- (Topic 3)
Kate dropped her phone and subsequently encountered an issue with the phone's internal speaker. Thus, she is using the phone's loudspeaker for phone calls and other activities. Bob, an attacker, takes advantage of this vulnerability and secretly exploits the hardware of Kate's phone so that he can monitor the loudspeaker's output from data sources such as voice assistants, multimedia messages, and audio files by using a malicious app to breach speech privacy. What is the type of attack Bob performed on Kate in the above scenario?

1. A. Man-in-the-disk attack
2. B. aLTEr attack
3. C. SIM card attack
4. D. Spearphone attack

Correct Answer: D

- (Topic 3)
You have compromised a server and successfully gained a root access. You want to pivot and pass traffic undetected over the network and evade any possible Intrusion Detection System. What is the best approach?

1. A. Use Alternate Data Streams to hide the outgoing packets from this server.
2. B. Use HTTP so that all traffic can be routed vis a browser, thus evading the internalIntrusion Detection Systems.
3. C. Install Cryptcat and encrypt outgoing packets from this server.
4. D. Install and use Telnet to encrypt all outgoing traffic from this server.

Correct Answer: C
https://linuxsecurityblog.com/2018/12/23/create-a-backdoor-with-cryptcat/ Cryptcat enables us to communicate between two systems and encrypts the
communication between them with twofish, one of many excellent encryption algorithms from Bruce Schneier et al. Twofish??s encryption is on par with AES encryption, making it nearly bulletproof. In this way, the IDS can??t detect the malicious behavior taking place even when its traveling across normal HTTP ports like 80 and 443.

- (Topic 3)
As part of a college project, you have set up a web server for hosting your team's application. Given your interest in cybersecurity, you have taken the lead in securing the server. You are aware that hackers often attempt to exploit server misconfigurations. Which of the following actions would best protect your web server from potential misconfiguration- based attacks?

1. A. Performing regular server configuration audits
2. B. Enabling multi-factor authentication for users
3. C. Implementing a firewall to filter traffic
4. D. Regularly backing up server data

Correct Answer: A
The action that would best protect your web server from potential misconfiguration-based attacks is performing regular server configuration audits. A server configuration audit is a process of reviewing and verifying the security settings and parameters of the server, such as user accounts, permissions, services, ports, protocols, files, directories, logs, and patches. A server configuration audit can help you to identify and fix any security misconfigurations that may expose your server to attacks, such as using default credentials, enabling unnecessary services, leaving open ports, or missing
security updates. A server configuration audit can also help you to comply with the security standards and best practices for your server, such as the CIS Benchmarks or the OWASP Secure Configuration Guide12.
The other options are not as effective as option A for the following reasons:
✑ B. Enabling multi-factor authentication for users: This option is not relevant because it does not address the server misconfiguration issue, but the user authentication issue. Multi-factor authentication is a method of verifying the identity of the users by requiring them to provide two or more pieces of evidence, such as a password, a code, or a biometric factor. Multi-factor authentication can enhance the security of the user accounts and prevent unauthorized access, but it does not prevent the server from being attacked due to misconfigured settings or parameters3.
✑ C. Implementing a firewall to filter traffic: This option is not sufficient because it does not prevent the server from being misconfigured, but only limits the exposure of the server to the network. A firewall is a device or software that monitors and controls the incoming and outgoing network traffic based on predefined rules. A firewall can protect the server from external attacks by blocking or allowing certain ports, protocols, or IP addresses. However, a firewall cannot protect the server from internal attacks or from attacks that exploit the allowed traffic. Moreover, a firewall itself can be misconfigured and cause security issues4.
✑ D. Regularly backing up server data: This option is not preventive but reactive, as it does not protect the server from being attacked, but only helps to recover the data in case of an attack. Backing up server data is a process of creating and storing copies of the data on the server, such as files, databases, or configurations. Backing up server data can help you to restore the data in case of data loss, corruption, or deletion due to an attack. However, backing up server data does not prevent the server from being attacked in the first place, and it does not fix the security misconfigurations that may have caused the attack5.
References:
✑ 1: Server Configuration Audit - an overview | ScienceDirect Topics
✑ 2: Secure Configuration Guide - OWASP Foundation
✑ 3: Multi-factor authentication - Wikipedia
✑ 4: Firewall (computing) - Wikipedia
✑ 5: Backup - Wikipedia

- (Topic 3)
This type of injection attack does not show any error message. It is difficult to exploit as it returns information when the application is given SQL payloads that elicit a true or false response from the server. By observing the response, an attacker can extract sensitive information. What type of attack is this?

1. A. Time-based SQL injection
2. B. Union SQL injection
3. C. Error-based SQL injection
4. D. Blind SQL injection

Correct Answer: D

- (Topic 1)
Which of the following tools can be used to perform a zone transfer?

1. A. NSLookup
2. B. Finger
3. C. Dig
4. D. Sam Spade
5. E. Host
6. F. Netcat
7. G. Neotrace

Correct Answer: ACDE