Friday

Cyber Security Concept

 

Photo by <a href=”https://unsplash.com/@fantasyflip?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText">Philipp Katzenberger</a>

Question 1:

Why would a hacker use a proxy server?

Answer: To hide malicious activity on the network.

Proxy servers are often used by hackers to hide their IP addresses and make it more difficult to trace their activities. They can also be used to bypass firewalls and other security measures.

Question 2:

Which of the following is not a factor in securing the environment against an attack on security?

Answer: The education of the attacker.

The education of the attacker is not a factor in securing the environment against an attack. The attacker is always going to be trying to find new ways to exploit vulnerabilities, so it is important to focus on securing the environment from the attacker’s perspective.

Question 3:

What type of attack uses a fraudulent server with a relay address?

Answer: MITM (Man-in-the-Middle).

A MITM attack is an attack where the attacker inserts themselves in the middle of a communication between two parties. The attacker can then intercept and modify the communication as they see fit.

Question 4:

To hide information inside a picture, what technology is used?

Answer: Steganography.

Steganography is the practice of hiding information within another piece of data. This can be done by embedding the information in the least significant bits of the data, or by using some other method of obfuscation.

Question 5:

Which phase of hacking performs actual attacks on a network or system?

Answer: Gaining Access.

The gaining access phase is the phase of hacking where the attacker actually gains access to the network or system. This can be done through a variety of methods, such as exploiting vulnerabilities, social engineering, or phishing.

Question 6:

Attempting to gain access to a network using an employee’s credentials is called in which mode of ethical hacking?

Answer: Social engineering.

Social engineering is a technique used by hackers to trick people into giving up their personal information or clicking on malicious links. This information can then be used to gain access to a network or system.

Question 7:

Which of the following is not a typical characteristic of an ethical hacker?

Answer: Has the highest level of security for the organization.

Ethical hackers are not responsible for the security of an organization. Their job is to find and report vulnerabilities in a system. The organization is responsible for fixing the vulnerabilities and improving the security of the system.

Question 8:

What type of rootkit will patch, hook, or replace the version of system call in order to hide information?

Answer: Kernel level rootkits.

Kernel level rootkits are the most dangerous type of rootkit. They are able to patch, hook, or replace the version of system calls in order to hide information. This makes them very difficult to detect and remove.

Question 9:

What is the purpose of a Denial of Service attack?

Answer: To overload a system so it is no longer operational.

A Denial of Service attack is an attack where the attacker floods a system with so much traffic that it becomes overloaded and unable to function. This can prevent legitimate users from accessing the system.

Question 10:

What are some of the most common vulnerabilities that exist in a network or system?

Answer:

  • Weak passwords: Weak passwords are one of the most common vulnerabilities in a network or system. Hackers can easily crack weak passwords using a variety of methods.
  • Outdated software: Outdated software often contains vulnerabilities that can be exploited by hackers. It is important to keep software up to date to protect against these vulnerabilities.
  • Misconfiguration: Misconfiguration of network devices and systems can create vulnerabilities that can be exploited by hackers. It is important to properly configure network devices and systems to protect against these vulnerabilities.
  • Social engineering: Social engineering is a technique used by hackers to trick people into giving up their personal information or clicking on malicious links. This information can then be used to gain access to a network or system.

No comments: