Skip to Content
Introducing new Paper mode
No student devices needed. Know more
15 questions
Show Answers
See Preview
- 1. Multiple-choice30 seconds1 ptWhat is the ARP protocol?A communication protocol mapping IP addresses to MAC addressesA network-layer protocol, defining how data is exchanged between network components on the network layerA cryptographic protocol designed to provide communications security over a computer networkA network protocol for operating network services securely over an unsecured network
- 2. Multiple-choice30 seconds1 ptWhat is a PLC (SPS)?A multi-purpose computer operated by an end userThe processing unit of a computerAn industrial computer control system, e.g. for controlling sensorsThe core of a computer's operating system
- 3. Multiple-choice30 seconds1 ptWhat is an ICS?The digital representation of a physical assetA user interface for interaction with physical maschinesAn industrial sensorA virtually connected physical system
- 4. Multiple-choice30 seconds1 ptWhat is the purpose of a SIEM system?Correlarting secruity-relevant data from across the entire network to detect incidentsReporting the status of the current tasks of the cybersecurity teamControlling incoming and outgoing network traffic based on predetermined security rulesPerforming integrated management of main business processes
- 5. Multiple-choice30 seconds1 ptWhat is a SIEM event?An attack identified by the SIEM systemA seucrity-related log, transmitted to a SIEM systemA conference for SIEM expertsA potentially manipulated file, identified by the SIEM system
- 6. Multiple-choice30 seconds1 ptWhat is the difference between a SIEM system and an IDS?A SIEM is the technical component of an IDSA SIEM correlates security-related log data from various sources an IDS monitors a network for suspicious activitiesThere is no differenceA SIEM operates on a network, an IDS on an application layer
- 7. Multiple-choice30 seconds1 ptWhat is Incident Response mainly concerned with?Reacting to security incidents in a coherent and repeatable mannerSecure SW developmentImplementing security controls such as anti malware software or access controlManagment of security risks and policies
- 8. Multiple-choice30 seconds1 ptWhat is the first step of incident response?AnalysisInvestigationReponsePreparation
- 9. Multiple-choice30 seconds1 ptWhat is an incident response playbook?A standard for incident categorizationA software for incident managementA list of actions how to react to a specific kind of incidentA database for cyber threat intelligence
- 10. Multiple-choice30 seconds1 ptWhat is a Man In The Middle (MiTM) Attack?Intercepting the network traffic between to partiesExhausting the system resources of a serverPhising for passwords via malicous emailA malware attack targeting middleware
- 11. Multiple-choice30 seconds1 ptEffect of a MitM Attack on an industrial system?Escalation of priviledge on an HMIInability of the ICS to read the sensor values, resulting in an interruption of the physical processReplication of malware code on other devices in the networkTemporary inaccessibility of the ICS because it is flooded with requests
- 12. Multiple-choice30 seconds1 ptHow does ARP spoofing work?Changing a factory-assigned IP address of a network interfacePoisoning the DNS cache of a clientReplacing the IP address of a network packetLinking the attacker’s MAC address with the IP of the victim
- 13. Multiple-choice30 seconds1 ptHow can you identify the attacking host during an ARP-based MiTM Attack?Identifying which MAC address is falsely assigned to another network hostIdentifying the network host which sends an unusual high amount of requestsIdentifying the network host openining a VPN connectionIdentifying who modified the file /etc/shadow
- 14. Multiple-choice30 seconds1 ptHow can you make an arp cache staticvi /etc/sysconfig/networkarp -a <MAC1> <MAC2>arp -s <IP> <MAC>more /etc/hosts --static
- 15. Multiple-choice30 seconds1 ptHow can you take down the interface of a network device?ifconfig <INTERFACE>ip link set dev <INTERFACE> downservice network stopip route list <INTERFACE>
