1.2 Flashcards

1
Q

Most common network attacks are?

A

Reconnaissance attacks, access attacks, Denial of Service, Distributed Denial of Service attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are reconnaissance attacks are trying to do?

A

Attempt to gather information about the victim before launching an attack, example use cdp, whois, ping sweeps etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Explain social engineering

A

In an attack that tries to use people to do thing or spill info

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

social engineering - phishing

A

a message with a link that goes to a dodgy site but looks legit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

social engineering - spear phishing

A

targeted phishing attack for an person/organzation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

social engineering - whaling

A

targeted emails for top execs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

social engineering - pharming

A

used to direct a customers url from a valid resource to a malicious one that could be made to appear as the valid site to the user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

social engineering - smishing

A

attack through a text

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

social engineering - vishing

A

attack through phone

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

social engineering - baiting

A

leaving an infected device lying around

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is privilege escalation

A

process of taking some leve of access and achieving an even greater level of access to a router and then uses a brute-force attack against the router

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are back doors?

A

When attackers gain access to a system they usually want future access. a backdoor application can be installed to either allow future access or to collect information to use in further attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How can backdoors be installed?

A

by users clicking something without realizing the link they click or the files they open is a threat. Can also be implemented as a result of a virus or worm.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

6 types of access attacks

A

Password, Trust exploitation, port redrection, mitm, buffer overflow, ip, mac, dhcp spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

what is a convert channel?

A

effective mechanism for sending and receiving information data between machines without alerting any firewalls. Die Daten unter einem anderen Protokoll verkleiden.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How to get a password? And which type of attack?

A

Trying to get ciritical passwords using methods like social engineering or brute force etc. Access attack

17
Q

What is trust exploitation? which type of attack?

A

using unauthorized privileges to gain access to a system. access attack

18
Q

What is MITM? which type of attack?

A

Man in the middle, when the attacker places themselves in the middle of 2 devices in order to eavesdrop or manipulate date, access attack

19
Q

What is buffer overflow? which type of attack?

A

causing the buffer to overflow and crashing the system, leading to a DoS attack

20
Q

What is ip, mac, dhcp spoofing? which type of attack?

A

an attack that makes it look like it is coming from the source - using a rogue dhcp server to respond to requests or exhausting the genuine server’s pool. access attack

21
Q

What are Dos and DDoS attack attempt to do?

A

They try to consume all of a computers critical resources in order to make it unavailable for use.

22
Q

From which source is DDoS? And what can this attack use?

A

DDoS is an attack from all sources and can use reflection and amplification.

23
Q

What is reflection and amplification in combination with DDoS?

A

Reflection is when the attacker send a flood of protocol requests packets to various ip host, while amplification a small forged attacked gets a big reply from reflectors, called the avalanche effect.

24
Q

DDoS - ping of death?

A

sending a malicious ping to a computer causing a crash - not done anymore

25
Q

DDoS - Smurf attacks?

A

sending lots of icmp packets to the broadcast addresss of a big network cantaining the victims ip address as source and every host will replay back to that address - not done anymore

26
Q

DDoS - tcp syn flood attack?

A

exploits te 3 way handshake by sending loads of syn packets with random source addresses to a victim, forcing it to wait for acks that will never arrive, leaving half open connections

27
Q

Defenses against social engineering are?

A

password mgmt, 2 factor authentication, antivirus/phishing, change mgmt, info handling and classification

28
Q

What is password management?

A

make rules on password change and format

29
Q

what is 2 factor authentication?

A

mixing what a user has and something they know to gain access

30
Q

what is antivirus/phishing?

A

host and network based filtering systems

31
Q

what is change management?

A

a process showing how and when changes can be made

32
Q

what is info handling and classification?

A

a policy that sets out how info can be handled and destroyed

33
Q

malware - what is a virus?

A

a code that is attached to exe files that require user interaction to propogate

34
Q

what is a trojan horse?

A

malware that looks genuine but is mailicous and creates a back door into the infected system. needs user interaction

35
Q

what are worms?

A

they are like viruses but doesn’t need user interaction to reproduce - it also makes functional copies of itself

36
Q

describe vectors of data loss/exfiltration

A

It is when data is leaked somehow to the outside word intentionally or not

37
Q

vectors of data loss/exfiltration are:

A

email attachments, unencrypted devices, cloud storage, removable media, hard copy