Module 3

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Script Kiddie

A person with little or no skill who simply follows directions to carry out an attack without fully understanding the meaning of the steps performed

Whaling

A phishing attack that targets executive users or wealthy individuals.

Packet sniffer

A software application that uses a hardware adapter card in promiscuous mode to capture all network packets sent across a network segment.

Protocol analyzer

A software program that enables a computer to monitor and capture network traffic.

Vulnerability scanner

A software tool that collects information about any known weaknesses that exist on a target computer or network.

Port scanner

A tool used to scan IP host devices for open ports that have been enabled.

Spoofing

A type of attack in which one person, program, or computer disguises itself as another person, program, or computer to gain access to some resource.

Rootkit

A type of malware that modifies or replaces one or more existing programs to hide the fact that a computer has been compromised.

Data infector

A type of virus that attacks document files containing embedded macro programming capabilities

File infector

A type of virus that primarily infects executable programs

System infector

A type of virus that targets key hardware and system software components in a computer, and is usually associated with system startup processes.

Bluesnarfing

Accessing a Bluetooth-enabled device with the intention of stealing data

True

An alteration threat violates information integrity.

Exploit software

An application incorporating known software vulnerabilities, data, and scripted commands to "exploit" a weakness in a computer system or IP host device.

Masquerade attack

An attack in which one user or computer pretends to be another user or computer.

Pharming

An attack that seeks to obtain personal or private financial information through domain spoofing.

Distributed Denial of service (DDoS)

An attack that uses ping or ICMP echo-request echo-replay messages to bring down the availability of a server or system. Usually initiates from more than one host device.

Urgency

An attacker attempting to break into a facility pulls the fire alarm to distract the security guard manning an entry point. Which type of social engineering attack is the attacker using?

Bot-herder

An attacker who controls a botnet.

White-hat hacker

An information security or network professional who uses various penetration test tools to uncover or fix vulnerabilities. Also called an ethical hacker.

Backdoor

An undocumented and often unauthorized access method to a computer resource that bypasses normal access controls.

Security breach

Any event that results in a violation of any of the C-I-A security tenets

Transitive access

Attacking the desired target system or service indirectly by first compromising a system trusted by the target.

Application attacks

Attacks, usually in the form of intrusive penetration tests, directed at public-facing web servers, applications, and back-end databases.

Nmap

Brian would like to conduct a port scan against his systems to determine how they look from an attacker's viewpoint. What tool can he use for this purpose?

intrusive penetration testing

The testing that a hacker performs to break into a computer system or IP host device; intrusive testing generates malicious network traffic.

Threat

Which term describes an action that can damage or compromise an asset?

Smurfing

a DoS attack that uses a directed broadcast to create a flood of network traffic for the victim computer.

hacker

a computer expert who explores computing environments to gain knowledge

Birthday attack

a cryptographic attack on hash collisions (different text with same key) so named after the surprisingly high probability of any two classroom students sharing a birthday

DNS poisoning

a form of exploitation in which the data on a DNS server are falsified so subsequent responses to DNS resolution queries are incorrect. Can wage man-in-the-middle attackts

Honeynet

a group of honeypots made to simulate a real live network, but isolated from it

Honeypot

a host or service deployed at the edge of a network to act as bait for potential hacking attacks

War driving

a method discovering wireless networks by moving around a geographic area with a detection device

Zero-day

a new and previously unknown attack for which there are no current specific defenses.

Logic Bomb

a piece of code designed to cause harm, intentionally inserted into a software system to be activated by a predetermined trigger

firewall

a program or dedicated hardware device that inspects network traffic passing through it and denies or permits that traffic based on a set of rules you determine at configuration.

Scarcity

a social engineering attack that relies on the victim's feeling that there might be a shortage of something or some form of access to pressure him into divulging information

Operating system (OS) fingerprint scanner

a software program designed to distinguish operating systems based on small variations in TCP/UDP packet replies

Adware

a software program that collects information about Internet usage and uses it to present targeted advertisements to users

password cracker

a software program that performs one of two functions: brute-force password attack to gain unauthorized access to a system or recovery of passwords stored in a computer system

Cryptolocker

a specific form of ransomware that encrypts critical files or data until the victim pays a ransom to obtain the decryption keys.

SYN-ACK

a specific network TCP message used to respond to (ACK) a request to establish a network connection (SYN)

Cookie

a text file sent from a website to a web browser to store for later use

replay attack

a type of attack in which a hacker uses a network sniffer to capture network traffic and then retransmits that traffic back on to the network at a later time. Focuses on authentication traffic in hopes that restransmitting the same packets will grant the hacker access

Social engineering

a type of attack that relies on persuading a person to reveal information

Phishing

a type of fraud in which an attacker attempts to trick the victim into providing private information

Polymorphic virus

a type of malware that includes a separate encryption engine that stores the virus body in encrypted format while duplicating the main body of the virus

familiarity

a type of social engineering attack that relies on constant and frequent interaction with individuals to create a comfort with an individual to extract information.

Multipartite virus

a type of virus that infects other files and spreads in multiple ways

Stealth virus

a type of virus that uses a number of techniques to conceal itself from the user or the detection software

Flash cookies

a type of web application attack that uses Flash to plant cookie-like objects on the user's system even when he thinks he has cleared his computer of such objects.

Popup

a type of window that appears on top of the browser window

Macro virus

a virus that attaches itself to a document that uses macros

Retro virus

a virus that attacks countermeasures such as antivirus signature files or integrity databases

armored virus

a virus that attempts to conceal itself from discovery, reverse engineering, or removal

Slow virus

a virus that counters the ability of antivirus programs to detect changes in infected files

XML injection

a web application attack in which the attacker injects XML tags and data into a database in an attempt to retrieve data

Rogue access points

a wireless LAN access point set up and configured by a hacker to fool users into connecting with it. The hacker can then carry out an attack like the Man-in-the-middle attack

IV attack

a wireless network attack that modifies the initialization vector of an encrypted IP packet in transmission in hopes of being able to decrypt a common encryption key over time.

hoax

an act intended to deceive or trick the receiver

Cryptographic hash

an algorithm that converts a large amount of data to a single number

Denial of Service (DoS)

an attack that uses ping or ICMP echo-request, echo reply messages to bring down the availability of a server or system. usually sourced from a single-host device.

Attack

an attempt to exploit a vulnerability on an IT hardware asset or application

Spear phishing

an email or instant message spoofing fraud attempt that targets a specific organization seeking unauthorized access to confidential data

Arbitrary code execution

an exploit that allows a hacker to run unauthorized command line functions on a compromised systems. Butter overflow attacks and SQL injection attacks can often allow these

Xmas attack

an old attack of sending a deliberately malformed network packet with hopes the receiving network responds unexpectedly. The malformed packet includes several TCP header bits set to "1"," or turned on, like the lights of a christmas tree.

Disclosure

any instance of an unauthorized user accessing protection information. Under HIPAA, how a covered entity shares protected information with other organizations

Asset

any item that has value to an organization or a person

Web applications

applications that users access via a network, often the Internet, using a web browser

hijacking

attacker takes control of a session between two machines and masquerades as one of them

Client-side attack

attacks relying on the user's workstation connecting with a malicious server or application

impersonation

from a website or web application perspective, an attacker's attempt to use the session credentials of a valid user

Shoulder surfing

looking over people's shoulders as they enter codes at secure devices

Ransomeware

malicious computer software that takes over a system, encrypting files with a secret key rendering them inaccessible to the legitimate user until he or she pays the ransom

Active content

refers to components, primarily on Websites, that provide functionality to interact with users

Botnets

robotically controlled network that consists of compromised computers that attackers use to launch attacks and spread malware

Jamming

sending radio frequencies in the same frequency as wireless network access points to jam and interfere with legitimate wireless communications

Bluejacking

sending unsolicited messages to another device using Bluetooth to get the recipient to open them and potentially infect the recipient device.

Malicious add-ons

software plug-ins or add-ons that run additional malicious software on legitimate programs or software applications

Spyware

software that gathers user information through the user's internet connection without their knowledge

Web defacement

someone gaining unauthorized access to a web server and altering one or more pages of a website; web graffiti

Directory traversal

the act of accessing a file directory outside a web server's root directory and including a command to execute from unauthorized directory

Watering hole attack

the act of compromising with malicious code a 3rd party website known to be visited by the targeted individuals or company

War chalking

the act of creating a map of the physical and geographic location of any wireless access points and networks

integer overflow

the act of creating a mathematical overflow that exceeds the maximum sized allowed. This can cause a financial or mathematical application to freeze or create vulnerability and attack opening

Near field communication attack

the act of intercepting at close range (few inches) communications between two mobile operating system devices

Blacklisting

the act of maintaining a list of all known dangerous websites or destination IP addresses. Any messages from a site or this destination IP address in the blacklist is dropped

Vishing

the act of performing a phishing attack by telephone in order to elicit personal information

Typo Squatting

the act of registering and squatting a slightly wrong URL in the hopes a user mistypes the intended URL; URL hijacking

header manipulation

the act of stealing cookies and browser URL information and manipulating the header with invalid or false commands to create an insecure communication or action

Identity theft

the act of stealing personally identifieable information with the intent to open new accounts, make purchases, or commit fraud

Opportunity cost

the amount of money a company loses due to downtime, intentional or unintentional

Personally identifiable information (PII)

Data that can be used to individually identify a person. It includes Social Security numbers, driver's license numbers, financial account data, and health data.

False

Denial of service (DoS) attacks are larger in scope than distributed denial of service (DDoS) attacks.

Wiretapping

Intercepting communication sent via a wired connection.

True

It is common for rootkits to modify parts of the operating system to conceal traces of their presence.

Cross-site scripting (XSS)

Larry recently viewed an auction listing on a website. As a result, his computer executed code that popped up a window that asked for his password. What type of attack has Larry likely encountered?

Spim

Similar to spam of unsolicited messages, but through an instant messaging service rather than email

Malicious software

Software designed to infiltrate one or more target computers and follow an attacker's instructions.

Keystroke logger

Surveillance software or hardware that records to a log file every keystroke a user logs; also known as a keylogger

Security incident response team (SIRT)

Teams of people organized to identify and respond to security incidents. Responsible for minimizing the impact of incidents and collecting any necessary evidence to analyze the incident.

Whitelisting

The act of maintaining a list of trusted websites. All messages and connection requests from sites not in the whitelist are ignored.

Phreaking

The art of exploiting bugs and weaknesses that exist in the telephone system.

insider threat

The danger originating from an employee, contractor, or person trusted within the organization.

False

The four primary types of malicious code attacks are unplanned attacks, planned attacks, direct attacks, and indirect attacks.

True

The goal of a command injection is to execute commands on a host operating system.

Promiscuous mode

The mode in which sniffers operate; it is non-intrusive and does not generate network traffic. This means that every data packet is captured and can be seen by the sniffer.

Injection Techniques

used to carry out attacks by deliberately inputting invalid data to corrupt or circumvent software controls

Cross-platform virus

viruses that are harmful on more than one platform or operating system.

Session hijacking

A network attack in which the attacker attempts to take over an existing connection between two network computers.

Netcat

A network utility program that reads from and writes to network connections.

SYN flood

A DoS attack that fills up a computer's connection table by sending a flood of unacknowledged connection requests. Once the connection table fills up, the computer cannot respond to any new legitimate connection requests.

Cracker

A computer attacker who has hostile intent, possesses sophisticated skills, and may be interested in financial gain.

Black-hat hacker

A computer attacker who tries to break IT security for the challenge and to prove technical prowess.

gray-hat hacker

A computer attacker with average abilities who may one day become a black-hat hacker. Gray-hat hackers are also called wannabes.

Wardialer

A computer program used to identify the phone numbers that can successfully make a connection with a computer modem.

Typosquatting

A form of cybersquatting that relies on mistakes, such as typographical errors, made by Internet users when inputting information into a Web browser.

SQL Injection

A form of web application attack in which a hacker submits SQL (structured query language) expressions to cause authentication bypass, extraction of data, planting of information, or access to a command shell.

Evil twin

A form of wireless network attack in which an attacker creates a bogus open or public wireless network in order to sniff and capture all IP packets when a user connects to it.


Ensembles d'études connexes

Chapter 3 - Averages and Variation

View Set

Chapter 3 taxes personal finance

View Set

ART 190 Cumulative Quiz Final(missed week 5, 7, 11 quizzes)

View Set

Introduction to Political science quiz # 3

View Set

Outcomes Upper-intermediate Unit 1. 1 2nd edition

View Set