1.2 Analyze potential indicators to determine the type of attack

Question 1

Any element of software that performs an unwanted function from the perspective of the legitimate user or owner of a computer system.

Answer 1

Malware

Question 2

A form of malware that takes over a computer system, usually by encrypting user data, to hinder its use while demanding payment.

Answer 2

Ransomware

Question 3

A means of delivering malicious software by disguising it inside of something useful or legitimate.

Answer 3

Trojans (Trojan Horse)

Question 4

Malware designed to exploit a specific vulnerability in a system and then use that flaw to replicate themselves to other systems. They typically focus on replication and distribution, rather than on direct damage and destruction.

Answer 4

Worms

Question 5

Any type of questionable software that is not specifically malware but is still otherwise unwanted on a typical computer system.

Answer 5

Potentially Unwanted Programs (PUPS)

Question 6

A type of malware that resides in the memory only and does not save itself to the local storage devices

Answer 6

Fileless Virus

Question 7

An intermediary communication service often used by botnets.

Answer 7

Command and Control

Question 8

The infection agents that make up a botnet.

Answer 8

Bots

Question 9

A network of systems infected by malicious software agents controlled by a hacker to launch massive attacks against targets.

Answer 9

Botnet

Question 10

A form of malware that uses the system resources of an infected computer to mine cryptocurrencies.

Answer 10

Cryptomalware

Question 11

A form of malicious code that remains dormant until a triggering event or condition occurs.

Answer 11

Logic Bombs

Question 12

Any form of malicious code or even business or commercial code that collects information about users without their direct knowledge or permission.

Answer 12

Spyware

Question 13

A form of unwanted software that records the keystrokes typed into a system’s keyboard.

Answer 13

Keylogger

Question 14

A form of malicious code that grants an attacker some level of remote-control access to a compromised system.

Answer 14

Remote Access Trojan (RAT)

Question 15

A special type of hacker tool that embeds itself deep within an operating system, where it can manipulate information seen by the OS and displayed to users.

Answer 15

Rootkit

Question 16

A developer installed access method bypasses any and all security restrictions, or a hacker installed remote=access client.

Answer 16

Backdoor

Question 17

Seeks to reverse engineer password hashed through attacks such as: Brute force(birthday attack), dictionary, hybrid and rainbow table attacks.

Answer 17

Password Attacks

Question 18

The attempt to log into a user account through repeated attempts of submitting generated or pulled-from-a-list credentials.

Answer 18

Spraying (Stuffing)

Question 19

An attack that that performs password guessing by using a preexisting or precompiled list of possible passwords.

Answer 19

Dictionary Attack

Question 20

An attack that tries every valid combination of characters to construct possible passwords

Answer 20

Brute Force Attack (Birthday Attack)

Question 21

An attack where the attacker is working on their own independent computers to compromise a password hash.

Answer 21

Offline Brute Force

Question 22

An attack that occurs against a live logon prompt.

Answer 22

Online Brute Force

Question 23

A tool that takes advantage of a concept know as a hash chain. Relatively fast password cracking is achieved at the expense of spending the time and effort beforehand to craft the table hash chain database.

Answer 23

Rainbow Tables

Question 24

When online occurs against a live logon prompt. When offline this attack is one where the attacker is working on their own independent computers to compromise the hash.

Answer 24

Password attacks/cracking (online/offline)

Plaintext/unencrypted

Question 25

Includes attempts to gain access into a facility, damage a facility, steal equipment, damage equipment, plant software or listening devices, clone data, and physically harm personnel.

Answer 25

Physical attacks

Question 26

A device crafted to perform unwanted activities against a computer and/or mobile device or peripheral without the victim realizing the attack is occurring. Attacks include exfiltration of data and injecting malware.

Answer 26

Malicious universal serial bus cables (USB) /flash drives

Question 27

The duplication of data from a targeted source card onto a blank new card.

Answer 27

Card cloning (skimming)

Question 28

A training or programming technique where computational systems are set up to operate in opposition to automate the process of developing system defenses and attacks.

Answer 28

Adversarial AI (AAI)/Adversarial ML(AML)

Question 29

Attacks that could result in flawed or less reliable products or could allow for remote access or listening mechanisms to be embedded into otherwise functioning equipment.

Answer 29

Supply Chain Attacks

Question 30

Used against hashing and other forms of cryptography involving finite sets (of either hashes or keys).

Answer 30

Birthday attacks (crypt attack)

Question 31

When the output of two cryptography operations produces the same result.

Answer 31

Collision attacks (crypt attack)

Question 32

Attempts to prevent a client from successfully negotiating robust high-grade encryption with a server.

Answer 32

Downgrade attacks (crypt attack)

Question 33

Malicious code that displays pop-ups or alternate advertisements to users based on their activities, URLs they have visited, applications they have accessed, and so on.

Answer 33

Adware (crypt attack)

Question 34

Attacks that are more likely a matter of opportunity, in that the attacker found a flaw in a online service and your account just happened to be hit in the process.

Answer 34

Cloud based attacks

Question 35

Attacks intentionally focused on your organization.

Answer 35

On premises attacks