Cybersecurity Essentials – Unit 2 Review

130 question-and-answer flashcards covering major concepts from Cybersecurity Essentials Unit 2: motives and targets of cyber-attacks, breach detection, common attack types, malware, attack vectors, social engineering, wireless attacks, web vulnerabilities, and key defensive tools and controls.

What is the primary objective of a cyber-attack?

To steal, alter or destroy information.

Cyber-attacks are generally aimed at what goal?

Accessing or manipulating confidential data.

Which of the following is NOT a motivation for cyber-attacks?

Legal enforcement.

Hacktivism is driven by what motive?

Political or social causes.

Which sector is most frequently targeted in cyber-attacks?

Financial Services.

Define cyber-espionage.

Unauthorized spying to obtain secret information.

What does the acronym APT stand for?

Advanced Persistent Threat.

Give one well-known example of a state-sponsored cyber-attack.

Stuxnet.

What is the primary reason for the recent increase in cyber-attacks?

Rapid digital transformation.

Which of the following is considered a passive cyber threat?

Eavesdropping.

Cyber-warfare is primarily targeted at what?

Government or critical infrastructure.

What is meant by a Zero-Day attack?

An attack that occurs before a vulnerability is patched.

Botnets are typically used for what purpose?

Coordinated attacks such as DDoS.

Altering data without authorization is classified as which type of attack?

Modification attack.

What is a script kiddie?

An attacker who exploits known software bugs for malicious gain.

How is a security breach best defined?

Unauthorized access to protected data.

What is a common result of a data breach?

Loss of sensitive data.

Name one common cause of a security breach.

Weak authentication mechanisms.

Which technique prevents unauthorized access to data?

Encryption.

Give an example of a physical security breach.

Theft of a laptop.

How can phishing lead to a security breach?

By tricking users into revealing credentials.

What is the first step in breach detection?

Monitoring system logs.

A brute-force attack typically results in what?

Password compromise.

What is Snort primarily used for?

Detecting security breaches as a network intrusion detection system.

What is the main function of SIEM tools?

Real-time monitoring and correlation of security events.

Which regulation requires organizations to notify authorities of a data breach?

GDPR.

What is the most secure method to prevent security breaches?

Strong authentication and access control.

Using default passwords in systems can result in what?

Security breaches.

A ransomware attack is classified as what?

A type of security breach.

Which attack overwhelms a system with traffic to disrupt service?

Denial-of-Service (DoS) attack.

How does a DDoS attack differ from a DoS attack?

DDoS involves multiple systems flooding the target.

Capturing passwords by watching keystrokes is called what?

Keylogging.

What is the primary purpose of a phishing attack?

To trick users into revealing sensitive information.

Which attack exploits vulnerabilities in SQL databases?

SQL Injection.

Man-in-the-Middle (MITM) attacks involve what action?

Intercepting communication between two parties.

Which attack uses a false identity to trick a system or user?

Spoofing.

Brute-force attacks rely on what basic method?

Trying many combinations of passwords.

What does a replay attack involve?

Resending intercepted data to a system.

Give one example of an insider threat.

A disgruntled employee leaking data.

Cross-Site Scripting (XSS) is often used to accomplish what?

Steal cookies or session information from users.

Which attack specifically targets the authentication process?

Credential stuffing.

What is the goal of DNS spoofing?

Modifying DNS responses to redirect users.

A watering-hole attack targets what?

Commonly visited websites of a specific group.

Drive-by download attacks occur when what happens?

Malware is downloaded without the user’s consent.

Session hijacking refers to what activity?

Taking over a valid user session.

ARP spoofing targets what part of a network?

MAC address resolution in a local network.

In a Smurf attack, which protocols are misused?

ICMP and IP broadcasting.

Which malware disguises itself as a legitimate program?

Trojan Horse.

Which malware type can replicate itself and spread without user interaction?

Worm.

Which malware monitors user activity and secretly sends the data out?

Spyware.

Ransomware typically demands what from victims?

Financial payment.

How does a virus differ from a worm?

A virus requires a host file to spread, whereas a worm does not.

Which malware hides its existence by modifying the operating system?

Rootkit.

What is the primary purpose of adware?

Displaying unwanted advertisements.

Which malware can be controlled remotely through a C&C server?

Bot.

A logic bomb activates under what condition?

When a specific condition is met.

What is a keylogger primarily used for?

Stealing login credentials.

How do polymorphic viruses evade detection?

By constantly changing their code.

What does rogue security software do?

Pretends to fix problems but installs threats instead.

Where does fileless malware primarily reside?

In operating system memory.

Which malware modifies browser settings without permission?

Browser hijacker.

What is the primary function of a backdoor?

Providing secret remote access to a system.

A dropper is a type of malware designed to do what?

Deliver and install other malware.

What is a botnet?

A network of compromised machines controlled via a C&C server.

Define an attack vector.

A path or method used to gain unauthorized access.

Give an example of a software attack vector.

Insecure APIs.

Give an example of a human attack vector.

Social engineering.

Name a physical device that can serve as an attack vector.

A flash drive containing malware.

Which email-based attack vector is most common?

Phishing.

Drive-by download attack vectors are often triggered by what?

Clicking ads or visiting compromised websites.

Open ports and unnecessary services represent which kind of attack vector?

Network-based attack vector.

What does a clickjacking attack do?

Traps users into clicking hidden or disguised links.

Unpatched software is considered what?

A security vulnerability.

Leaving default credentials unchanged can be exploited as what?

An attack vector.

Cross-Site Request Forgery (CSRF) exploits the trust between what two entities?

A server and a user’s browser.

Weak authentication mechanisms are classified as what?

An attack vector.

Which attack vector manipulates database queries to gain access?

SQL Injection.

Which attack takes advantage of trust in legitimate websites frequented by a target group?

Watering-hole attack.

An exposed admin portal on a website is an example of what?

A vulnerable entry point.

Misconfigured cloud storage services are considered what type of risk?

Attack vectors.

The use of outdated SSL/TLS protocols is classified as what?

An attack vector.

Bluetooth vulnerabilities are common attack vectors in what devices?

IoT and mobile devices.

Packet sniffing with Wireshark allows an attacker to do what?

Intercept and analyze data packets.

What is the most common form of social engineering?

Phishing.

Social engineering attacks primarily exploit what?

Human psychology.

Impersonation in social engineering involves what?

Pretending to be someone trustworthy.

Define tailgating as a social engineering technique.

Following an authorized person into a restricted area without proper credentials.

Baiting attacks often involve what lure?

Promises of free items or services.

What does pretexting rely on?

A fabricated scenario to trick victims into giving information.

What is a USB drop attack?

Leaving infected USB drives for victims to plug in.

Phishing emails typically contain what?

Fake urgent requests for credentials or personal data.

What is vishing?

Voice-based phishing attacks conducted over the phone.

Smishing refers to social engineering through what medium?

SMS text messages.

What does dumpster diving involve?

Searching trash for sensitive information.

Shoulder surfing allows an attacker to do what?

Physically observe login credentials being entered.

What is the best defense against social engineering attacks?

User awareness and training.

How does spear phishing differ from general phishing?

Spear phishing targets specific individuals or organizations.

Which wireless encryption protocol is considered the weakest?

WEP.

Which attack targets Wi-Fi communication by capturing data packets?

Wireless packet sniffing.

What is a rogue access point?

An unauthorized wireless device mimicking a legitimate AP.