1.0 Attacks, Threats, and Vulnerabilities Flashcards

1
Q

Social engineering with a touch of spoofing

A

Phishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A type of URL hijacking where attackers register intentionally misspelled domain names similar to popular domain names

A

Typosquatting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Lying to get information. Adding a disclaimer or information text to the emails received from external domains

A

Pretexting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Social engineering attack that targets individuals in an organization

A

Spear Phishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Social engineering attack that targets high-profiled individuals in an organization

A

Whaling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Redirect a legit website to a bogus site

A

Pharming

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Voice phishing

A

Vishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

SMS phishing

A

Smishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Gather information about the victim before phishing

A

Reconnaissance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Attacker pretends to be someone they are not

A

Impersonation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A threat that does not actually exist

A

Computer hoaxes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Infect third-party site that is visited

A

Watering Hole Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Having a layered defense

A

Defense-in-Depth

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Unsolicited messages

A

Spam

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Spam over Instant Messaging

A

SPIM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Intentionally slow down the server conversation

A

Tarpitting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Attacker collects login credentials

A

Credential Harvesting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What are these a principle of?
1. Authority
2. Intimidation
3. Consensus/Social Proof
4. Scarcity
5. Urgency
6. Familiarity/Liking
7. Trust

A

Social Engineering Principles

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Malicious software

A

Malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Malware that can reproduce itself but needs you to execute a program

A

Virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Virus that is part of the application

A

Program Virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Virus that infects the boot sector

A

Boot Sector Virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Virus that is OS and browser-based

A

Script Virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Virus that is common in Microsoft Office

A

Macros Virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Virus that operates in memory inside RAM but is never installed in a file or application

A

Fileless Virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Malware that self-replicates

A

Worm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Personal Identifiable Information

A

PII

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Attacker wants your money

A

Ransomware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Malware encrypts your data files

A

Crypto-malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Software that pretends to be something else

A

Trojan Horse

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Undesirable software

A

PUP (Potentially Unwanted Program)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Malware that has a backdoor

A

RAT (Remote Access Trojan)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Modifies core system files and is part of the kernel which is invisible to the OS

A

Rootkits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Software that displays online advertisement to users

A

Adware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Malicious software that secretly collects and sends information about a person or organization to a third party

A

Spyware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Group of bots (malware-infected computers) working together and controlled by a single attacking party

A

Botnets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Malicious attack that makes online service, network resource, or host machine unavailable

A

DDoS (Distributed Denial of Service)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Malicious piece of code that is secretly inserted into a computer network, operating system, or software application and lies dormant until a specific condition occurs

A

Logic Bomb

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Tries common passwords on multiple accounts a few times so that there are no lockouts, no alarms, and no alerts

A

Spraying Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Try every possible password until the hash is matched

A

Brute Force

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Use dictionary to find common words and can substitute letters for numbers

A

Dictionary Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Optimzed, pre-built set of hashes

A

Rainbow Tables

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Extra random data

A

Salt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Doesn’t need extra rights or permissions. Like a keyboard or a mouse

A

HID (Human Interface Device)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Stealing credit card info usually during a normal transaction

A

Skimming

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Compuers that identify patterns in data and improve their predictions with training data

A

Machine Learning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Hash collision attack

A

Birthday Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

form of hashing that had many hash collisions

A

MD5 (Message Digest Algorithm 5)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

gain higher-level access to a system

A

TLS (Transport Layer Security)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

encrypted link between web server and web browser

A

SSL (Secure Sockets Layer)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Gain higher level access

A

Privilege Escalation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

Only data in executable areas can run

A

Data Execution Prevention

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

Takes advantage of trust a user has for a site

A

XSS (Cross-site Scripting)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

web site allows scripts to run in user input

A

Non-persistent (reflected) XSS Attack

55
Q

attacker posts a message to a social network, no specific target

A

Persistent (stored) XSS Attack

56
Q

modifying SQL (Structured Query Language) requests

A

SQL Injection

57
Q

Adding your own information to a data stream

A

Code Injection

58
Q

Modifying XML (Extensible Markup Language) requests

A

XML Injection

59
Q

Dynamic-Link library have an application run a program

A

DLL Injection (Dynamic-Link Library)

60
Q

Overwriting a buffer of memory

A

Buffer Overflows

61
Q

Attacker uses information gathered over network to to either delay or repeat it

A

Replay Attack

62
Q

Technique where attacker captures hash of a user and sends his own authentication request with captured credentials to access the same network

A

Pass the Hash Attack

63
Q

Code injection technique used to exploit web applications which could reveal sensitive user information or modify information, manipulates application results

A

LDAP Injection (Lightweight Directory Access Protocol)

64
Q

a piece of data from a website that is stored within a web browser that the website can retrieve at a later time

A

cookies

65
Q

Attacker intercepts the session ID and uses it to access the server with the victim’s credentials, doesn’t require username/password

A

Sidejacking (Session hijacking)

66
Q

An attack that attempts to have users unknowingly execute actions on a web application for which they are currently authenticated. One-click attack, session riding that takes advantage of trust that a web application has for an authenticated user

  1. Cookie-based session handling.
  2. No unpredictable request parameters
  3. The user clicks the malicious URL.
  4. The user must be logged in to the vulnerable web application.
A

XSRF, CSRF (Cross-site request forgery)

67
Q

Attacker finds vulnerable web applications and sends requests to a web server which performs the request on behalf of the attacker
1. Attacker sends a request that controls a web application
2. Web server sends request to another service (ex cloud file storage)
3. Cloud storage sends response to web server
4. Web server forwards response to attacker

A

SSRF (Server-side request forgery)

68
Q

Filling in the spaces between two objects, a middleman, Windows has its own shim to backwards compatibility with previous windows versions

A

Shimming

69
Q

metamorphic malware. A different program each time it’s downloaded. difficult to match with signature-based detection

A

refactoring

70
Q
A

SSL Stripping/HTTP downgrade

71
Q

Time of check time of use

A

TOCTOU

72
Q
A

memory leak

73
Q
A

NULL Pointer dereference

74
Q
A

Integer Overflow

75
Q
A

Directory Traversal

76
Q
A

API Attacks

77
Q
A

Resource Exhaustion

78
Q
A

ZIP bomb

79
Q
A

DHCP Starvation

80
Q
A

Rogue Access Points

81
Q
A

Wireless Evil Twins

82
Q
A

Bluejacking

83
Q
A

Bluesnarfing

84
Q
A

Wireless Disassociation

85
Q
A

RFID Atacks

86
Q
A

nonce

87
Q
A

NFC

88
Q
A

Initiazlization Vectors

89
Q
A

On-path Network attack

90
Q
A

ARP Poisioning

91
Q
A

On-path browser attack

92
Q
A

STP

93
Q
A

MAC Flooding

94
Q
A

MAC Cloning

95
Q
A

DNS Poisoning

96
Q
A

Domain Hijacking

97
Q
A

DDOS

98
Q
A

DDOS Amplification

99
Q
A

Applicaiton DOS

100
Q
A

OT DOS

101
Q
A

Powershell

102
Q
A

Python

103
Q
A

Shell Script

104
Q
A

Macros

105
Q
A

VBA

106
Q
A

Threat actors

107
Q
A

APT

108
Q
A

Nation states

109
Q
A

Hacktivist

110
Q
A

Script Kiddies

111
Q
A

Organizes Crime

112
Q
A

Shadow IT

113
Q
A

Attack vectors

114
Q
A

OSINT

115
Q
A

CVE

116
Q
A

NVD

117
Q
A

IOC

118
Q
A

RFC

119
Q
A

TTP

120
Q
A

Zero-day attacks

121
Q
A

Unsecured root accounts

122
Q

Common Vulnerability Scoring system

A

CVSS

123
Q

logging of security events and information

A

Security Information and Event Management (SIEM)

124
Q

standard for message logging

A

Syslog

125
Q

simulate an attack

A

Pentest

126
Q

document that defines the purpose and scope of a pentest

A

Rules of engagement

127
Q

gather information before an atack

A

Reconaissance

128
Q

Reconnaissance through open source

A

Passive footprinting

129
Q

combine wifi monitoring and a gps

A

Wardriving/Warflying

130
Q

gathering info from many open sources

A

Open source Intelligence (OSINT)

131
Q

Offensive security team, ethical hacking, exploiting vulnerabilities, social engineering, web app scanning

A

Red Team

132
Q

defensive security team, protecting the data, daily security tasks, incidence response, threat hunting, digital forensics

A

Blue Team

133
Q

red and blue teams working together

A

Purple team

134
Q

Manages interactions between red team and blue team

A

White team