1.2 Compare and contrast different types of attacks

Question 1

Social Engineering

Answer 1

A means of getting users to reveal confidential information. (“Human Hacking”)

Question 2

Phishing

Answer 2

A combination of social engineering and spoofing. An attacker sets up a spoof website to imitate a target bank or trusted source etc. The attacker emails users of the genuine site requiring a login. Their logon credentials are capture with the spoofed sit.

Question 3

Spear Phishing

Answer 3

A phishing scam where the attacker has some information that makes an individual target more likely to be fooled.

Question 4

Whaling

Answer 4

A spear phishing attack directed specifically against upper levels of management.

Question 5

Vishing

Answer 5

Phishing attack conducted through a voice channel.

Question 6

Tailgaiting

Answer 6

Entering a secure are by following close behind a person that has access.

Question 7

Impersonation

Answer 7

Pretending to be someone else.

Question 8

Dumpster Diving

Answer 8

Combing through an organization’s garbage to try to find useful documents.

Question 9

Shoulder Surfing

Answer 9

Stealing a password or PIN by watching a user type it.

Question 10

Hoax

Answer 10

An email alert or web pop-up will claim to have identified some sort of problem and offer a tool to fix it. The tool will be some sort of Trojan.

Question 11

Watering Hole Attack

Answer 11

Relies on a group of targets using an unsecure third party website.

Question 12

DoS

Answer 12

Denial of Service attack causes a service at a given host to fail or become unavailable. Ex. overloading a service by using up CPU, system RAM, disk space, or network bandwidth. The attack may be motivated by a desire to cause trouble. Or it may be a precursor to a MitM or data exfiltration attack.

Question 13

Man-in-the-middle

Answer 13

An attacker sits between two communicating hosts, and transparently captures, monitors, and relays all communication between the hosts. MitM attacks can be defeated using mutual authentication, where both server and client exchange secure credentials.

Question 14

Buffer Overflow

Answer 14

To exploit a buffer overflow vulnerability, the attacker passes data that deliberately overfills the buffer (an area of memory) that the app reserves to store the expected data.

Question 15

Injection

Answer 15

The attacker embeds code within the input or appends code to it that executes when the server processed the submission

Question 16

Cross-site scripting

Answer 16

An input validation exploit. An attacker crafts a URL to perform code injection on a trusted site with an input validation vulnerability. When the user clicks the link, malicious code executes.

Question 17

ARP Poisoning

Answer 17

An attack that works by broadcasting unsolicited ARP reply packets. Because ARP in an antiquated protocol with no security. The receiving devices trust this communication and update their MAC:IP address cache table with the spoofed address.

The attacker’s spoof MAC address will receive all messages directed at the legitimate user. MiTM attack.

Question 18

Amplification

Answer 18

An adversary spoofs the victim’s IP address and attempts to open connections with multiple servers. Those servers direct their SYN/ACK responses to the victim server. This rapidly consumes the victims bandwidth.

Question 19

DNS Poisoning

Answer 19

A redirection attack that aims to corrupt the records held by the DNS (Domain Name Systems) server. The intention is to redirect traffic for a a legitimate domain to a malicious IP address.

Links names to IP addresses.

Question 20

Domain Hijacking

Answer 20

An adversary gains control over the registration of a domain name, allowing the host records to be configured to IP addresses of the attacker’s choosing.

Question 21

Zero Day

Answer 21

Vulnerability that is exploited before a developer knows about it.

Question 22

Pass the Hash

Answer 22

Network based attack where the attacker steals hashed user credentials and uses them as-is to try to authenticate to a network.

Question 23

IV

Answer 23

(Initialization Vector) A technique used in cryptography to generate random numbers to be used along with a secret key to provide data encryption.

In the case of a IV attack the adversary is able to predict the IV, thus giving them access to encrypted data.

Question 24

Rogue AP

Answer 24

An unauthorized installation on a network which allows an attacker to connect to the network.

Question 25

Jamming

Answer 25

An attack on a network. An AP (access point/radio signal) is set up with a stronger signal. In turn it disrupts the original signal.

Question 26

RFID

Answer 26

Encoding information into passive tags.

Radio Frequency Identification

Question 27

Disassociation

Answer 27

An attacks sends disassociation packets/frames to a target. The station cannot communicate on the network.

Question 28

Cryptographic attacks

Answer 28

Circumventing the security of a cryptographic system.

Question 29

Rainbow Tables

Answer 29

A type of password attack where an attacker uses a set of related plaintext passwords and their hashes to crack passwords.

Question 30

Collision

Answer 30

The act of two different plaintext inputs producing the same exact ciphertext output.

Question 31

Skimming

Answer 31

An attacker uses a fraudulent RFID reader to access RFID tags. Encrypting information is best mitigation technique.

Question 32

Birthday Attack/Paradox

Answer 32

Paradox: asks how large must a group be so that the chance of two of them sharing a birthday.
Attack: brute force attack aimed at exploiting collisions in hash functions. A collision is where function produces the same hash value for two different plaintexts.