1.0 Threats, Attacks and Vulnerabilites

Question 1

Phishing

Answer 1

A broad term used to describe the fraudulent acquisition of information like credentials

Question 2

Smishing

Answer 2

Phishing via SMS or text messages

Question 3

Vishing

Answer 3

Phishing via the physical phone

Question 4

Spam

Answer 4

This is a social engineering technique used to get users to open a message in an email/text to exploit malware.

Question 5

Spam over instant messaging (SPIM)

Answer 5

This is spam that happens over email

Question 6

Spear Phishing

Answer 6

Phishing while focusing on a particular group of people

Question 7

Dumpster Diving

Answer 7

This is where people retrieve information by looking for it in the trash.

Question 8

Shoulder Surfing

Answer 8

This is a technique used by gaining credentials by looking over someones shoulder in order to retrieve their information

Question 9

Pharming

Answer 9

This redirects traffic away from legitimate websites to malicious versions.

Question 10

Tailgating

Answer 10

This is a physical entry attack while following behind someone to gain access to a building/room.

Question 11

Eliciting Information

Answer 11

a technique used to gather information without targets realizing they are providing it; examples of this include flattery

Question 12

Whaling

Answer 12

This is phishing a specific person in an organization that is either an admin or someone high up.

Question 13

Prepending

Answer 13

1. Adding in a phrase such as safe to a set of email headers to attempt to fool someone into thinking the email is indeed safe.
2. Adding information as part of another attack to manipulate the outcome
3. Suggesting topics via a social engineering conversation to lead toward related information the social engineer is looking for.

Question 14

Identity Fraud

Answer 14

This is the use of someone else’s identity

Question 15

Invoice scams

Answer 15

This involves sending fake invoices to organizations in the hopes of receiving payment.

Question 16

Credential harvesting

Answer 16

This is the process of gathering credentials like usernames and passwords. Multifactor authentication is a great way to stop credential harvesting from continuing.

Question 17

Reconnaissance

Answer 17

This is the gathering of information about a target, whether it is an organization, individual or something else.

Question 18

Hoax

Answer 18

These are intentional falsehoods that come in a variety of forms such as virus hoaxes to fake news.

Question 19

Impersonation

Answer 19

A person acting like someone they are not

Question 20

Watering Hole Attack

Answer 20

This uses websites that targets use to attack the victim, the attackers can compromise the site that the victims are using.

Question 21

Typosquatting

Answer 21

Attackers using similar legit URL’s to direct victims to the attackers fake URL that houses malware.

Question 22

pretexting

Answer 22

This is the process of using a made-up scenario to justify why you are approaching an individual

Question 23

Influence Campaigns

Answer 23

Individuals and organizations conduct influence campaigns to turn public opinion in directions of their choosing.

Question 24

Principles

Question 25

Ransomware

Answer 25

This is malware that takes over a computer and then demands ransom such as money.

Question 26

Trojan

Answer 26

This is a type of malware that is typically disguised as legitimate software.

Question 27

Worms

Answer 27

These are a form of malware that spreads throughout systems via email attachments, file shares etc.

Question 28

Potentially unwanted programs (PUP’s)

Answer 28

These are programs that may not be wanted by the user but are not as dangerous as other types of malware. These are typically installed without the users awareness or as part of a software bundle.

Question 29

Fileless virus

Answer 29

This is a virus that acts the same as traditional viruses. They spread like spam email and malicious websites but at no point do they require local file storage.

Question 30

Command and Control

Answer 30

These systems operate in a client-server mode. They will contact central control systems, which provide commands and updates, and track how many systems are in the botnet.

Question 31

Bots

Answer 31

Remotely controlled systems or devices that have a malware infection

Question 32

Cryptomalware

Answer 32

This encrypts files and then holds them hostage until a ransom is paid.

Question 33

Logic Bombs

Answer 33

These are functions or code that is placed inside other programs that will activate when set conditions are met.

Question 34

Spyware

Answer 34

This is malware that is designed to obtain information about an individual, organization or system

Question 35

keyloggers

Answer 35

These are programs that capture keystrokes from keyboards or other things like mouse movement, touchscreen inputs or credit card swipes from attached devices.

Question 36

Remote access Trojan (RAT)

Answer 36

This provides attackers with remote access to systems.

Question 37

Rootkit

Answer 37

This is malware that is specifically designed to allow attackers to access a system through a backdoor.

Question 38

Backdoor

Answer 38

These are methods or tools that provide access that bypasses normal authenitcation and authorization procedures, allowing attackers access to systems, devices or applications.

Question 39

Spraying

Answer 39

This is a form of brute force attack that attempts to use a single password or small set of passwords against many accounts

Question 40

Dictionary Attack

Answer 40

This is an attack that uses a list of words for their attempts. John the ripper is a popular open source password cracker.

Question 41

Brute Force Attack

Answer 41

This iterates through passwords until the attack finds the one that works

Question 42

Rainbow Table

Answer 42

This is an easily searchable database of precomputed hashes using the same hashing method as the captured password file.

Question 43

Plaintext/unencrypted attack

Answer 43

This is when a password or other credentials are stored as plaintext and not in a hash value making it much easier for an attacker to find.

Question 44

Malicious Universal

Question 45

Serial Bus (USB) Cable

Answer 45

This is a usb cable that is compromised and can go undetected from a victims standpoint.

Question 46

Malicious flash drive

Answer 46

Pen testers/attackers use this to drop drives in locations where they may be picked up and plugged in by unwitting victims

Question 47

Card cloning

Answer 47

This focuses on capturing information from cards like RFID and magnetic stripe cards often used for entry access.

Question 48

Skimming

Answer 48

This uses hidden or fake readers to capture cards, and then employ cloning tools to use credit cards and entry access cards for their own purposes.

Question 49

Adversarial artificial intelligence (AI)

Answer 49

This is where AI is used by attackers for malicious purposes. The focus of this currently tends to deal with data poisoning

Question 50

Supply chain attacks

Answer 50

Attempt to compromise devices, systems or software before it even reaches the organization.

Question 51

Cryptographic Attacks

Question 52

Birthday Attack

Answer 52

An attempt to find collisions in hash functions

Question 53

Collision attack

Question 54

Downgrade attack

Answer 54

This is used against secure communications such as TLS in an attempt to get the user or system to inadvertently shift to less secure cryptographic modes which may be easier to break.

Question 55

Authority

Answer 55

This relies on the fact that most people will obey someone who appears to be in charge or knowledgable

Question 56

Intimidation

Answer 56

Relies on scaring or bullying someone into making a decision

Question 57

Consensus

Answer 57

Uses the fact that people tend to want to do what others are doing to persuade them to take an action

Question 58

Scarcity

Answer 58

Used in scenarios that make something look more desirable because it may be the last one available

Question 59

Familiarity

Answer 59

This is based on liking the individual or organization

Question 60

Trust

Answer 60

This relies on connection with the individual they are targeting

Question 61

Urgency

Answer 61

Relies on creating a feeling that the action must be taken quickly due to some reason

Question 62

Cryptographic salts

Answer 62

A salt is random data that is used as an additional input to a hash password