solving the us cyber challenge: cyber quest skyler onken senior, brigham young university – idaho...
TRANSCRIPT
![Page 1: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/1.jpg)
Solving the US Cyber Challenge: Cyber Quest
Skyler OnkenSenior, Brigham Young University – IdahoOnPoint Development Group LLCCEH, Security+, ECSA, CISSP (Associate)
Twitter: @skyleronkenBlog: http://securityreliks.securegossip.com
![Page 2: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/2.jpg)
End State
A) Technical knowledgeB) Better understand the skill level
expected of new security professionals
![Page 3: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/3.jpg)
What is the USCC?
•Government & Corporate•Improve the industry•Identify promising individuals•Assess the education of security students•Varying security related competitions•SANS Training Events (Regional and
State)
![Page 4: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/4.jpg)
March 2011 Cyber Quest
•15 Trivia•15 Practical
▫Vulnerable Web Application
![Page 5: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/5.jpg)
April 2011 Cyber Quest
•10 Trivia•20 Practical
▫PCAP file
![Page 6: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/6.jpg)
The Questions
![Page 7: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/7.jpg)
Trivia Question - #1
•Which DNS record type will request a copy of an entire DNS zone?a. ZONEb. AXFRc. Ad. PTR
![Page 8: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/8.jpg)
Trivia Question - #2
•Which protocol does the “ping” utility use to test network connectivity between two hosts?a. UDPb. TCPc. IPd. ICMP
![Page 9: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/9.jpg)
Trivia Question - #3
•Which HTTP header field identifies the web browser being used by the client?a. Hostb. Serverc. Browserd. User-Agent
![Page 10: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/10.jpg)
Trivia Question - #4
•Which protocol do computers use to exchange information about their MAC addresses to other computers on the same subnet?a. DNSb. DHCPc. ARPd. RSVP
![Page 11: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/11.jpg)
Trivia Question - #5•Before the SPF DNS record type was
created to address e-mail spam, which DNS record type did Sender Policy Framework utilize?a. MXb. TXTc. SRVd. PTR
example.com. IN TXT "v=spf1 +mx a:colo.example.com/28 -all”example.com. IN SPF "v=spf1 +mx a:colo.example.com/28 -all"
![Page 12: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/12.jpg)
Trivia Question - #6
•Which of the following represents the correct sequence of TCP packets to complete the 3-way handshakea. SYN, SYN-ACK, ACKb. SYN, ACK, SYN-ACKc. FIN, FIN-ACK, ACKd. SYN, FIN, ACK
![Page 13: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/13.jpg)
Trivia Question - #7
•Which of the following represents a valid path to a file share using SMB/CIFS on a Windows systema. \\SERVERNAME\SHARENAMEb. smb.servername.com/sharenamec. \\SHARENAME.SERVERNAME\d. C:\SERVERNAME\SHARENAME
![Page 14: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/14.jpg)
Trivia Question - #8
•Which HTTP status code indicates that authentication is required?a. 400b. 401c. 500d. 200
![Page 15: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/15.jpg)
Trivia Question - #9
•When a TCP port is closed, what type of packet will typically be sent in response to an incoming packet?a. TCP RST packetb. ICMP Port Unreachable packetc. TCP CLD packetd. TCP SYN-ACK packet
![Page 16: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/16.jpg)
Trivia Question - #10
•Which HTTP method is most commonly used when submitting sensitive data to a web application?a. POSTb. TRACEc. SECUREd. GET
![Page 17: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/17.jpg)
Practical Question - #11•The DNS name
“wireless.pseudovision.net” is actually a canonical alias (CNAME record). What DNS name does it point to?a. blog.pseudovision.netb. server1.pseudovision.netc. server2.pseudovision.netd. wireless.target.tgt
![Page 18: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/18.jpg)
Practical Question - #12•Which password did the user at
10.10.10.4 use to connect to 10.10.10.1 using Telnet?a. gobblerb. contaminatedc. C007P@33d. admin
![Page 19: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/19.jpg)
Practical Question - #13
•Which operating system is running on 10.10.10.2?a. Fedora Linuxb. Windows XPc. Windows 7d. CentOS Linux
![Page 20: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/20.jpg)
Practical Question - #14•The web page that the user at 10.10.10.3
visited required a username and password. What was the password that the user supplied?a. trashb. adminc. treasured. str0ng!pwsonken@bt:~# echo -n "YWRtaW46c3RyMG5nIXB3" |
base64 -dadmin:str0ng!pw
![Page 21: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/21.jpg)
Practical Question - #15
•A web page that the user at 10.10.10.4 visited required a username and password. What was the password that the user supplied?a. beautifulb. beethoven29c. camera101d. yuri
![Page 22: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/22.jpg)
Practical Question - #16
•Prior to the session recorded in the supplied PCAP file, when was the last time the user at 10.10.10.4 connected to 10.10.10.1 via Telnet?a. Monday, March 7thb. Wednesday, March 30thc. Friday, March 11thd. Tuesday, April 5th
![Page 23: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/23.jpg)
Practical Question - #17
•Which of the following TCP ports is closed on 10.10.10.1?a. 80b. 445c. 22d. 23
![Page 24: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/24.jpg)
Practical Question - #18
•What are the contents of the payload included in a specially crafted ICMP packet found in the capture file?a. abcdefghijklmnopqrstuvwxyzb. Words taste like peaches.c. Save the cheerleader, save the world!d. !"#$%&'()*+,-./01234567
![Page 25: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/25.jpg)
Practical Question - #19
•According to DNS records, what is the IP address of the server “sales.target.tgt”?a. 10.10.10.7b. 10.10.10.1c. 10.10.10.40d. 10.10.10.12
![Page 26: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/26.jpg)
Practical Question - #20
•The web page that the user at 10.10.10.4 visited has a picture of a bridge. Which bridge is it?a. Tower Bridgeb. Golden Gate Bridgec. Zakim Bridged. Verrazano-Narrows Bridge
![Page 27: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/27.jpg)
Practical Question - #21
•What is the OUI of the MAC address for the computer at 10.10.10.78?a. 00:05:69b. 00:0C:29c. 9A:92:A2d. 00:0C:29:9A:92:A2
![Page 28: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/28.jpg)
Practical Question - #22
•What is the name of the file share that the user at 10.10.10.3 connected to?a. BUYMOREb. CASTLEc. FILESHAREd. HERDFILES
![Page 29: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/29.jpg)
Practical Question - #23•Which of the following commands was
used to generate the ping packet from 10.10.10.4?a. C:\> ping 10.10.10.3b. C:\> ping –n 1 10.10.10.2c. $ ping –c 1 10.10.10.3d. $ ping –t 1 10.10.10.2
![Page 30: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/30.jpg)
Practical Question - #24
•How long should a client resolver cache the IP address associated with the name “blog.pseudovision.net”?a. 1 Hourb. 15,180 millisecondsc. 64 minutesd. 86,400 seconds
![Page 31: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/31.jpg)
Practical Question - #25
•According to the Sender Policy Framework, which IP address is allowed to send e-mail on behalf of the “target.tgt” domain?a. 10.10.10.40b. 10.10.10.1c. 10.10.10.20d. 10.10.10.8
![Page 32: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/32.jpg)
Practical Question - #26•Which web browser is the user at
10.10.10.3 using?a. Safarib. Internet Explorerc. Google Chromed. Firefox
![Page 33: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/33.jpg)
Practical Question - #27
•Which operating system is running on 10.10.10.3?a. Fedora Linuxb. Windows 7c. Windows XPd. CentOS Linux
![Page 34: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/34.jpg)
Practical Question - #28
•Which version of the web server software is running on 10.10.10.2?a. 2.0.52b. 2.2.17c. 1.3.42d. 2.0.63
![Page 35: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/35.jpg)
Practical Question - #29•Which computer used an ARP probe to
make sure that the IP address was not already in use?a. 10.10.10.1b. 10.10.10.3c. 10.10.10.2d. 10.10.10.4
![Page 36: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/36.jpg)
Practical Question - #30•What is the hostname of the system
running on 10.10.10.3?a. BUYMOREb. AWESOMEc. ORIONd. JEFFSTER
![Page 37: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/37.jpg)
Outcomes
•~800 Took the exam•Top 300* Went to Cyber Camp•Some with scores as low as 25 attended**•Ages 18-50’s•Students and Professionals•Various backgrounds
▫ Pen Testers▫ Incident Handlers▫ Forensic Investigators▫ Network/Firewall Admins
*: Some chose not to attend, so slots were then offered to others**: Based upon my personal conversations with participants
![Page 38: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/38.jpg)
The Gap Between Education and Employment
Educational Institutions
Industry
Personal Endeavors
4 Years 2-5 Years6 Months – 10
Years
![Page 39: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/39.jpg)
Working Models
•Try Outs/Competitions•Development Programs•Training For Service•Internship Recruitment
![Page 40: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/40.jpg)
Possible Solutions
Educational Institutions
Industry
Development Programs
Training For
Service
Try Outs
3 Years
1-3 Years 0-2 Years
Internships
3 Years
1
![Page 41: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/41.jpg)
Other Conclusions
•I am not a $ cruncher•Nurture vs. Nature•Don’t rely upon educational institutes•Don’t rely upon other companies or
certifications to develop your professional•Quality of professional will save you $ in
the long run
![Page 42: Solving the US Cyber Challenge: Cyber Quest Skyler Onken Senior, Brigham Young University – Idaho OnPoint Development Group LLC CEH, Security+, ECSA, CISSP](https://reader038.vdocuments.site/reader038/viewer/2022102818/56649ca45503460f949654b8/html5/thumbnails/42.jpg)
Questions?