1.2 Flashcards

1
Q

Malware

A

Malicious software –
These can be very bad
* Gather information
–Keystrokes
* Participate in a group
–Controlled over the ‘net
* Show you advertising
–Big money
* Viruses and worms
–Encrypt your data
–Ruin your da

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Ransomware

A
  • The attackers want your money
    –They’ll take your computer in the meantime
  • May be a fake ransom
    –Locks your computer “by the police”
  • The ransom may be avoided
    –A security professional may be able to removethese kinds of malware
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Trojan

A

Doesn’t really care much about replicating
* Circumvents your existing security
–Anti-virus may catch it when it runs
–The better Trojans are built to avoid and disable AV
* Once it’s inside it has free reign
–And it may open the gates for other programs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Worms

A

Malware that self-replicates–Doesn’t need you to do anything
–Uses the network as a transmission medium–Self-propagates and spreads quickly
* Worms are pretty bad things
–Can take over many systems very quickly
* Firewalls and IDS/IPS can mitigate many worm infestations
–Doesn’t help much once the worm gets inside

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

PUP

A

A Potentially Unwanted Program (PUP) is identified by antivirus/anti-malware as potentially undesirable software, often installed along with other software. Examples include an overly aggressive browser toolbar, a backup utility displaying ads, and a browser search engine hijacker. Detection and removal of PUPs are crucial for maintaining a secure computing environment. Users should rely on reputable security software and exercise caution during software installations to mitigate the risks associated with PUPs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Fileless virus:

A

A type of malware that operates without leaving traditional files on a system, making it challenging to detect using standard antivirus methods. It leverages scripts and memory-resident components to carry out malicious activities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Command and control

A

: A mechanism used by malware to communicate with a remote server or entity, allowing attackers to issue commands, receive instructions, and control compromised systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Bots:

A

Software applications that run automated tasks over the internet. In the context of cybersecurity, bots can be malicious and operate as part of a botnet, controlled by a command and control server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Cryptomalware:

A

Malicious software that encrypts files on a victim’s system, rendering them inaccessible until a ransom is paid. It is a type of ransomware that focuses on encrypting rather than stealing data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Logic bombs:

A

Malicious code intentionally inserted into software or systems to execute a harmful action when specific conditions are met, such as a particular date or event.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Spyware:

A

Software designed to secretly gather information about a user’s activities and transmit it to a third party without the user’s knowledge or consent.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Keyloggers:

A

Malicious programs that record keystrokes on a computer, capturing sensitive information such as passwords and credit card numbers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Remote access Trojan (RAT)

A

: A type of malware that allows unauthorized access and control of a victim’s computer from a remote location. It enables attackers to perform various malicious activities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Rootkit:

A

Malicious software that provides privileged access to a computer while hiding its presence from detection. Rootkits often modify the operating system to maintain persistent control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Backdoor:

A

A hidden or unauthorized access point in a computer system that allows remote control or unauthorized access. Backdoors can be exploited by attackers to gain entry without detection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Spraying:

A

In this attack, the attacker attempts to gain access by trying a few commonly used passwords against many accounts. It’s a low and slow approach to avoid detection.

17
Q

Dictionary

A

: This attack involves systematically trying every word in a dictionary or a list of common passwords to gain unauthorized access.

18
Q

Brute Force (Offline):

A

In an offline brute force attack, the attacker attempts to guess the password by systematically trying all possible combinations. This is done by trying different passwords without any network interaction.

19
Q

Brute Force (Online):

A

In an online brute force attack, the attacker systematically tries different passwords by interacting with the target system, often exploiting vulnerabilities that allow multiple login attempts.

20
Q

Rainbow Table:

A

Rainbow table attacks use precomputed tables with hashed passwords. By comparing the hash of the stolen password with entries in the table, attackers can quickly find the original password.

21
Q

Plaintext/Unencrypted:

A

This is not a specific attack but a vulnerability. Storing passwords in plaintext or unencrypted form makes it easier for attackers to gain access by directly reading the passwords from the system.

22
Q

Malicious Universal Serial Bus (USB) Cable:

A

Attackers may use specially crafted USB cables to exploit vulnerabilities in devices when connected. This could involve injecting malware or executing unauthorized commands.

23
Q

Malicious Flash Drive:

A

Attackers can use infected or specially crafted USB flash drives to introduce malware, steal data, or compromise systems when the drive is connected to a target device.

24
Q

Card Cloning:

A

In card cloning attacks, criminals use devices to surreptitiously copy data from credit or debit cards. This stolen information is then used to create unauthorized copies of the cards.

25
Q

Skimming:

A

Skimming involves the use of a malicious device, often discreetly attached to legitimate card readers, to capture and record information from credit or debit cards as users swipe or insert them.

26
Q

Tainted Training Data for Machine Learning (ML):

A

In this type of attack, adversaries inject malicious or manipulated data into the training dataset used to train machine learning models. By doing so, they aim to influence the model’s behavior, leading to inaccurate predictions or biased outcomes.

27
Q

Security of Machine Learning Algorithms:

A

Ensuring the security of machine learning algorithms involves protecting them from various threats, including adversarial attacks. This includes implementing measures to detect and mitigate attacks aimed at manipulating input data or exploiting vulnerabilities in the algorithm itself.

28
Q

Supply-Chain Attacks

A

Supply-chain attacks involve targeting vulnerabilities in the supply chain, which includes the processes and systems that deliver products or services. Attackers exploit weaknesses in the supply chain to compromise the final product or service and, consequently, the end users. This can include injecting malicious code into software during development, compromising hardware components, or infiltrating distribution channels. Supply-chain attacks pose a significant threat as they can impact a large number of users and organizations by exploiting trust in the supply chain.

29
Q

Cloud-based vs. On-Premises Attacks:

A

Cloud-based attacks target vulnerabilities within cloud computing environments, where data and applications are hosted on remote servers. These attacks may exploit misconfigurations, insecure application programming interfaces (APIs), or other weaknesses in cloud infrastructure. On the other hand, on-premises attacks target vulnerabilities within an organization’s physical, in-house infrastructure. Both types of attacks aim to compromise data, disrupt services, or gain unauthorized access, but they differ in the environment they target. Organizations need to implement specific security measures for both cloud-based and on-premises environments, considering factors like data encryption, access controls, and regular security assessments to protect against evolving threats in each context.

30
Q

Birthday Attack:

A

Description: A birthday attack exploits the probability of two different inputs producing the same hash value in a hash function. Despite the name, it does not necessarily involve birthdays but refers to the probability of a collision (two inputs producing the same hash) increasing as more inputs are processed.
Impact: Successful birthday attacks could compromise the integrity and security of cryptographic hash functions.

31
Q

Collision Attack:

A

Description: Collision attacks aim to find two different inputs that produce the same hash value in a hash function. When successful, this undermines the integrity of the hash function, as distinct inputs should ideally result in distinct hash values.
Impact: Collision attacks can be particularly problematic for digital signatures and certificate authorities.

32
Q

Downgrade Attack:

A

Description: In a downgrade attack, an attacker manipulates the communication between two parties to force the use of weaker cryptographic algorithms or protocols. This is often done when stronger security measures are available but not enforced.
Impact: Downgrade attacks can weaken the overall security of a system, as attackers can exploit vulnerabilities in older or less secure cryptographic algorithms.