1.2 Types of Attacks

Question 1

Social Engineering

Answer 1

A form of attack that exploits human nature and human behavior. Social engineering attacks two primary forms: convincing someone to perform unauthorized operation or convincing them to reveal confidential information

Question 2

Phishing

Answer 2

Is the process of attempting to obtain sensitive information such as usernames, passwords, credit card details, and other PII by masquerading as a trustworthy entity

Question 3

Spear Phishing

Answer 3

Is a more targeted form of phishing where the message is crafted and directed specifically to an individual or group of individuals. The hope if the attack is that someone who already has an online/ digital relationship with an organization is more likely to fall for the false communication

Question 4

Whaling

Answer 4

Is a form of phishing that targets specific high-value individuals.

Question 5

Vishing

Answer 5

Phishing done over VoIP services

Question 6

Tailgating

Answer 6

Occurs when an unauthorized entity gains access to a facility under the authorization of a valid worker but without their knowledge

Question 7

Piggybacking

Answer 7

Occurs when an unauthorized entity gains access to a facility of a valid worker but with their knowledge and consent

Question 8

Impersonation

Answer 8

Is the act of taking in the identity of some else. The purpose of impersonation is to trick someone into believing your’re the claimed identity so you can use the power ir authority of that identity. Impersonation is also known as masquerading or spoofing

Question 9

Dumpster Diving

Answer 9

Is the act of digging through trash in order to obtain information about a target organization or individual. It can provide an attacker information that could make social engineering attacks easier or more effective

Question 10

Shoulder surfing

Answer 10

Occurs when someone is able to watch your keyboard or view your display. This may allow them to learn your password, see information that is confidential, private or simply not for their eyes

Question 11

Hoaxes

Answer 11

Is a form of social engineering designed to convince targets to perform an action that will cause problems or reduce their IT security. A Hoax is often an email that proclaims some imminent threat is spreading across the Internet and that you must perform certain tasks in order to protect yourself

Question 12

Watering Whole Attacks

Answer 12

Is a form of targeted attack against a region, a group or an organization. It’s waged by poisoning a commonly accessed resource

Question 13

Arbitrary Code of Execution

Answer 13

Is the ability to run any software on a target system

Question 14

Denial of Service Attack

Answer 14

DoS is a form of attack that has a primary goal of preventing the victimized system from performing legitimate traffic.

Question 15

Smurf Attack

Answer 15

This is from DRDs uses ICMP echo reply packets (ping packets)

Question 16

Xmas Attack

Answer 16

Its a form of port scanning that can be performed by wide number of common ports scanners including Map, Xprobe, and Hping2. The Xmas scan sends TCP packets to a target port with the flags URG, PSH, FIN all turned on.

Question 17

Distributed Denial of Service

Answer 17

DDoS employs an amplification or bounce network that is an unwilling or unknowing participants that is unfortunately able to receive broadcast messages and create message responses, echoes, or bounces. In effect, the attacker sends spoofed message packets to the amplification networks broadcast address

Question 18

Man-in-the-middle

Answer 18

is a form of communication eavesdropping attack. Attackers position themselves in the communication stream, between the client and the server. The client and server believe they’re communicating directly with each other.

Question 19

Buffer Overflow

Answer 19

Occurs due to the lack of secure defensive programming. The exploitation of a buffer overflow can result in a system crash or arbitrary code execution. A buffer overflow occurs when a program receives input larger than it was designed to accept or process.

Question 20

Injection Attacks

Answer 20

is any exploitation that allows an attacker to submit code to a target system in order to modify its operations and/or poison and corrupt data set.

Question 21

SQL Injection

Answer 21

Attack allows a malicious individual to perform SQL transactions directly against the underlying database through a website front end.

Question 22

directory traversal

Answer 22

an attack that enables an attacker to jump out of the web root directory structure and into any other part of the filesystem hosted by the web servers host OS

Question 23

Cross-site scripting

Answer 23

XSS is a form of malicious code injection attacks in which an attacker is able to compromise a web server and inject their own malicious code into the content sent to other visitors.

Question 24

Cross-site request forgery

Answer 24

XSFR is an attack focused on the visiting users web browser more than on the website being visited. The main purpose of XSRF is to trick the user or users browser into performing actions they had not intended or world not have authorized.

Question 25

Privilege Escalation

Answer 25

Occurs when a user account is able to obtain unauthorized access to higher levels of privileges.

Question 26

ARP Poisoning

Answer 26

Is the act of falsifying the IP-to-MAC address resolution system employed by TCP/IP

Question 27

Amplification

Answer 27

an attack is one where the amount of work ir the traffic generated by the attacker is multiplied in order to cause a significant volume of traffic to be delivered to the primary victim.

Question 28

DNS Poisoning

Answer 28

The act of falsifying the DNS information used by the client to reach a desired system.

Question 29

Pharming

Answer 29

malicious redirection of a valid website URL or IP address to a fake website that hosts false version of the original valid site.

Question 30

Domain Hijacking

Answer 30

Domain Theft is malicious action of changing name without the authorization of a valid owner. This may be accomplished by stealing the owners logon credentials, using XSRF, hijacking sessions, using MitM, or exploiting a flaw in the domain registrar’s system.

Question 31

Man-in-the-Browser

Answer 31

(MitB, MiTB, MiB, MIB) attack is effectively a MitM acctack. The only distinction is that the middle-man malware is operating on the victims systems, where it is able to intercept communications immediately after they leave the browser and before they exit the network interface.

Question 32

Zero-Day attacks

Answer 32

Newly discovered attacks where there is no specific defense.

Question 33

Replay Attack

Answer 33

An attacker captures network traffic and then replays the captured traffic in an attempt to gain unauthorized access to a system

Question 34

HIjacking

Answer 34

Attacks are those where the attacker takes control over a session from a valid user. Some forms of hijacking disconnect the client, whereas others grant the attacker a parallel connection into the system or service.

Question 35

Clickjacking

Answer 35

Is a web page-based attack that causes a user to clock on something other than what the user intended to click

Question 36

Session Hijacking

Answer 36

TCP/IP Hijacking or session hijacking is a form of attack in which the attacker takes over an existing communications session. The attacker can assume the role of the client or sever depending on the server depending on the purpose of the attack.

Question 37

Typo Squatting / URL Hijacking

Answer 37

Is a practice employed to capture traffic when a user mistypes the domain name or IP address of an intended source.

Question 38

Cookies

Answer 38

A tracking mechanism developed for web servers to monitor and respond to a user’s serial viewing of multiple web pages. It may allow identity theft.

Question 39

Shimming

Answer 39

Injecting alternate or compensation code into a system in order to alter its operations without changing the original or existing code

Question 40

Refactoring

Answer 40

Restricting or reorganizing of software code without changing it externally perceived behavior or produced results. Refactoring focuses on improving softwares nonfunctional elements such as quality attributes non-behavior requirements service requirements and constraints.

Question 41

Spoofing

Answer 41

The act of falsifying data. Involves changing the source addresses of network packets. Because the source address is changed, victims are unable to locate the true attackers or initiators of a communication.Also, by spoofing the source address, attackers redirect responses, replies and echoes of packets to some other system.

Question 42

MAC spoofing

Answer 42

MAC spoofing is used to impersonate another system, often a valid or authorized network device in order to bypass port security or MAC filtering limitations.

Question 43

IP spoofing.

Answer 43

There are three main types of IP spoofing: crafting IP packets for an attack but setting the source IP address to that of an innocent, uninvolved third party; via DoS, disconnecting the owner/ user of an IP address, then temporary taking on that IP address on the attack system; or using an IP address from the subnet that is not currently assigned to a valid authorized system.

Question 44

war driving.

Answer 44

war driving. War driving is the act of using a detection tool to look for wireless networking signals. Often, war driving is the process of someone looking for a wireless network they aren’t authorized to access.

Question 45

wireless replay attacks.

Answer 45

Wireless replay attacks may focus on initial authentication abuse. They may be used to simulate numerous new clients or cause a DoS.jkg

Question 46

initialization vector

Answer 46

IV is a mathematical and cryptographic term for a random number. Most modern crypto functions use IVs in order to increase their security by reducing predictability and repeatability.

Question 47

evil twin attacks

Answer 47

During an evil twin attack, a hacker configures their system as a twin of a valid wireless access point. Victims are tricked into connecting to the fake twin instead of the valid original wireless network.

Question 48

rogue access points

Answer 48

A rogue WAP may be planted by an employee for convenience or it may be operated externally by an attacker. Rogue wireless access points should be discovered and removed in order to eliminate an unregulated access path into your otherwise secured network.

Question 49

jamming

Answer 49

Jamming is the transmission of radio signals to prevent reliable communications by decreasing the effective signal-to-noise ratio.

Question 50

WPS attacks

Answer 50

WPS is a security standard for wireless networks that was found to be flawed. The standard called for a code that could be sent to the base station remotely in order to trigger WPS negotiation. This led to a brute force guessing attack that could enable a hacker to guess the WPS code in just hours.

Question 51

bluejacking.

Answer 51

Bluejacking is the sending of messages to Bluetooth-capable devices without the permission of the owner/ user. Just about any Bluetooth-enabled device, such as a smartphone or notebook computer, can receive a bluejacked message.

Question 52

bluesnarfing.

Answer 52

Bluesnarfing is the unauthorized accessing of data via a Bluetooth connection. Successful bluesnarfing attacks against smartphones and notebooks have been able to extract calendars, contact lists, text messages, emails, pictures, videos, and more.

Question 53

RFID.

Answer 53

RFID (radio frequency identification) is a tracking technology based on the ability to power a radio transmitter using current generated in an antenna when placed in a magnetic field. RFID can be triggered/ powered and read from up to hundreds of meters away.

Question 54

NFC

Answer 54

Near field communication (NFC) is a standard to establish radio communications between devices in close proximity. It lets you perform a type of automatic synchronization and association between devices by touching them together or bringing them within inches of each other.

Question 55

disassociation.

Answer 55

Disassociation is one of the many types of wireless management frames. A disassociation can be used in several forms of wireless attacks, including discovering hidden SSIDs, causing a DoS, hijacking sessions, and using MitM.

Question 56

password attacks

Answer 56

The strength of a password is generally measured in the amount of time and effort involved in breaking the password through various forms of cryptographic attacks. These attacks are collectively known as password cracking or password guessing. Forms of password attacks include brute force (also known as a birthday attack), dictionary, hybrid, and rainbow tables.

Question 57

password guessing.

Answer 57

Password guessing is an attack aimed at discovering the passwords employed by user accounts. It’s often called password cracking. There are two primary categories of password-guessing tools based on the method used to select possible passwords for a direct logon prompt or birthday attack procedure: brute force and dictionary.

Question 58

password crackers.

Answer 58

A password cracker is a tool used to reverse-engineer the secured storage of passwords in order to gain (or regain) access to an unknown or forgotten password. There are four well-known types of password-cracking techniques: dictionary, brute force, hybrid, and precomputed hash.

Question 59

birthday attacks.

Answer 59

The birthday attack exploits a mathematical property that if the same mathematical function is performed on two values and the result is the same, then the original values are the same. This concept is often represented with the syntax f( M) = f( M’) therefore M = M’.

Question 60

Understand known plain text and known cipher text attacks.

Answer 60

The cryptographic attacks of known plain text and known cipher text are focused on encryption systems that use the same key repeatedly or that select keys in a sequential or otherwise predictable manner. The goal is to discover the key or a key of the series, and then use that key to determine other keys and thus be able to decrypt most or all of the data protected by the flawed encryption system.

Question 61

rainbow tables

Answer 61

Rainbow tables take advantage of a concept known as a hash chain. It offers relatively fast password cracking, but at the expense of spending the time and effort beforehand to craft the rainbow table hash chain database.

Question 62

dictionary attacks

Answer 62

A dictionary attack performs password guessing by using a preexisting list of possible passwords.

Question 63

brute-force attacks.

Answer 63

A brute force attack is designed to try every valid combination of characters to construct possible passwords, starting with single characters and adding characters as it churns through the process, in an attempt to discover the specific passwords used by user accounts.

Question 64

Understand online vs. offline password cracking.

Answer 64

An online password attack occurs against a live logon prompt. An offline attack is one where the attacker is not working against a live target system, but instead is working on their own independent computers to compromise a password hash.

Question 65

collision.

Answer 65

A collision is when the output of two cryptography operations produces the same result. Collisions occur in relation to encryption operations as well as hashing operations.

Question 66

downgrade attack.

Answer 66

A downgrade attack attempts to prevent a client from successfully negotiating robust high-grade encryption with a server. This attack may be performed using a real-time traffic manipulation technique or through a man-in-the-middle attack (a false proxy) in order to forcibly downgrade the attempted negotiation to a lower quality level of algorithms and key exchange/ generation.

Question 67

replay attacks.

Answer 67

A replay attack is one in which an attacker captures network packets and then retransmits or replays them back onto the network.

Question 68

weak implementations.

Answer 68

Most failures of modern cryptography systems are due to poor or weak implementations rather than a true failure of the algorithm itself.