CTEC Exam Preparation

The rules of communication that web sites use to exchange data.

HTTP

What is an exploit in the context of cybersecurity?

A sequence of commands that takes advantage of a vulnerability in a computer system

(NOCTI) Hypertext Transfer Protocol Secure operates on port

443

Advertising software that can automatically download les or link to websites.

adware

The term for a small local area network of computers and devices.

LAN

Where in the cybersecurity lifecycle does one's personal inventory belong?

IDENTIFY

Identifies, Protects, Responds, Recovers

Cybersecurity Lifecycle

What is the general term for software that is intended to do harm or damage?

malware

(NOCTI) This technology was developed to allow remote users and branch offices to access corporate applications and resources via secure encrypted connection.

Virtual Private Network (VPN)

The arrangement of the various elements (computers, routers, switches, etc)

network topology

The trail that you leave behind when you engage in online experiences is called

digital footprint

(NOCTI) Restricting access to a website for a specific user group.

blacklisting

How does a MAC address differ from an IP address?

A MAC address is assigned by the manufacturer, while an IP address is assigned by the network

What is the primary goal of the Availability component in the CIA Triad?

Ensuring data is available when needed

What is the common goal of ransomware attacks?

To demand payment for data recovery

Why is Availability important in the context of e-commerce websites?

To ensure users can access the site anytime

What is the primary goal of the Confidentiality component in the CIA Triad?

Protecting data from unauthorized access

What is the term to guess or discover information, especially a password

Crack

(NOCTI) Practice of sending fraudulent emails that appear to be from legitimate companies with the intent to induce people to share sensitive information, such as passwords and credit card numbers.

phishing

(NOCTI) Ensuring information is safe and has not been compromised keeping data authentic, accurate, and reliable is known as

integrity

(NOCTI) When establishing that a WPA3 network is not feasible due to client hardware requirements, the next best security wireless protocol is

WPA2

Software that can stop malware from entering a network, computer, or device

firewall

The set of techniques used to protect networks and digital information from attack, damage, or unauthorized access.

Cybersecurity

How can e-commerce sites protect customer information?

By encrypting sensitive data

What is the term for irrelevant or inappropriate messaging sent through email to a large number of recipients; also known as junk mail?

spam

What is a disadvantage of symmetric key encryption?

The algorithm requires a relatively larger key space

(NOCTI) What is the cipher in which each letter in an alphabet is replaced with a different character or symbol?

substitution cipher

What is the method that places covert information into parts of overt les that are usually ignored?

insertion method

(NOCTI) What is when the sender and receiver share a single private key to use in the encryption algorithm?

symmetric key encryption

(NOCTI) The numeric code provided in an SMS or text message used for Multi-Factor Authentication (MFA) is called?

One Time Passcode

What is an advantage of asymmetric key encryption?

Significantly more secure than symmetric key encryption

What uses two keys, a public key available to everyone and a private key belonging to one owner?

asymmetric key encryption

What is the practice of concealing messages within other data, such as text or images?

steganography

What is the science or art of delivering a message securely and confidentially?

cryptography

What is the encrypted message generated by a cipher?

cipher text

What is the cipher that uses a key to encrypt or decrypt a message?

vigenere cipher

What is the motivational goal behind companies that steal information from competitors to gain the upper hand or eliminate the competition?

Industrial Espionage

This is a person sending fraudulent emails that appears to be from legitimate companies with the intent to induce people to share sensitive information.

Phisher

(NOCTI) An IT technician exploited the company’s website using a Cross-Site Scripting exploit after the company refused to respond to their request to x the vulnerability. The technician is an example of a _____ hat hacker.

gray

What is the motivational goal behind hackers engaged to change aspects of society, such as disrupting terrorists, promoting human rights, and/or exposing an injustice?

Social Ideology

(NOCTI) When someone is assigned only the rights and privileges necessary to do their job, this is referred to as

least privilege

Which of the following is considered a Man-In-The-Middle Attack?

An attacker intercepts information the client sends and establishes a secure session with the intended website.

What is the motivational goal behind a criminal that steals money from individuals and corporations, such as banks and lending houses?

Financial Gain

The term for a weakness in a system that allows an attacker to gain unauthorized access.

vulnerability

What is the most likely scenario if you double click on the following file "filename.exe.txt"?

A text editor like notepad.exe will execute

An application's certificate indicates that the application is

authentic

What is term for a systematic attempt to crack a password by testing with words and phrases found in online dictionaries?

Dictionary Attack

How do you identify signs of malware infection during a Cyber Forensics investigation?

requires observing unusual network traffic, unexpected system behavior, altered file timestamps, and/or the presence of suspicious files or processes.

(NOCTI) To ensure the safety of user accounts and web applications, a user should

use different passwords for each account

(NOCTI) When someone is assigned only the rights and privileges necessary to do their job, this is referred to as

least privilege

(NOCTI) Applying OS updates and patches to a newly installed operating system should be done

one of the first steps after installation

(NOCTI) A phishing attack that targets a high-prole employee to obtain information is an example of

whaling

A broad category for techniques that aim to psychologically manipulate a person's trust to gain access to data or computing resources, usually by being tricked into clicking on a link, opening a le, or answering a question.

social engineering

An attempt to crack a password through trial and error.

brute force attack

What is the best way to protect yourself from a social engineering attack?

Limit the personal information that you post online

Selective process of allowing or restricting the availability of a resource.

access control

What is the basis for access control?

need to know

What is a common method to ensure data Integrity?

Restricting access to who can modify the data

The term for the way an organization structures and organizes the information that is required by their employees and/or customer.

Information Architecture

What is the primary purpose of a firewall in a network topology?

To block unauthorized access while permitting authorized access

What is a common method used in DDoS attacks?

Overloading a server with fake traffic

What is the purpose of a DDoS attack?

To degrade system performance

Which of the following is considered a Man-in-the-Middle attack?

An attacker intercepts information to the client sends and establishes a secure session with the intended website.

Software that replicates and infects many computers, turning the computer in a "zombie". Zombie devices are remotely controlled by an attacker for malicious purposes.

Botnet

Human-based attack in which the malicious user intercepts communication between the victim's computer and the internet.

On Path Attack

Software running with elevated privileges to control a computer or to gain access to restricted accounts and data.

Rootkit

Software that locks your computer or makes it inoperable, requiring you to pay someone to remove it

Ransomware

Which of the following is a protection measure against XSS?

Data Cleansing

What happens during a successful SQL injection attack?

Unauthorized data can be accessed, modified, or deleted

How does a cross-site scripting exploit change a web page?

By executing JavaScript that runs in the browser.

A tool for analyzing and monitoring network traffic at the packet level

packet sniffer

Allows or denies packets based on source and destinations addresses, ports, or protocols

packet filtering

The primary purpose of this artifact in network analysis is to capture and analyze network packet data

pcap file

What is the command to execute a command as another user without providing the root password?

sudo

(NOCTI) Which allows a user to access a computer system using credentials such as a password?

authentication

What is a significant risk associated with the Internet of Things (IoT)?

expanded area for cyberattacks

What is to give permission?

authorize

What is the primary difference between unauthorized and authorized hacking?

Authorized hacking is done with permission and ethical intent

(NOCTI) What is the best physical security to use in a data center to secure the servers?

biometric reader

(NOCTI) Which is an example of the authentication method that a user will have?

smart card

What is a term for a system that can distinguish between a human and an automated program?

CAPTCHA

(NOCTI) This technology was developed to allow remote users and branch offices to access corporate applications and resources via secure encrypted connection.

Virtual Private Network (VPN)

(NOCTI) Non-repudiation confirms the identity of the sender of a digital message for a recipient who uses the _____ key.

sender's public

Benefit of performing passive analysis on a website

observes a site without affecting it

Involves examining the contents of network packets to understand communication patterns, detect unauthorized activities, and identify potential security breaches.

network packet analysis

Use scripts, software, or algorithms to process and analyze large volumes of data quickly, enabling investigators to identify patterns and anomalies efficiently.

automated analysis tools

Involves recovering files and fragments of data from storage media without relying on file system metadata.

data carving

Involves creating a chronological sequence of events based on file access times, modification times, and other metadata.

timeline analysis

Ensures that the integrity of digital evidence is maintained, and its admissibility in court is upheld

chain of custody

Recording detailed information about a situation, actions taken, evidence collected, and analysis results

incident documentation

What is the significance of a "chain of custody" in Cyber Forensics?

integrity of digital evidence is maintained

Involves reviewing system and application logs to identify events, anomalies, and potential security breaches.

log analysis

Analysis involves examining artifacts left by operating systems, applications, and user activities

forensic artifact analysis

Involves examining the structure and contents of a storage device's file system to retrieve information about files, directories, timestamps, and access permissions.

file system analysis

Involves monitoring authentication logs, identifying failed login attempts, detecting patterns, and correlating events to uncover unauthorized access.

analyze network logs to detect unauthorized access attempts

A hardware or software tool used to prevent write access to storage media during evidence collection.

write-blocker

Involves extracting and analyzing the contents of a system's volatile memory to gather information about running processes, open files, and potential malware.

RAM analysis

Used for analysis without altering the original evidence

disk imaging

Why is "incident documentation" crucial in Cyber Forensics?

legal proceedings and accountability

Process of collecting, analyzing, and preserving digital evidence to investigate cybercrimes and incidents

cyber forensics