Explain what a SQL injection is.
What is cross-site scripting?
How does buffer overflow work?
What is a MITRE ATT&CK technique?
How does Kerberoasting work?
Explain port scanning with Nmap.
What is privilege escalation?
Describe a DNS spoofing attack.
Explain ARP cache poisoning.
What is a reverse shell?
How does phishing work?
What is ransomware?
Explain a DDoS attack.
What is social engineering?
How does password cracking work?
What is a zero-day vulnerability?
Explain man-in-the-middle attacks.
What is cryptojacking?
Describe a supply chain attack.
How does credential stuffing work?
What is a botnet?
Explain directory traversal.
What is remote code execution?
Describe clickjacking.
How does session hijacking work?
What is a rootkit?
Explain drive-by downloads.
What is file inclusion vulnerability?
Describe an XXE attack.
How does OS command injection work?
What is server-side request forgery?
Explain insecure deserialization.
What is a race condition vulnerability?
Describe integer overflow attacks.
What is a side-channel attack?
Explain timing attacks on cryptography.
What is a waterhole attack?
Describe DNS tunneling.
What is a pivot in network penetration testing?
Explain lateral movement techniques.
What is a web shell?
Describe a brute force attack.
How does WAF bypass work?
What is an evil twin attack?
Explain bluejacking and bluesnarfing.
What is a VLAN hopping attack?
Describe MAC flooding.
How does IP spoofing work?
What is a pass-the-hash attack?
Explain golden ticket attacks in Active Directory.