Attacks/Encryptions/Regs CEH 2.5

Attacks/Encryptions/Regs CEH 2.5

Professional Development

6 Qs

quiz-placeholder

Similar activities

Μάρκετινγκ

Μάρκετινγκ

Professional Development

11 Qs

Scratch!

Scratch!

4th Grade - Professional Development

8 Qs

IT Fundamentals

IT Fundamentals

Professional Development

10 Qs

Number System

Number System

Professional Development

10 Qs

PRACTICE  SET FOR INTERMEDIATE 2

PRACTICE SET FOR INTERMEDIATE 2

Professional Development

10 Qs

Snapdragon Academy

Snapdragon Academy

Professional Development

10 Qs

TEST SOP LOGICAL ACCESS

TEST SOP LOGICAL ACCESS

1st Grade - Professional Development

10 Qs

Is Your AWS Cloud Well Architected

Is Your AWS Cloud Well Architected

Professional Development

10 Qs

Attacks/Encryptions/Regs CEH 2.5

Attacks/Encryptions/Regs CEH 2.5

Assessment

Quiz

Computers

Professional Development

Practice Problem

Easy

Created by

Prem Jadhwani

Used 2+ times

FREE Resource

AI

Enhance your content in a minute

Add similar questions
Adjust reading levels
Convert to real-world scenario
Translate activity
More...

6 questions

Show all answers

1.

MATCH QUESTION

3 mins • 1 pt

Match the following attack types.

POODLE Attack

Hacker intercepts communications between a user's web browser and a server and is able to decrypt the information.

DUHK Attack

An attacker making a computer talk to another computer very, very slow to draw out a conversation.

Slowloris Attack

Leverages weaknesses in web servers that accepts deprecated SSL protocols, allowing an attacker to decrypt sensitive information.

DROWN Attack

Targets an LTE network and intercepting information between a mobile device and the network tower.

aLTEr Attack

Attacker gains access to Hard Coded Keys used in a Random Number generator (RNG) and can use them to compromise communications.

2.

MATCH QUESTION

3 mins • 1 pt

Match the following attack types:

Trident

Android application that is known for its use in demonstrating security vulnerabilities rather than for malicious purposes

Padding Oracle Attack

Attacker collects information by sending a deauthentication message that will cause a device to send a reauthentication request to a server.

DroidSheep

A malicious software program that attempts to replicate itself onto other programs.

Agent Smith Attack

an attacker uses a cryptographic attack that exploits information gained from padding errors in an encryption system.

Deauthentication Attack

A vulnerability that allows and attacker to jailbreak an IOS device and install Pegasus Software.

3.

MATCH QUESTION

3 mins • 1 pt

Match the following CVSS Scores.

7.0-8.9

Medium

9.0-10.0

Critical

4.0-6.9

High

0.1-3.9

None

0.0-0.1

Low

4.

MATCH QUESTION

3 mins • 1 pt

Match the following regulations.

PCI DSS

U.S. law that addresses the protection of consumers' personal financial information held by financial institutions. It requires institutions to establish privacy and security programs to safeguard sensitive financial data.

FISMA

a set of security standards designed to ensure the secure handling of credit card information during transactions. It applies to organizations that process, store, or transmit credit card data and aims to prevent data breaches and theft of cardholder information.

GLBA

U.S. federal law enacted to enhance corporate governance and financial reporting transparency. It establishes requirements for financial reporting, internal controls, and the accountability of corporate officers to prevent fraudulent activities.

SOX

U.S. government program that standardizes the security assessment, authorization, and continuous monitoring processes for cloud products and services. It aims to ensure that cloud solutions used by federal agencies meet specific security standards.

FedRAMP

federal law that defines a comprehensive framework to protect government information, operations, and assets. requires Federal agencies to develop and maintain security programs.

Answer explanation

FISMA (Federal Information Security Management Act)

HIPAA (Health Insurance Portability and Accountability Act)

SOX (Sarbanes-Oxley Act)

FedRAMP (Federal Risk and Authorization Management Program)

GLBA (Gramm-Leach-Bliley Act)

PCI DSS (Payment Card Industry Data Security Standard)

5.

CLASSIFICATION QUESTION

3 mins • 1 pt

Match the following encryption types to the correct category.

Groups:

(a) Symmetric (1-Key)

,

(b) Asymmetric (2-Key)

,

(c) Hash

MD5

DSA

RSA

Whirlpool

Diffie Hellman

Blowfish

Serpent

3DES

ECDH

SHA256

ECC

AES

ECDSA

Two Fish

NTLM

Answer explanation

REDD fishES

RSA/DSA/ECC/DH - A

All fish/AES/DES/Serpent/CAST

6.

MATCH QUESTION

3 mins • 1 pt

Match the following attack types.

BlueSnarfing

attacker sends unsolicited messages or business cards to Bluetooth-enabled devices within range, typically appearing as pop-up messages on a device.

BlueBugging

attack that involves unauthorized access to a device's data, such as contacts, calendars, emails, and other stored information.

BlueJacking

exploits vulnerabilities in the Bluetooth protocol to gain control over the targeted device allowing unauthorized monitoring and control features.