問題一覧
1
DEFINE: SQL Injection
code injection technique used to attack data-driven applications. Malicious injection statements are inserted into an entry field for execution, such as dumping the database contents to the attacker.
2
DEFINE: On-Path Attack (formerly known as a man-in-the-middle attack)
attack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other.
3
DEFINE: ARP Poisoning, also known as ARP Spoofing
Type of cyber attack carried out over a Local Area Network (LAN) that involves sending malicious ARP packets to a default gateway on a LAN to change the pairings in its IP to MAC address table.
4
DEFINE: Cross-Site Scripting (XSS) attacks
type of injection in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in a browser side script, to a different end-user.
5
DEFINE: code injection technique used to attack data-driven applications. Malicious injection statements are inserted into an entry field for execution, such as dumping the database contents to the attacker.
SQL Injection
6
DEFINE: attack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other.
On-Path Attack (formerly known as a man-in-the-middle attack)
7
DEFINE: Type of cyber attack carried out over a Local Area Network (LAN) that involves sending malicious ARP packets to a default gateway on a LAN to change the pairings in its IP to MAC address table.
ARP Poisoning, also known as ARP Spoofing
8
DEFINE: type of injection in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in a browser side script, to a different end-user.
Cross-Site Scripting (XSS) attacks
9
used to convert and copy files. On Unix and Unix-like operating systems like Linux, almost everything is treated as a file, even block devices like a hard disk drive. This makes dd useful to clone disks or wipe data from a drive.
The dd command
10
DEFINE: command-line utility that moves files or directories from one place to another. The command supports moving single files, multiple files, and directories. The command can prompt before overwriting files and will only move files that are newer than the destination.
The mv command
11
DEFINE: lists the files or directories in the current path of a Unix, Linux, or Mac operating system. When invoked without any arguments, this command lists the files in the current working directory.
The Is command
12
DEFINE: used to change the directory. If used with the "cd.." option, it will move up one directory in the file system's directory structure. If used with the "cd”.
The cd command
13
DEFINE: The Network and Sharing Center in the Control Panel
allows a technician to see information and modify the configuration settings of the network adapters in the workstation. It is used to connect to a network using broadband, dial-up, or VPN connection, or add/remove file and printer sharing over the network on the workstation.
14
DEFINE: hides your computer from other devices on the network and prevent file and printer sharing.
A Public Network
15
DEFINE: is considered trusted, allows the computer to be discoverable to other devices on the network, and supports the use of file and printer sharing.
A Private Network
16
DEFINE: Data Loss Prevention Software
detects potential data breaches/data ex-filtration transmissions and prevents them by monitoring, detecting, and blocking sensitive data while in use (endpoint actions), in-motion (network traffic), and at rest (data storage).
17
DEFINE: allows a technician to see information and modify the configuration settings of the network adapters in the workstation. It is used to connect to a network using broadband, dial-up, or VPN connection, or add/remove file and printer sharing over the network on the workstation.
The Network and Sharing Center in the Control Panel
18
DEFINE: hides your computer from other devices on the network and prevent file and printer sharing.
A Public Network
19
DEFINE: is considered trusted, allows the computer to be discoverable to other devices on the network, and supports the use of file and printer sharing.
A Private Network
20
DEFINE: detects potential data breaches/data ex-filtration transmissions and prevents them by monitoring, detecting, and blocking sensitive data while in use (endpoint actions), in-motion (network traffic), and at rest (data storage).
Data Loss Prevention Software
21
What does “msconfig.exe” stand for:
System Configuration
22
What does “perfmon.msc” stand for:
Performance Monitor
23
What does “resmon.exe” stand for:
Resource Monitor
24
What does “msinfo32.exe” stand for:
System information
25
DEFINE: System Configuration (msconfig.exe)
system utility to troubleshoot the Microsoft Windows startup processes. This configuration is used to disable or re-enable software, device drivers, and Windows services that run at startup, or to change boot parameters.
26
DEFINE: Performance Monitor (perfmon.msc)
Monitoring system that monitors utility in Windows that is used to monitor the activities on CPU and memory activity on a computer.
27
DEFINE: Resource Monitor (resmon.exe)
a utility used to display information about the use of hardware (CPU, memory, disk, and network) and software (file handles and modules) resources in real-time.
28
DEFINE: system utility to troubleshoot the Microsoft Windows startup processes. This configuration is used to disable or re-enable software, device drivers, and Windows services that run at startup, or to change boot parameters.
System Configuration (msconfig.exe)
29
DEFINE: performance monitoring and system monitoring utility in Windows that is used to monitor the activities on CPU and memory activity on a computer.
Performance Monitor (perfmon.msc)
30
DEFINE: a utility used to display information about the use of hardware (CPU, memory, disk, and network) and software (file handles and modules) resources in real-time.
Resource Monitor (resmon.exe)
31
DEFINE: utility that gathers information about your computer and displays a comprehensive list of hardware, system components, and the software environment that can be used to diagnose computer issues.
System information (msinfo32.exe)
32
What does “RC4” stand for:
Rivest Cipher 4
33
DEFINE: DoS Attack or Denial-Of-Service Attack
works by overloading a server with multiple requests (more than it can handle), thus eventually knocking the server offline.
34
DEFINE: Bluejacking
sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs, or laptop computers, sending a vCard which typically contains a message in the name field to another Bluetooth-enabled device via the OBEX protocol.
35
DEFINE: RC4 (also known as Rivest Cipher 4)
form of stream cipher. It encrypts messages one byte at a time via an algorithm. Plenty of stream ciphers exist, but this cipher is among the most popular. It's simple to apply, and it works quickly, even on very large pieces of data.
36
DEFINE: Advanced Encryption Standard (AES)
symmetric block cipher chosen by the U.S. government to protect classified information. This cipher is implemented in software and hardware throughout the world to encrypt sensitive data. It is essential for government computer security, cybersecurity and electronic data protection.
37
DEFINE: works by overloading a server with multiple requests (more than it can handle), thus eventually knocking the server offline.
DoS Attack or Denial-Of-Service Attack
38
DEFINE: sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs, or laptop computers, sending a vCard which typically contains a message in the name field to another Bluetooth-enabled device via the OBEX protocol.
Bluejacking
39
DEFINE: form of stream cipher. It encrypts messages one byte at a time via an algorithm. Plenty of stream ciphers exist, but this cipher is among the most popular. It's simple to apply, and it works quickly, even on very large pieces of data.
RC4 (also known as Rivest Cipher 4)
40
DEFINE: symmetric block cipher chosen by the U.S. government to protect classified information. This cipher is implemented in software and hardware throughout the world to encrypt sensitive data. It is essential for government computer security, cybersecurity and electronic data protection.
Advanced Encryption Standard (AES)
41
What is temporal key integrity protocol (TKIP):
a security protocol used in the IEEE 802.11 wireless networking standard. It was designed to provide more secure encryption than the earlier Wired Equivalent Privacy (WEP), without needing to replace existing hardware.
42
What does “AES” stand for:
advanced Encryption Standard
43
What does “bat.” stand for:
Batch Script
44
DEFINE: Batch Scripts ( bat. )
scripts that run on the Windows operating system and, in their simplest form, contain a list of several commands that are executed in a sequence. You can run the file by calling its name from the command line or double-clicking the file in File Explorer.
45
What is the “nano” utility:
an easy-to-use command-line text editor for Linux systems.This editor includes the functionality of a regular text editor, as well as syntax highlighting, multiple buffers, search and replace with regular expression support, spellchecking, UTF-8 encoding, and more.
46
DEFINE: Samba
used by Linux computers to enable the sharing and access of resources with Windows-based networks. This can also be used by Linux servers to provide file-sharing services to Windows clients.
47
DEFINE: LTS (Long-Term Support) Release
a well-supported and will be regularly updated by the Linux distribution to support new hardware, performance, and security improvements. These releases are supported for a long time (approximately 10 years), so they are great to use in production systems like servers.
48
DEFINE: Beta Release
a prerelease of a software product that is given out to a large group of users to try under real conditions. These releases have gone through alpha testing in-house and are generally fairly close in look, feel and function to the final product.
49
DEFINE: Developer Release
a pre-release of a software product that is given out to software developers to test and modify their existing products to the upcoming version of an operating system or application.
50
DEFINE: Rolling Release
a concept in software development where an application is frequently updated through the release of new features over time.
51
What does “LTS” stand for:
Long Term Support
52
DEFINE: DEFINE: The 3-2-1 backup rule
one primary backup and two copies of the data , save the backups to two different types of media,, keep at least one backup copy off-site
53
What does “CRLF” stand for:
Carriage Return Line Feed
54
What is “CRLF Injection” also referred to as:
HTTP response splitting attack
55
a type of cyber threat that manipulates the carriage return and line feed special characters found within a web application's HTTP header.
56
Ports and Protocols: 20/21
File Transfer Protocol FTP
57
Ports and Protocols: 22
Secure Shell SSH
58
Ports and Protocols: 23
Telnet
59
Ports and Protocols: 25
Simple Mail Transfer Protocol SMTP
60
Ports and Protocols: 53
Domain Name System DNS
61
Ports and Protocols: 67/68
Dynamic Host Configuration Protocol DHCP
62
Ports and Protocols: 80
Hypertext Transfer Protocol HTTP
63
Ports and Protocols: 110
Post Office Protocol 3 POP3
64
Ports and Protocols: 137/139
Network Basic Input Output System NetBIOS / NetBIOS over TCPIP NetBT
65
Ports and Protocols: 143
Internet Mail Access Protocol IMAP
66
Ports and Protocols: 161/162
Simple Network Management Protocol SNMP
67
Ports and Protocols: 389
Lightweight Directory Access Protocol LDAP
68
Ports and Protocols: 443
Hypertext Transfer Protocol Secure HTTPS
69
Ports and Protocols: 445
Server Message Block SMB / Common Internet File System CIFS
70
Ports and Protocols: 3389
Remote Desktop Protocol RDP
71
Ports and Protocols: - File Transfer Protocol (FTP)
20 21
72
Ports and Protocols: - Secure Shell (SSH)
22
73
Ports and Protocols: - Telnet
23
74
Ports and Protocols: Simple Mail Transfer Protocol (SMTP)
25
75
Ports and Protocols: Domain Name System (DNS)
53
76
Ports and Protocols: Dynamic Host Configuration Protocol (DHCP)
67 68
77
Ports and Protocols: Hypertext Transfer Protocol (HTTP)
80
78
Ports and Protocols: Post Office Protocol 3 (POP3)
110
79
Ports and Protocols: Network Basic Input/ Output System (NetBIOS)/ NetBIOS over TCP/IP (NetBT)
137 139
80
Ports and Protocols: Internet Mail Access Protocol (IMAP)
143
81
Ports and Protocols: Simple Network Management Protocol (SNMP)
161 162
82
Ports and Protocols: Lightweight Directory Access Protocol (LDAP)
389
83
Ports and Protocols: Hypertext Transfer Protocol Secure (HTTPS)
443
84
Ports and Protocols: Server Message Block (SMB)/Common Internet File System (CIFS)
445
85
Ports and Protocols: Remote Desktop Protocol (RDP)
3389