AP CK CyberSecurity Unit 4

Network intrusion prevention system (NIPS)

Next-generation firewall (NGFW)

Web application firewall (WAF)

Security incident and event management (SIEM)

Anomaly-based detection

Signature-based detection

Baselining detection

Hybrid detection

Phishing

APT

Wiretapping

OSINT

An adversary uses software that tracks all the keys a target presses on their keyboard

An adversary sets up a fake Wi-Fi hotspot to collect login credentials when users connect

An adversary steals a laptop that is left unattended in a coffee shop

An adversary watches a target enter their phone’s passcode

A second hashing algorithm

A token

A key derivation function

A salt

The user’s password has been compromised

The system’s clock has reset on the network

The user logged in during a maintenance window

The user has accessed a restricted area

It places SQL commands into a user-input field in an application with the intent to either return more information than it should or modify the data on the database

It places malicious JavaScript code into a SQL user-input field to steal user session cookies with the intent to use these cookies to gain authentication to the application

It uses the user-input field of the application to bypass user authentication requirements for the application to gain access to the application

It uses a user-input field in an application to send an overwhelming amount of data to the application in hopes to cause a denial of service attack on the application

Buffer overflow

SQL injection

Cross-site scripting

On-path

An adversary uses ARP to monitor a network by capturing and logging ARP traffic

An adversary attempts to modify the ARP table so they receive traffic intended for a target

An adversary uses an ARP request to verify that the target device is active on the local network

An adversary floods the network with ARP requests to gather IP-to-MAC mappings of the devices on the network

DNS poisoning

MAC spoofing

ARP poisoning

MAC flooding