IT/SECURITY

SSL stripping is an example of: (Select 2 answers)

Downgrade Attack, On-path attack

Memory leak

A situation in which an application fails to properly release memory allocated to it or continually requests more memory than required

Which of the following alters the external behavior of an application and at the same time does not introduce any changes to the application's code?

Shimming

Sideloading

The practice of modifying an application's code without changing its external behavior

Which of the following terms refer to software/hardware driver manipulation techniques? (Select 2 answers)

Refactoring , Shimming

Which of the following wireless technologies enables identification and tracking of tags attached to objects?

RFID

RFID is vulnerable to: (all)

• Spoofing

• Eavesdropping

• Data interception

• Replay attacks

• Denial-of-Service (DoS) attacks

Replay attack

a form of network attack where an attacker intercepts and retransmits data that was previously exchanged between two parties. Fundamentally, a replay attack occurs when an attacker is able to capture data-in-transit in cleartext form. Replay attacks may capture various forms of authentication data, such as passwords, session tokens, or cryptographic authentication hashes.

What is the most common form of a DDoS attack?

Network-Based DDos

NFC is vulnerable to: (all)

• Data interception

• Replay attacks

• Denial-of-Service (DoS) attacks

Which type of DDoS attack targets industrial equipment and infrastructure?

Operational Technology (OT)

SSL

Is a deprecated encryption protocol

A type of formal document that describes the specifications for a particular technology is known as:

Request for Comments (RFC)

TAXII

a dedicated transport mechanism for cyber threat information

Automated Indicator Sharing

a US government initiative for real-time sharing of cyber threat indicators

Deep Weeb

Cannot be indexed by Web Crawlers, 400-500x bigger than surface web

Dark Web

0.01% of deep web only a few thousand websites