CompTIA Security+ Attack Types and Terms!!

Phishing

: In This attack, the attacker sends an email that seems to come from a respected bank or other financial institution, claiming that the recipient needs to provide an account number, Social Security number, or other private information to the sender in order to verify an account

Grey Hat

A Hacker that may sometimes violate laws or act immorally, but doesn't have the same malicious intents as a Black Hat

Injection

A broad field of attacks involving a hacker forcing additional input into a program, which is then processed by a user

SPIM

A form of SPAM that is sent via instant messaging

Black Hat

A hacker that discovers and exposes security flaws for personal gain or malicious intent

White Hat

A hacker that discovers and exposes security flaws with the permission of the manufacturer/company

Dumpster Diving

A human-based attack where the goal is to reclaim important information by inspecting the contents of trash containers

Spear Phishing

A phishing technique when attackers target a specific individual or institution

Trojan

A program disguised as a harmless application (or attached to a harmless program) that carries its own hidden, malicious payload

Worm

A self-propagating computer virus often design to cripple network bandwidth

RAT (Remote Access Trojan)

A specialized trojan that gives the attacker complete control of a system, as if it were a legitimate remote control program

Domain Hijacking

A type of hijacking attack where the attacker steals a domain name by altering its registration information and then transferring the domain name to another entity. Sometimes referred to as brandjacking

Social Engineering

A verbal attack meant to bypass technical security by tricking a target into giving away information

Polymorphic Virus

A virus that constantly changes its signature every time it infects a new file

Zero Day

A vulnerability is one that a malicious user is able to exploit before the vulnerability is publicly known or known to the developers, and before those developers have a chance to issue a fix

Cross-site scripting (XSS) Attack

A web application attack that is directed toward sites with dynamic content. This is done by introducing malicious scripts into a trusted website. Since the website is trusted, the victim's browser grants the script the same permissions as the rest of site, and its malicious code is able to run. XSS attacks are similar to watering hole attacks

Cross-Site Forgery Request (CSFR)

A web application attack that takes advantage of the trust established between an authorized user of a website and the website itself. This type of attack exploits a web browser's trust in a user's unexpired browser cookies

Buffer Overflow

An attack in which data goes past the boundary of the destination buffer and begins to corrupt adjacent memory. This causes an app to crash or reboot, and may execute rogue code on a system or result in loss of data

Threat Actor

An entity that is partially or wholly responsible for an incident that affects (or has potential to affect) and organization's security

Rootkit

Code intended to take control of a system at the lowest levels. These forms of malware often install back doors and other malicious code

Brute Force

In this attack, the attacker tries to enter a succession of passwords, using the same interface as the target user application. This type of attack is susceptible to security settings that limit the number of failed password attempts allowed by an application or an operating system

SNMP Attack

MFPs (MultiFunction Printer)have backdoor administrator access. Attackers can access through a default password by SNMP (simple network management protocol), since it is stored in the SNMP variable from where anyone can access if they know location of variable or address of the MFP. Structure of the network can be obtained through just sniffing the SNMP traffic.

Piggy Backing

Similar to tailgating, this is a situation where the attacker enters a secure area with an employee's permission

Session Hijacking

The attacker exploits a legitimate computer session to obtain unauthorized access to an organization's network or services. One such exploit involves stealing an active session cookie that is used to authenticate a user to a remote server and then using that cookie to control the session thereafter

Clickjacking

The attacker hides links under other web page elements so that victims will unintentionally select the hidden links

URL hijacking (Typo Squatting)

The attacker registers domain names that closely resemble the names of legitimate websites, to take advantage of the possibility of the domain name being mistyped into a browser

Dictionary attack

This attack type automates password guessing by comparing passwords against a predetermined list of possible password values, like words in a dictionary

Birthday Attack

This attack type exploits weaknesses in the mathematical algorithms used to generate hashes. This type of attack takes advantage of the probability of different inputs producing the same encrypted outputs, given a large enough set of inputs. It is named after the surprising statistical fact that there is a 50 percent chance that two people in a group of 23 will share a birthday

Tailgating

This is a human-based attack where the attacker enters a secure area by following a legitimate employee without the employee's knowledge or permission

Shoulder Surfing

This is an attack where the goal is to look over the shoulder of an individual as he or she enters password information or a PIN

Grey Box Testing

This refers to a situation where the tester has partial knowledge of internal architectures and systems, or other preliminary information about the system being tested. This type of test requires partial reconnaissance on the part of the tester. These tests are useful for simulating the behavior of an unprivileged insider threat

Black Box Test

This refers to a situation where the tester is given no specific information about the structure of the system being tested. The tester may know what a system does, but not how it does it. This type of test would require the tester to perform the reconnaissance phase

White Box Testing

This refers to a situation where the tester knows about all aspects of the system and understands the function and design of the system before the test is conducted. This type of test is sometimes conducted as a follow-up

SPAM

Unsolicited emails that carry unwarranted advertisements, malware or viruses

Penetration testing ("Pen testing")

Uses active tools and security utilities to evaluate security by simulating an attack on a system. This test will verify that a threat exists, then will actively test and bypass security controls. If authorized, it will also exploit vulnerabilities on the system

Bluesnarfing

a method in which attackers gain access to unauthorized information on a wireless device using a Bluetooth connection within the 328-foot Bluetooth transmission limit

Bluejacking

a method used by attackers to send out unwanted Bluetooth signals from smartphones, mobile phones, tablets, and laptops to other Bluetooth-enabled devices

Amplification

a network-based attack where the attacker dramatically increases the bandwidth sent to a victim during a DDoS attack

Pass the Hash Attack

a network-based attack where the attacker steals hashed user credentials and uses them as-is to try to authenticate to the same network the hashed credentials originated on. By resending hashed credentials, the attacker does not need to expend any effort in cracking any passwords. Normally directed at Windows-based systems, pass the hash attacks take advantage of the use of single sign-on (SSO) in authentication protocols such as NTLM and Kerberos

Botnet

a set of computers that has been infected by a control program called a bot that enables attackers to collectively exploit those computers to mount attacks.

Rainbow Table Attack

a type of hacking wherein the perpetrator tries to use a rainbow hash table to crack the passwords stored in a database system

Disassociation Attack

a type of wireless attack where an attacker sends a spoofed disassociation frame to the target device, so that the frame appears to originate from the WAP. This causes the target device to attempt to re-associate with the WAP. By continuing to send the disassociation frames, the attacker can cause a DoS

Rogue AP

a wireless access point that has been installed on a secure network without explicit authorization from a local network administrator

ARP Poisoning Attack

also known as ARP spoofing, occurs when an attacker with access to the target network redirects an IP address to the MAC address of a computer that is not the intended recipient

Evil Twin

an access point on a wireless network that fools users into believing it is legitimate

Jamming

an attack in which radio waves disrupt 802.11 wireless signals

WPS Attack

an attack that applies a type of brute force attack in conjunction with the wireless protected setup feature of most routers

NFC Attack

an attack that exploits the NFC technology by utilizing specifically configured antennas to steal data

RFID Attack

an exploit that takes advantage of the RFID technologies ability to transfer data between a transmitter and receiver

Packet Sniffing

can be used as an attack on wireless networks where an attacker uses a protocol analyzer to capture data and register data flows, ultimately allowing the attacker to analyze the data contained within the captured packet

Mac Spoofing

changes the factory-assigned MAC address of a network interface on a networked device

Man-in-the-Browser

combines a man-in-the-middle attack with the use of a Trojan horse to intercept and modify web transactions in real time. In this type of attack, the attacker embeds a Trojan horse that modifies the victim's web browser by adding extensions or scripts to gather personal information or to prompt for the creation of a token-based password or transaction PIN

OSINT (Open-Source Intelligence)

information that is legally collected from publicly available origins

MITM (Man-in-the-Middle)

is a form of eavesdropping where the attacker makes an independent connection between two victims (two clients or a client and a server) and relays information between the two victims as if they are directly talking to each other over a closed connection, when in reality the attacker is controlling the information that travels between the two victims

Whaling

is a form of spear phishing that targets individuals or organizations that are known to possess a good deal of wealth

Impersonation

is a human-based attack where an attacker pretends to be someone they are not. A common scenario is when the attacker calls an employee and pretends to be calling from the help desk.

Vishing

is a human-based attack where the goal is to extract personal, financial, or confidential information from the victim by using services such as the telephone system and IP-based voice messaging services as the communication medium. This is also called voice phishing

DNS Poisoning

is a network-based attack where an attacker exploits the traditionally open nature of the DNS system to redirect a domain name to an IP address of the attacker's choosing. Also called DNS spoofing

Driver Manipulation

is a software attack where the attacker rewrites or replaces the legitimate device driver or application programming interface (API) to enable malicious activity to be performed.

Slashdot Effect

is a sudden, temporary surge in traffic to a website that occurs when another website or other source posts a story that refers visitors to the victim website. This effect is more noticeable on smaller websites, and the increase in traffic can slow a website's response times or make it impossible to reach altogether

IP Spoofing

is a technique used to gain unauthorized access to machines, whereby an attacker illicitly impersonates another machine by manipulating IP packets

DDoS

is a type of DoS attack that uses multiple computers on disparate networks to launch the attack from many simultaneous sources. The attacker introduces unauthorized software that turns the computer into a zombie/drone that directs the computers to launch the attack

DoS

is a type of network attack in which an attacker attempts to disrupt or disable systems that provide network services by various means, including: • Flooding a network link with data to consume all available bandwidth. • Sending data designed to exploit known flaws in an application. • Sending multiple service requests to consume a system's resources. • Flooding a user's email inbox with spam messages, causing the genuine messages to get bounced back to the sender

Directory traversal

is an attack that allows access to commands, files, and directories that may or may not be connected to the web document root directory. It usually affects the Hypertext Transfer Protocol (HTTP)-based interface.

SQL injection

is an attack that injects a Structured Query Language (SQL) query into the input data intended for the server by accessing the client side of the application.

LDAP injection

is an attack that targets web-based applications by fabricating Lightweight Directory Access Protocol (LDAP) statements that typically are created from user input. A system is vulnerable to this attack when the application fails to filter user input properly

Cookie manipulation

is an attack where an attacker injects a meta tag in an HTTP header,making it possible to modify a cookie stored in a browser.

Hoax

is an email-based, IM-based, or web-based attack that is intended to trick the user into performing unnecessary or undesired actions, such as deleting important system files in an attempt to remove a virus. It could also be a scam to convince users to give up important information or money for an interesting offer

Vulnerability scanning

is an inspection of the potential points of exploit on a computer or network to identify security holes. This detects and classifies system weaknesses in computers, networks and communications equipment and predicts the effectiveness of countermeasures

Watering Hole Attack

is when the attacker targets specific groups or organizations, discovers which websites they frequent, and injects malicious code into those sites

Downgrade Attack

the attacker exploits the need for backward compatibility to force a computer system to abandon the use of encrypted messages in favor of plaintext messages.

Replay Attack

the attacker intercepts session keys or authentication traffic and uses them later to authenticate and gain access

Privilege Escalation Attack

the practice of exploiting flaws in an operating system or other application to gain a greater level of access than was intended for the user or application