TAXII)?

Defines a set of services and message exchanges used to share information

The Trusted Automated eXchange of Indicator Information (TAXII) is an open standard that defines a set of services and message exchanges used to share information. It provides a standard way for organizations to exchange cyber threat information.

What is one reason an attacker might buy a domain name similar to a legitimate website, as discussed in the ’Earning ad revenue’ section?

To host pay-per-click ads

The text mentions that one reason attackers buy similar domains is to host pay-per-click ads. When visitors accidentally visit the site and click on these ads, advertisers pay revenue to the attacker.

What is the function of threat maps?

They provide a visual representation of active threats

What is the primary function of a beacon in an email phishing attack?

To verify the validity of recipient’s email address

In the context of email phishing, a beacon is used to verify the validity of the recipient’s email address. It includes a unique code that identifies the receiver’s email address, and once the user’s email program attempts to retrieve the linked image stored on the Internet server, it is confirmation to the server that the email address is valid.

What does closed/proprietary intelligence refer to in the context of cybersecurity?

Trade secrets and intellectual property of an organization

Which are some of the reported names for the APTs sponsored by the Iranian government?

Elfin Team, Helix Kitten, Charming Kitten

What is the main purpose of a whaling attack?

To target high-level executives for confidential company information

What are some common types of open source intelligence (OSINT) utilized by penetration testers or attackers?

Vulnerability databases and social media platforms

How do attackers use social media as an attack vector?

Gathering information on targets via social media

What is hybrid warfare?

A military strategy combining conventional warfare with unconventional methods to influence people

Why do social engineers often attempt to build rapport with a victim before launching an attack?

To make the victim like them and more likely to comply

What is the difference between identity theft and identity fraud based on the provided text?

Identity theft refers to stealing personal information while identity fraud refers to misuse of this stolen information.

What defines an Advanced Persistent Threat (APT) in the cyber security context?

An organized and sophisticated group of threat actors often sponsored by nation-states or governments.

Which of the following is usually a strong indicator of a system being part of a botnet?

There are large amounts of outgoing spam

Large amounts of outgoing spam from a desktop computer are usually a strong indicator that the system has been added to a botnet and is sending phishing emails as a zombie.

What is one of the reasons an attacker might purchase a domain similar to a legitimate one?

To resell the domain to the original owner at a profit

The text explicitly states that attackers can purchase similar domains with the intention of reselling them back to the original site owner at a large profit. This takes advantage of the owner’s need to maintain their brand’s integrity and prevent potential customer confusion or cyber attacks.

What is phishing?

It is an attempt to trick users into revealing sensitive information or clicking on a malicious link.

What is the role of a local industry group in the context of cybersecurity?

 To share and collaborate on information related to their industry

What are some effective methods to prevent shoulder surfing as mentioned in the text?

Positioning monitors and screens so unauthorized personnel cannot see them

Criminal syndicates and Advanced Persistent Threats (APTs) are both types of organized cyber threat actors, but have different primary motivations. What are the chief motivations of these groups?

APTs are motivated by political agendas, while Criminal syndicates aim for personal gain

Which of the following best describes a ’Black Hat’ as discussed in the given text?

A group of highly organized attackers, typically sponsored by nation-states or governments, that engage in targeted cyberattacks over a long period of time.

The given text describes ’Black Hat’ or an advanced persistent threat (APT) as a group of highly organized threat actors. These actors typically receive sponsorship and resources from nation-states or governments and conduct targeted, sophisticated cyberattacks over long periods of time. Such attacks often result in unauthorized access to systems and data for extended durations, allowing the actors to exfiltrate significant amounts of data.

Which of the following best describes pretexting in the context of social engineering?

It is a fictitious scenario added to a conversation to make a request more believable

Pretexting, in social engineering, involves creating a convincing false narrative (pretext) to persuade a target to reveal information or perform certain actions.

What is the classic Nigerian scam (also called a 419 scam) usually about?

Requesting a relative or acquaintance to access funds

The classic Nigerian scam, also known as a 419 scam, is typically an email from someone claiming that a relative or acquaintance has millions of dollars. The sender asserts that they can’t access the funds without the recipient’s help, often requiring them to pay a small sum of money with the promise of a large return that never materializes.

Which of the following best describes the term ’Advanced Persistent Threat (APT)’?

A sophisticated group of threat actors that is typically sponsored by nation-states

Which of the following is NOT a common security control used to protect against malware according to the text?

Bypassing email servers and directly sending emails to users

Why is it important to verify information shared in social media groups before acting on it as a cybersecurity personnel?

Because social media groups aren’t authoritative and can contain inexact information

What is the primary function of anti-malware software on mail gateways?

It blocks and strips potentially malicious attachments off emails.

What can be a strong indicator of infection in a network regarding traffic to specific IPs?

Firewall logs indicate traffic attempting to access blacklisted IPs

Firewall logs indicating attempts to access blacklisted IPs is a strong indicator of network infection. Bot zombies often try to connect to command and control servers and firewalls that are aware of these harmful IP addresses can blacklist traffic to these servers. Monitoring these attempts is a strong sign of malware infection.

What is a possible malicious intention for an attacker purchasing a domain similar to a legitimate one?

To host a malicious website intending to install malware.

Given the context of the text, an attacker could buy a similar domain name for the purpose of hosting a malicious website, with the intention of installing malware on the systems of users who inadvertently visit the site instead of the legitimate one.

What is the Automated Indicator Sharing (AIS) used for?

For real-time exchange of threat indicators and defensive measures

The Automated Indicator Sharing (AIS) is maintained by the Cybersecurity and Infrastructure Security Agency (CISA). It is used for the real-time exchange of threat indicators and defensive measures.

What is NOT a common type of Open Source Intelligence (OSINT) as described in the text?

Insider Trading Reports

The other correct answers
A. Dark Web
B. National Vulnerability Database (NVD)
C. STIX and TAXII standards

What is the main purpose of a backdoor?

To provide a shortcut for normal authentication methods

A backdoor is primarily used as a means to access a system by bypassing normal authentication methods, often used by malware for continued discreet access even after its presence is discovered and supposedly eradicated.

What tactics are considered effective for a person to get others to comply through impersonation?

A. Posing as a government official
B. Pretending to be a technician
C. Implying lawsuits or subpoenas
D. All of the above - correct answer

What is the primary motivation for criminal syndicates in the context of cyberattacks?

Money

Which of the following is used by social engineers during elicitation to encourage a target to speak more ?

Active listening

What is the importance of academic journals in cybersecurity?

They contain technical research documents on cybersecurity, reviewed by peers for credibility.

Which types of attacks are most effective when exploiting authority?

Impersonation, whaling, and vishing

Which of the following is NOT a technique used by fileless malware?

Disk partitioning

Which of the following is NOT a reported name for an APT sponsored by the Russian government?

Alpha Bear

The Advanced Persistent Threats (APTs) associated with the Russian government that are outlined in the text include Fancy Bear, Cozy Bear, Venomous Bear, and Voodoo Bear. The name Alpha Bear does not appear and therefore is not one of the reported APTs affiliated with Russia.

What is the technique of vishing as used in cyber security?

Impersonating authority figures over the phone to deceive individuals into revealing sensitive information

Which of the following best describes a zero-day vulnerability based on the provided text?

It is a vulnerability unknown to trusted sources such as operating system and antivirus vendors, and it remains until these vendors know about the issue and release patches.

What description is accurate regarding the threat actor referred to as a ’script kiddie’?

They use existing computer scripts or codes to launch attacks, usually with little expertise or sophistication.

What is a characteristic of fileless malware?

It runs in memory and can inject into legitimate applications

What is the purpose of using a spam filter on mail gateways?

Detect and filter spam before it reaches users

What is the primary risk associated with Shadow IT?

Unmanaged systems and applications may be susceptible to emerging vulnerabilities

Shadow IT refers to systems and apps installed without the IT department’s knowledge. Since these are unmanaged by the IT, they will not be kept up-to-date or back up regularly, making them susceptible to emerging vulnerabilities.

What does the term ’consensus’ refer to in the context of cyber threats?

The technique where criminals manipulate users by creating an illusion of social approval for their fraudulent products or software.

What is an Advanced Persistent Threat (APT) typically characterized by?

They are typically groups of organized threat actors that engage in targeted attacks against organizations over long periods of time

What is the primary purpose of Cuckoo Sandbox?

To analyze suspicious files and URLs

The main purpose of Cuckoo Sandbox is to provide an analysis of suspicious files, such as malware, and URLs, by running them in a virtual machine (VM) and creating a report on its activity.

Which of the following is a viable solution to prevent spear phishing attacks?

Using digital signatures

Using digital signatures provides a high level of certainty to personnel on who sent the email and can deter the success of spear phishing attacks.

What is a key challenge when implementing spam filters?

Filters may mistakenly flag and filter out legitimate emails.

As noted in the text, a primary challenge when employing spam filters is ensuring they don’t mistake legitimate emails for spam and filter them out. This can result in missed business opportunities and important communications.

According to the text, which of the following is NOT a method used by social engineers to gain unauthorized access or information?

Physically stealing user credentials

According to the passage, which of the following is not a technique used by social engineers in the elicitation process?

Internet phishing

Internet phishing is not mentioned in the passage as a technique used by social engineers in the elicitation process. The techniques discussed include active listening, reflective questioning, false statements, and bracketing.

What does data exfiltration refer to in the context of malware attacks?

Unauthorized transfer of data out of a network

Which of the following attacks are most likely to use urgency as a technique?

Ransomware

What does heuristic-based detection in antivirus software aim to detect?

Previously unknown viruses and zero-day exploits

Heuristic-based detection in antivirus software attempts to detect previously unknown viruses that do not have known signatures, including zero-day exploits. It does this by running questionable code in a protected, virtualized environment (sandbox) and observing its behaviors for anything malicious or unusual.

Which of the following is NOT an indicator of a malware attack?

Regular data transfer within a network

Regular data transfer within a network is a normal business activity and does not directly indicate a malware attack. All other options listed are potential indicators of malware attacks such as extra traffic added by malware, encrypted traffic to bypass detection techniques, and suspicious traffic to known malicious IPs.

Which of the following correctly describes the Dark Web?

It is a sector of the web that requires specific software or authentication to access.

What is one possible reason an attacker might purchase a domain name similar to a legitimate one, according to the passage?

To host pay-per-click ads for revenue

According to the text, one reason an attacker might buy a similar domain could be to host pay-per-click ads, earning ad revenue from visitors who mistakenly visit the attacker’s site and click on the ads.

Why might encrypted traffic be considered an indicator of a malware attack?

Encrypted messages can’t be read by data loss prevention (DLP) systems

Some malware will encrypt the data before data exfiltration attempts. This can bypass typical DLP techniques because a DLP system can’t read the encrypted data. However, a large amount of encrypted data can indicate data exfiltration, even if the data can’t be identified.

Which of the following best describes a ’hacktivist’ as presented in the provided text?

An attacker who launches cyber attacks as part of an activist movement or to raise awareness about certain causes.

Which of the following best describes Indicators of Compromise (IoC)?

Evidence that a cyberattack is in progress or has occurred, often taking the form of antivirus alerts or detected potential attacks.

Which of the following is NOT provided as a source for taking the assistance of cybersecurity personnel during threat research?

Online forums

According to the given text, Online forums are not mentioned as a source for cybersecurity personnel to research threats. Other sources mentioned include vendor websites, conferences, academic journals and several others.

What is the primary purpose of a virus?

To replicate and deliver its payload

The main characteristic of a virus is its ability to replicate itself and spread its payload to other host applications. This payload can consist of harmful actions, such as deleting files, causing random reboots, joining a computer to a botnet, or enabling backdoors for remote system access.

What is URL hijacking or typo squatting?

Buying a domain name that is close to a legitimate domain name.

URL hijacking, also known as typo squatting, involves buying a domain name that closely matches a legitimate domain name in a bid to trick users into visiting the attacker’s website. The idea is to take advantage of typographical errors made by Internet users when typing a website address into a web browser.

What type of cyber attack leverages the authority of legal entities to coerce executives into opening malicious attachments?

Whaling

What term best describes the group of threat actors who are usually highly organized, funded by nation-states, and target specific organizations for long periods of time?

Advanced Persistent Threats (APTs)

What is the technique called that attackers use by sending text messages to trick users into giving up personal information and uses the method of phishing?

Smishing

Smishing is a form of phishing that utilizes text messages (SMS) to trick users into giving up personal information. This method is often used by attackers to gain illegal access to personal accounts such as email by deceiving the user into revealing a verification code over text.

What is the purpose of Trusted Automated eXchange of Indicator Information (TAXII)?

It’s an open standard that defines services for sharing threat information without specifying what should be shared.

TAXII is an open standard that offers a framework for sharing threat information. However, it doesn’t dictate the specifics of the information to be shared.

What is the purpose of reflective questioning in social engineering?

To demonstrate active listening and encourage a target to talk more

Which of the following is NOT a common security control used to protect against malware?

Software updates on all systems

What is the primary purpose of dumpster diving in the context of cybersecurity?

Gaining information from discarded documents

What is the purpose of using file integrity monitors in antivirus scanners?

To detect modified system files.

What is the impact of Potentially unwanted programs (PUPs) on a user’s computer?

They can change the user’s browser settings without clear consent

While some PUPs can be legitimate, they often tend to make changes to a user’s computer, usually without clear consent. This can include changes to browser settings, such as the default search engine or the homepage, as well as injecting advertising.

What is a common method attackers use to spread Trojans?

By embedding the Trojan in a website’s code

Website drive-by downloads are a popular vector for spreading Trojans. Attackers compromise a website and embed the Trojan in its code. When users visit the site, the Trojan attempts to download onto the users’ systems.

What can be expected when you opt out of email services from a legitimate company?

You will no longer receive any more emails from that company

When you opt out of a mailing list of a legitimate company, you should no longer receive any emails from that company. This is a legal requirement that such companies have to comply with.

What is the primary purpose of a Request for Comments (RFC) published by the Internet Engineering Task Force (IETF)?

To standardize technical specifications on the internet

The Internet Engineering Task Force (IETF) publishes documents called RFCs for a variety of purposes. Many are Internet standards, and they are the authoritative source of knowledge for technical specifications. For instance, RFC 6749 describes how authorization tokens are created and exchanged on the Internet. Websites that comply with the specifications in RFC 6749 can exchange authorization tokens with relative ease.

Which of the following is NOT an indicator of a malware-infected system based on the provided text?

The system operates faster

What potential damage could serious virus hoaxes cause?

They encourage users to delete important files, potentially making their systems unusable.

Ex - The text specifies that a serious virus hoax may persuade a user to delete significant files, which could render their systems unusable.

What is the purpose of ’active listening’ in the context of social engineering?

To encourage the target to continue talking by giving them your full attention

What is the goal of impersonation by social engineers according to the text?

To convince an authorized user to provide some information or help the attacker defeat a security control.

What is the primary motivation for criminal syndicates in launching cyber attacks?

Their main goal is to get more money typically through criminal activities

What is the classic method of credential harvesting used by attackers?

By asking users directly

Classic credential harvesting is based on a simple idea. If you want a user’s credentials, just ask. Attackers send phishing emails out to users claiming a problem with an account and encouraging users to click a link and log on to their account to fix it. The link brings them to a malicious website that often looks like the real thing. If the user enters credentials, the site captures them and then redirects the user to the actual logon page.

What technique do attackers often use along with malware?

Social engineering

Which of the following is NOT a typical indicator of a malware attack?

Reduction in network traffic

How do criminals impersonate your friends through email according to the text?

They create emails with your friends’ names in the ’From’ block but use unrelated email addresses

According to the text, criminals impersonate your friends by creating emails that appear to come from your friends. They do this by including your friends’ names in the ’From’ block but use unrelated email addresses that belong to someone else or are forged. The actual sender must be identified by looking at the full header of the email address.

What is a common delivery method for a Remote Access Trojan (RAT)?

Via drive-by downloads or malicious email attachments

What is a logic bomb?

A string of code embedded into an application that executes in response to an event

Which of the following methods is NOT used by fileless viruses?

Network traffic analysis

What are some common types of Open Source Intelligence (OSINT)?

Vulnerability databases and the dark web

OSINT includes any information that is available to the general public. This ranges from vulnerability databases such as the National Vulnerability Database and the Common Vulnerabilities and Exposures list, to the dark web where vulnerabilities are sometimes posted before they make it to these databases.

Which of the following best describes the main purpose of spyware?

To gather user information without their consent

Which of the following statements about cybersecurity conferences is true according to the text?

They allow attendees to choose what workshops they want to attend

According to the text, cybersecurity conferences often let attendees select from various training tracks and choose the workshops they would like to participate in.

How does the concept of ’Scarcity’ apply to phishing and Trojan attacks?

Scarcity is a technique where attackers offer exclusive access to a limited product to lure victims to a malicious website.

Which one of the following statements elucidates the ’upgrade’ phishing technique?

 A prompt asking to upgrade a software for better functionality
 
 The ’upgrade’ phishing technique tries to trick users into downloading and installing malware by posing as a software update or upgrade. The users are misled into believing that their software is outdated and needs an upgrade, and by clicking ’yes’ to the upgrade, they unintentionally install malware.

What is a characteristic of an advanced persistent threat (APT)?

They often represent a long term, highly organized threat

Who sponsors Advanced Persistent Threats (APTs) and what is their characteristic?

They are sponsored by state actors and launch targeted, sophisticated attacks over long periods.

What is a significant challenge when encountering Spam over Internet Messaging (SPIM)?

It bypasses typical antivirus and spam filters.

SPIM represents a significant challenge as it bypasses common antivirus software and spam filters, making it more difficult to detect and prevent.

What is the role of a ’Bot herder’ in a botnet?

They manage botnets, attempting to infect as many computers as possible and control them through systems on the Internet

Which of the following attack vectors is estimated to be the starting point of up to 91 percent of all attacks?

Email

Which of the following best describes the primary difference between a worm and a virus?

A worm consumes more network bandwidth.

According to the given text, one of the significant problems caused by worms is that they consume network bandwidth. This is uniquely stated as a characteristic of worms and not viruses.

What are attack vectors and how do attackers use them?

They are the paths that attackers use to gain access to computers and networks in order to exploit vulnerabilities

What security attack tactic involves combining intimidation with urgency and impersonation?

Social Engineering

What is the technique called ’Bracketing’ that is used by social engineers?

Stating a specific number or a range of numbers to elicit correct information.

Bracketing refers to the technique used by social engineers where they state a specific number or a range of numbers to elicit specific information. The attacker counts on the probability that the target will correct them if they are wrong, or will reveal more information to show off their knowledge.

What is the role of the Structured Threat Information eXpression (STIX) in open source intelligence (OSINT)?

It provides a common language for addressing a wide range of cyber threat information.

STIX is an open standard that identifies what cyber threat information organizations should share. It provides a common language for addressing a wide range of cyber threat information.

According to the passage, how do social engineers try to gain the trust of their victims?`

All of the above

The passage explains that social engineers often pretend to be security experts and show victims errors on their own computers, then offer to help fix them. These tactics are used to build trust between the engineer and the victim.

Why are building rapport and likability important in the context of tailgating attacks?

People are more likely to allow someone they know or like to tailgate behind them

What is an Advanced Persistent Threat (APT) typically understood to be in the context of cyber attacks?

A group of organized threat actors, typically sponsored by nation-states

What is one of the main benefits of Peer-to-Peer (P2P) botnets from the perspective of a cybercriminal?

P2P networks are difficult for legal professionals to take down

In a Peer-to-Peer (P2P) botnet, each infected system looks for other infected systems, progressively building a larger list of infected machines that can work together. Each of these infected systems can act as a command and control system issuing commands to other systems. Because P2P networks do not centralize command and control, it is difficult for legal professionals to completely dismantle the botnet by just taking down a few central servers.

What does the term ’gaslighting’ mean in the context of information security?

It is a form of psychological manipulation where the manipulator tries to replace one idea or belief with another one.

In the context of social engineering attacks, why is the principle of liking and rapport building effective in shoulder surfing?

It makes the victim less likely to recognize and stop a shoulder surfing attack

When the attacker is someone familiar or likable to the victim, the victim is less likely to recognize that the attacker is looking over their shoulder to see confidential data (shoulder surfing).

What is hybrid warfare and how is it applied in influence campaigns?

It is a blend of conventional warfare with unconventional methods to influence people.

What is the main difference between ransomware and cryptomalware?

Ransomware locks out users whereas cryptomalware encrypts data

Ransomware refers to the type of malicious software that locks out users from their system or network whereas cryptomalware refers to the malware that encrypts the data on computers within the network to prevent the users from accessing it.

How soon can an attacker typically begin lateral movement within a network after the initial infection?

Less than two hours

The text states that the time it takes for an attacker to begin lateral movement within a network after initial infection is typically less than two hours.

What do rootkits use to modify system behavior and avoid detection?

Hooking techniques

Rootkits use hooking techniques to modify the system behavior and avoid detection. Hooking refers to intercepting system-level function calls, events, or messages. The rootkit installs the hooks into memory and uses them to control the system’s behavior.

What is a common use of file/code repositories in the realm of cybersecurity?

To provide a location for prewritten code that developers can use for a variety of purposes, including gathering intelligence

Which of the following resources is especially true for finding reliable information on vulnerabilities and patches used to fix them?

Vendor websites

Vendor websites provide reliable information about their products, including any potential vulnerabilities their products may have and patches available to fix those issues.

Which of the following strategies is commonly utilized to mitigate the risk of malware entering the network through network traffic?

Implementation of Unified Threat Management (UTM) systems

Unified Threat Management (UTM) is a significant security measure mentioned in the context of ’boundaries or firewalls’. UTM systems monitor network traffic through the firewall and thereby reduce the risk of malware entering the network.

What is the main motivation behind the cyber activities of criminal syndicates?

 Money

What is the role of InfraGard in the context of public/private information sharing centers?

It is a non-profit organization that shares information between the FBI and members in specific sectors.

In the context of public/private information sharing centers, InfraGard serves as a non-profit organization that shares information on cyber threats between the Federal Bureau of Investigation (FBI) and members in specific sectors.

What is ’vishing’ in the context of cyber security?

A form of phishing that uses voice messages or phone calls

What does ’reconnaissance’ refer to within the context of social engineering?

 Gathering as much information as possible on a target

What are the two common methods by which antivirus software detects viruses?

Signature-based detection and heuristic-based detection

Antivirus software detects viruses using two main methods: signature-based detection, which involves looking for specific patterns of data that are known to be related to already-identified malware, and heuristic-based detection, which involves analyzing the characteristics and behaviors of an unknown piece of software to determine if it is likely to be malware.

Which types of attacks can be launched via email according to the provided text?

All of the above

According to the text, email attacks can include spam, phishing, smishing, vishing, spear phishing, and whaling. So all the types of attacks mentioned in the options can be launched via email.

What is Predictive analysis in the context of cybersecurity?

It involves techniques that attempt to predict what attackers will do next and methods to thwart their attacks.

What is the primary function of signature files in antivirus software?

Providing a pattern for scanning files for viruses and other known malware.

The text explains that ’signature files (also called data definition files) define the patterns, and the antivirus software scans files for matching patterns. When the software identifies a matching pattern, it reports it as an infection and takes action.’ Therefore, the primary function of signature files is to provide a pattern for scanning files for viruses and other known malware.

Which of the following is NOT a technique used by fileless malware?

Installing fake antivirus software
PreviousChapter 5NextChapter 7

Last updated 9 months ago