- (Topic 1)
What is a ??Collision attack?? in cryptography?

1. A. Collision attacks try to get the public key
2. B. Collision attacks try to break the hash into three parts to get the plaintext value
3. C. Collision attacks try to break the hash into two parts, with the same bytes in each part to get the private key
4. D. Collision attacks try to find two inputs producing the same hash

Correct Answer: D

- (Topic 3)
Sarah, a system administrator, was alerted of potential malicious activity on the network of her company. She discovered a malicious program spread through the instant messenger application used by her team. The attacker had obtained access to one of her teammate's messenger accounts and started sending files across the contact list. Which best describes the attack scenario and what measure could have prevented it?

1. A. Instant Messenger Applications; verifying the sender's identity before opening any files
2. B. Insecure Patch Management; updating application software regularly
3. C. Rogue/Decoy Applications; ensuring software is labeled as TRUSTED
4. D. Portable Hardware Media/Removable Devices; disabling Autorun functionality

Correct Answer: A
The attack scenario is best described as Instant Messenger Applications, and the measure that could have prevented it is verifying the sender??s identity before opening any files. Instant Messenger Applications are communication tools that allow users to exchange text, voice, video, and file messages in real time. However, they can also be used as attack vectors for spreading malware, such as viruses, worms, or Trojans, by exploiting the trust and familiarity between the users. In this scenario, the attacker compromised one of the team member??s messenger account and used it to send malicious files to the other team members, who may have opened them without suspicion, thus infecting their systems. This type of attack is also known as an instant messaging worm12. To prevent this type of attack, the users should verify the sender??s identity before opening any files sent through instant messenger applications. This can be done by checking the sender??s profile, asking for confirmation, or using a secure channel. Additionally, the users should also follow other security tips, such as using strong passwords, updating the application software, scanning the files with antivirus software, and reporting any suspicious activity34. References:
✑ 1: Instant Messaging Worm - Techopedia
✑ 2: Cybersecurity??s Silent Foe: A Comprehensive Guide to Computer Worms | Silent Quadrant
✑ 3: Instant Messenger Hacks: 10 Security Tips to Protect Yourself - MUO
✑ 4: Increased phishing attacks on instant messaging platforms: how to prevent them | Think Digital Partners

- (Topic 1)
Susan has attached to her company's network. She has managed to synchronize her boss's sessions with that of the file server. She then intercepted his traffic destined for the server, changed it the way she wanted to and then placed it on the server in his home directory.
What kind of attack is Susan carrying on?

1. A. A sniffing attack
2. B. A spoofing attack
3. C. A man in the middle attack
4. D. A denial of service attack

Correct Answer: C

- (Topic 3)
An unauthorized individual enters a building following an employee through the employee entrance after the lunch rush. What type of breach has the individual just performed?

1. A. Reverse Social Engineering
2. B. Tailgating
3. C. Piggybacking
4. D. Announced

Correct Answer: B
· Identifying operating systems, services, protocols and devices,
· Collecting unencrypted information about usernames and passwords,
· Capturing network traffic for further analysis
are passive network sniffing methods since with the help of them we only receive information and do not make any changes to the target network. When modifying and replaying the captured network traffic, we are already starting to make changes and actively interact with it.

- (Topic 3)
A security analyst is preparing to analyze a potentially malicious program believed to have infiltrated an organization's network. To ensure the safety and integrity of the production environment, the analyst decided to use a sheep dip computer for the analysis. Before initiating the analysis, what key step should the analyst take?

1. A. Run the potentially malicious program on the sheep dip computer to determine its behavior
2. B. Store the potentially malicious program on an external medium, such as a CD-ROM
3. C. Connect the sheep dip computer to the organization's internal network
4. D. install the potentially malicious program on the sheep dip computer

Correct Answer: B
A sheep dip computer is a dedicated device that is used to test inbound files or physical media for viruses, malware, or other harmful content, before they are allowed to be used with other computers. The term sheep dip comes from a method of preventing the spread of parasites in a flock of sheep by dipping the new animals that farmers are adding to the flock in a trough of pesticide. A sheep dip computer is isolated from the organization??s network and has port monitors, file monitors, network monitors, and antivirus software installed. Before initiating the analysis of a potentially malicious program, the analyst should store the program on an external medium, such as a CD-ROM, and then insert it into the sheep dip computer. This way, the analyst can prevent the program from infecting other devices or spreading over the network, and can safely analyze its behavior and characteristics.
The other options are not correct steps to take before initiating the analysis. Running the potentially malicious program on the sheep dip computer may cause irreversible damage to the device or compromise its security. Connecting the sheep dip computer to the organization??s internal network may expose the network to the risk of infection or attack. Installing the potentially malicious program on the sheep dip computer may not be possible or advisable, as the program may require certain dependencies or permissions that the sheep dip computer does not have or allow. References:
✑ Sheep dip (computing)
✑ What Does ??Sheep Dip?? Mean in Cyber Security?
✑ Malware Analysis
✑ What is a Sheepdip?