Systems and Application Security

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Logic Bomb

A computer program or part of a program that lies dormant until it is triggered by a specific logical event.

Stuxnet

A computer worm designed to find and infect a particular piece of industrial hardware; used in an attack against Iranian nuclear plants

Typosquatting

A form of cybersquatting that relies on mistakes, such as typographical errors, made by Internet users when inputting information into a Web browser.

Rootkit

A set of software tools used by an attacker to hide the actions or presence of other types of malicious software. Older definition: escalate privileges. Rootkits may run in a variety of privileged rings, from the ring 0 (kernel) to ring 3

Virtual SAN

A software product that allows the user to configure unused network capacity into virtual storage that mimics a physical SAN.

Adware

A software program that delivers advertising content in a manner that is unexpected and unwanted by the user.

CryptoLocker

A specific form of ransomware that encrypts critical files or data until the victim pays a ransom to obtain the decryption keys.

Replay Attack

A type of network attack where an attacker captures network traffic and stores it for retransmission at a later time to gain unauthorized access to a network. Easily defeated with session tokens or timestamps.

Armored Virus

A virus that goes to great lengths in order to avoid detection. May employ encryption, obfuscation, and/or sandboxing

Xmas Attack

An advanced attack that tries to get around detection and send a packet with every single option enabled. Crashes systems with poorly designed network stacks.

VM escape

An attack in which the attacker "breaks out" of a VM's normally isolated state and interacts directly with the hypervisor.

Man-in-the-middle

An attack that intercepts legitimate communication and forges a fictitious response to the sender.

Smurf Attack

Bot sends multiple echo/ping requests with victim's IP address as source to IP address, third parties sends victim an echo reply, and victim suffers dDoS

BYOD

Bring Your Own Device

COPE

Corporate Owned, Personally Enabled

DoS

Denial of Service attack. Makes computing services unavailable for legitimate use. Requires large amounts of bandwidth and ability to avoid being blocked by IP address.

DDoS Attack

Distributed Denial of Service Attack. Typically malware installed on many computers (thousands) activate at the same time and flood a target with traffic to the point the server becomes overwhelmed.

Amplified Attack

DoS attack, response to initial request is very large and overwhelms target.

DNS

Domain Name System. The Internet's system for converting alphabetic names into numeric IP addresses.

FDE

Full Disk Encryption. Method to encrypt an entire disk. TrueCrypt is an example.

Propagation

How malware spreads

Hybrid Cloud

Includes two or more private, public, or community clouds, but each cloud remains separate and is only linked by technology that enables data and application portability.

Worms

Independent computer programs that copy themselves from one computer to other computers over a network

IaaS

Infrastructure as a Service. A public cloud computing technology useful for heavily utilized systems and networks. Organizations can limit their hardware footprint and personnel costs by renting access to hardware such as servers. eg AWS, Microsoft Azure, and Google Compute. Customer secures app and data, vendor secures OS.

Scareware

Malicious software of no benefit that is sold using scare tactics

Polymorphism

Malware solution to avoiding digital signatures in anti-malware database; malware mutates after each propagation

Viruses

Malware spreading from system to system based on some kind of user interactions

Botnet

Malware that "calls home" to a command and control center for further instructions after it infects a computer. May be used to rent out other bots/botnets, initiate spam campaign, DDOS, mine bitcoins, brute force attacks, any situation requiring storage, computing power, or network connectivity.

MBSA

Microsoft Baseline Security Analyzer (MBSA) is software developed and used by Microsoft to check the security of an operating system by assessing missing security updates and less secure areas of the operating system. Provides a very comprehensive review since it runs with admin rights.

MDM

Mobile Device Management: software secures, monitors, manages and supports mobile devices deployed across mobile operators, service providers and enterprise. May include storage segmentation abilities for sensitive information.

PaaS

Platform as a Service. Vendors provide cloud customers with an easy-to-configure operating system and on-demand computing capabilities. Middle ground between SaaS and IaaS: they do not worry about managing servers, but still run their own code and secure OS, apps, and data.

Public Cloud

Promotes massive, global, and industry-wide applications offered to the general public. Shared tenancy and responsibility. Cloud provider is responsible for some areas of security, such as encryption and control policies, while customer is responsible for other areas, such as data being sent, and configuring access control policies. Includes SaaS, IaaS, and PaaS TIERS

RAT

Remote access Trojan. Malware that allows an attacker to take control of a system from a remote location.

Morris Worm

Robert Morris, grad student at Cornell, created a program to copy a message to systems on the Internet He wasn't as careful as he should have been with limiting the propagation Brought the Internet to near collapse for several days in 1988 First Denial of Service attack AKA RTM Worm

Private Cloud

Serves only one customer or organization and can be located on the customer's premises or off the customer's premises, does not want to share computing resources.

SLA

Service level agreement. An agreement between a company and a vendor that stipulates performance expectations, such as minimum uptime and maximum downtime levels.

Backdoors

Shortcuts into programs created by system designers to facilitate system maintenance but used and abused by crackers.

SNMP

Simple Network Management Protocol. Used to collect system information from a remote/virtual computer

SaaS

Software as a Service. Applications provided over the Internet. Customers do not worry about processing, storage, networking, additional infrastructure details. Customer accesses services through web browsers. Vendor secures almost everything.

SDN

Software defined network. A method of using software and virtualization technologies to replace hardware routers. SDNs separate the data and control planes. Strong access controls needed since malicious individuals can take control of network and program it to their needs.

Ransomware

Software that encrypts programs and data until a ransom is paid to remove it.

Type 2 Hypervisor

Software to manage virtual machines that is installed as an application in an operating system. Most common hypervisor.

Type 1 Hypervisor

Software to manage virtual machines that is installed before any operating system is installed. AKA bare-metal hypervisor. Hypervisor runs directly on hardware and then hosts guest operating systems.

DNS poisoning

Technique used by criminals to alter DNS records and drive users to fake sites, to committing phishing.

Payload

The destructive event or prank a virus was created to deliver.

TPM

Trusted Platform Module

Trojan Horse

a program that appears desirable but actually contains something harmful

ARP poisoning

an attack that convinces the network that the attacker's MAC address is the one associated with an allowed address so that traffic is wrongly sent to the attacker's machine. Only works on local networks.

Spyware

software that enables a user to obtain covert information about another's computer activities by transmitting data covertly from their hard drive.


Ensembles d'études connexes

MyLab Exemplar: Disseminated Intravascular Coagulation

View Set

State Topic Tester- Escrow Accounts

View Set

Prep U Psychiatric-Anxiety and Anxiety Disorders

View Set

BIO II Chapter 32-Animals Diversity and the Evolution of Body Plans

View Set

Chapter 13: The Age of Dissent and Division, 1500-1564

View Set

Chapter 12 Seller Agency Duties and Disclosures

View Set

Ch 27: Lower Respiratory Problems

View Set

Anatomy & Physiology Midterm study guide

View Set