1.4 Flashcards
Given a scenario, analyze potential indicators associated with network attacks.
Is a common networking technology that has a substantial number of standards and processes to connect users to networks via a radio signal, thus freeing machines from wires.
Wireless
type of wireless network attack where a malicious actor sets up a rogue Wi-Fi hotspot with a name identical or similar to a legitimate network.
Evil twin attack
Is an unauthorized and typically malicious wireless access point (AP) that is connected to a network without the knowledge or approval of the network administrator.
Rogue access point
The unauthorized access and theft of information from a Bluetooth-enabled device, such as a mobile phone or laptop, often exploiting vulnerabilities to gain access to personal data without the user’s knowledge or consent.
Bluesnarfing
The act of sending unsolicited messages or data to nearby Bluetooth-enabled devices, such as mobile phones or laptops, without gaining unauthorized access to the device.
Bluejacking
The intentional termination of a connection between a client device and a wireless network.
Disassociation attack
Is a form of denial of service (DoS) that specifically targets the radio spectrum aspect of wireless.
Jamming
A technology that uses wireless communication to identify and track objects or individuals through small electronic tags (RFID tags) .
Radio frequency identification (RFID)
Is a set of wireless technologies that enables smartphones and other devices to establish radio communications over a short distance.
Near-field communication (NFC)
Is used in wireless systems as the randomization element at the beginning of a connection. Attacks against it are aimed at determining the IV, thus finding the repeating key sequence.
Initialization vector (IV)
A type of network attack where the malicious actor positions themselves on the communication path between two entities, such as a client and a server. This allows the attacker to intercept, modify, or manipulate the communication between the two parties.
On-path attack (previously
known as man-in-the-middle attack/
man-in-the-browser attack)
Type of attacks that target the data link layer of the OSI model, focusing on vulnerabilities in network devices like switches and bridges.
Layer 2 attacks
Involves manipulating the ARP cache of a network to associate a fake Media Access Control (MAC) address with a legitimate IP address.
Address Resolution
Protocol (ARP) poisoning
Is the act of changing a MAC address to bypass security checks based on the MAC address.
MAC cloning
Is a type of attack where an attacker floods the network switch with a large number of fake or random MAC addresses.
Media access control (MAC) flooding
Is a decentralized system that translates human-readable domain names into IP addresses.
Domain name system (DNS)
Is the act of changing the registration of a domain name without the permission of its original registrant.
Domain hijacking
A type of attack where false or malicious information is introduced into the Domain Name System (DNS) cache. This can lead to the redirection of domain name resolutions, causing users to be directed to fraudulent websites.
DNS poisoning
Is the method of describing where you want a browser to go, and it is the main interface to the DNS process that converts it to a machine-readable address.
Uniform Resource
Locator (URL) redirection
The evaluation of a domain’s trustworthiness and legitimacy based on its historical behavior, security practices, and online activities.
Domain reputation
A DoS attack employing multiple attacking systems.
Distributed denial-of-service (DDoS)
Is a collection of compromised computers or devices, often forming a botnet, coordinated to flood a target system or network with a massive volume of traffic.
Distributed denial-of-service (DDoS): Network
A type of DDoS attack that aims to exhaust the resources of a targeted application or service.
Application-level DDoS attack
Is the name given to networks of industrial devices in cyber-physical systems.
Operational technology (OT)
The use of scripts and automation to maliciously impact a system.
Malicious code and script execution
A built-in command-line tool suite that has a rich set of Microsoft Windows commands.
PowerShell
Is a widely used programming language/scripting language.
Python
(aka Bourne Again Shell) is an interpreter that processes shell commands on Linux systems.
Bash
Are recorded sets of instructions, typically presented to an application to automate their function.
Macros
Is an older technology from Microsoft that was used to automate many internal processes in applications.
Visual Basic for Applications (VBA)