An loT sensor in an organization generated an emergency alarm indicating a security breach. The servers hosted in an loT layer accepted, stored, and processed the sensor data received from loT gateways and created dashboards for monitoring, analyzing, and implementing proactive decisions to tackle the issue.
Which of the following layers in the loT architecture performed the above activities after receiving an alert from the loT sensor?
Paola, a professional hacker, was hired to break into the target organization's network and extract sensitive data. In this process, Paola found that the target organization has purchased new hardware. She accessed the new hardware while it was in transit and tampered with the hardware to make it vulnerable to attacks.
Identify the class of attack Paola has performed on the target organization.
Stephen, an attacker, decided to gain access to an organization’s server. He identified a user with access to the remote server. He used sniffing programs to gain the user's credentials and captured the authentication tokens transmitted by the user. Then, he transmitted the captured tokens back tothe server to gain unauthorized access.
Identify the technique used by Stephen to gain unauthorized access to the target server.
Jacob, an attacker, targeted container technology to destroy the reputation of an organization. To achieve this, he initially compromised a single container exploiting weak network defaults, overloaded the rest of the containers in the local domain, and restricted them from providing services to legitimate users.
Identify the type of attack initiated by Jacob in the above scenario.
Wesley, a professional hacker, deleted a confidential file in a compromised system using the "/bin/rm/ command to deny access to forensic specialists.
Identify the operating system on which Don has performed the file carving activity.
Mary was surfing the Internet, and she wanted to hide her details and the content she was surfing over the web. She employed a proxy tool that makes his online activity untraceable.
Identify the type of proxy employed by John in the above scenario.
Below are the various steps involved in an email crime investigation.
1.Acquiring the email data
2.Analyzing email headers
3.Examining email messages
4.Recovering deleted email messages
5.Seizing the computer and email accounts
6.Retrieving email headers
What is the correct sequence of steps involved in the investigation of an email crime?
Morris, an attacker, targeted an application server to manipulate its services. He succeeded by employing input validation attacks such as XSS that exploited vulnerabilities present in the programming logic of an application. Identify the web application layer in which Morris has manipulated the programming logic.
Kevin, a security team member, was instructed to share a policy document with the employees. As it was supposed to be shared within the network, he used a simple algorithm to encrypt the document that just rearranges the same characters to produce the ciphertext.
Identify the type of cipher employed by Kevin in the above scenario.
John, from a remote location, was monitoring his bedridden grandfather’s health condition at his home. John has placed a smart wearable ECC on his grandfather's wrist so that he can receive alerts to his mobile phone and can keep a track over his grandfather's health condition periodically.
Which of the following types of loT communication model was demonstrated in the above scenario?
Jay, a network administrator, was monitoring traffic flowing through an IDS. Unexpectedly, he received an event triggered as an alarm, although there is no active attack in progress.
Identify the type of IDS alert Jay has received in the above scenario.
Kalley, a shopping freak, often visits different e commerce websites from her office system. One day, she received a free software on her mail with the claim that it is loaded with new clothing offers. Tempted by this, Kalley downloaded the malicious software onto her system. The software infected Kalley's system and began spreading the infection to other systems connected to the network.
Identify the threat source through which Kalley unintentionally invited the malware into the network?
Jack, a forensic investigator, was appointed to investigate a Windows-based security incident. In this process, he employed an Autopsy tool to recover the deleted files from unallocated space, which helps in gathering potential evidence.
Which of the following functions of Autopsy helped Jack recover the deleted files?
Roxanne is a professional hacker hired by an agency to disrupt the business services of their rival company. Roxanne employed a special type of malware that consumes a server's memory and network bandwidth when triggered. Consequently, the target server is overloaded and stops responding.
Identify the type of malware Roxanne has used in the above scenario.
Sam is working as a loan agent for a financial institution. He frequently receives a number of emails from clients providing their personal details for loan approval. As these emails contain sensitive data. Sam had set up a feature that directly downloads the emails on his device without storing a copy on the mail server.
Which of the following protocols provides the above-discussed email features?
Jacob, a network defender in an organization, was instructed to improve the physical security measures to prevent unauthorized intrusion attempts. In this process, Jacob implemented certain physical security controls by using warning messages and signs that notify legal consequences to discourage hackers from making intrusion attempts.
Which of the following type of physical security controls has Jacob implemented in the above scenario?
James is a professional hacker attempting to gain access to an industrial system through a remote control device. In this process, he used a specially designed radio transceiver device to sniff radio commands and inject arbitrary code into the firmware of the remote controllers to maintain persistence.
Which of the following attacks is performed by James in the above scenario?
Ben, a computer user, applied for a digital certificate. A component of PKI verifies Ben's identity using the credentials provided and passes that request on behalf of Ben to grant the digital certificate.
Which of the following PKI components verified Ben as being legitimate to receive the certificate?
Daniel, a networking specialist, identifies a glitch in a networking tool and fixes it on a priority using a system.
Daniel was authorized to make a copy of computers programs while maintaining or repairing the system.
Which of the following acts was demonstrated in the above scenario?
John, a forensic officer, was working on a criminal case. He employed imaging software to create a copy of data from the suspect device on a storage medium for further investigation. For developing an image of the original data, John used a software application that does not allow an unauthorized user to alter the image content on storage media, thereby retaining an unaltered image copy.
Identify the data acquisition step performed by John in the above scenario.
A system that a cybercriminal was suspected to have used for performing an anti-social activity through the Tor browser. James reviewed the active network connections established using specific ports via Tor.
Which of the following port numbers does Tor use for establishing a connection via Tor nodes?
Wesley, a fitness freak, purchased a new Apple smartwatch and synced it with a mobile app downloaded from an unauthorized third party. At the end of the day, when Wesley attempted to access his fitness report from the app, it generated an unusual report and asked for some unnecessary permissions to view it.
Which of the following mobile risks is demonstrated in the above scenario?
Kalley, a network administrator of an organization, has installed a traffic monitoring system to capture and report suspicious traffic signatures. In this process, she detects traffic containing password cracking, sniffing, and brute-forcing attempts.
Which of the following categories of suspicious traffic signature were identified by Kalley through the installed monitoring system?
Steve, a professional pen tester, was hired by an organization to assess its cybersecurity. The organization provided Steve with details such as network topology documents, asset inventory, and valuation information. This information helped Steve complete the penetration test successfully, and he provided a snapshot of the organization's current security posture.
Identify the penetration testing strategy followed by Steve in the above scenario.
Stephen, a security specialist, was instructed to identify emerging threats on the organization's network. In this process, he employed a computer system on the Internet intended to attract and trap those who attempt unauthorized host system utilization to penetrate the organization's network.
Identify the type of security solution employed by Stephen in the above scenario.
Bob. a security specialist at an organization, extracted the following IIS log from a Windows-based server: “2019-12-12 06:11:41 192.168.0.10 GET /images/content/bg_body_l.jpg - 80 - 192.168.0.27 Mozilla/5.0 (Windows*NT»6.3:*WOW64)*AppleWebKit/537.36*(KHTML.*like»Cecko)*Chrome/48.0.2564.103»Safari/537.36 200 0 0 365"
Identify the element in the above IIS log entry that indicates the request was fulfilled without error.
Mark, an attacker, aims to access an organization's internal server, but the local firewall implementation restricted him from achieving this objective. To overcome this issue, he started sending specially crafted requests to the public server, through which he gained access to the local server.
Identify the type of attack initiated by Mark in the above scenario.
Bruce, a professional hacker, targeted an OT network. He initiated a looping strategy to recover the password of the target system. He started sending one character at a time to check whether the first character entered is correct: If so, he continued the loop for consecutive characters. Using thistechnique. Bruce identified how much time the device takes to finish one complete password authentication process, through which he determined the correct characters in the target password.
Identify the type of attack launched by Bruce on the target OT network.
Sandra, a hacker, targeted Johana, a software professional, to steal her banking details. She started sending frequent, random pop-up messages with malicious links to her social media page. Johana accidentally clicked on a link, causing a malicious program to get installed in her system. Subsequently, when Johana attempted to access her banking website, the URL directed her to a malicious website controlled by Sandra. Johana entered her banking credentials on the fake website, which Sandra then captured.
Identify the type of attack performed by Sandra on Johana.
Bob has secretly installed smart CCTV devices (loT devices) outside his home and wants to access the recorded data from a remote location. These smart CCTV devices send sensed data to an intermediate device that carries out pre-processing of data online before transmitting it to the cloudfor storage and analysis. The analyzed data is then sent to Bob for initiating actions.
Identify the component of loT architecture that collects data from loT devices and performs data preprocessing.