2.4 Flashcards
(104 cards)
Brute force Attacks
forcible entry
tampering with security devices
confronting security personnel
ramming barriers with vehicles
Viruses and types
Made up of malicious code thats run a machine without a users knowledge
boot sector
macro
program
multipartite
encrypted
polymorphic
metamorphic
stealth
armored
hoax
boot sector virus
stored on first section of hard drive and is loaded into memory when the computer is booted
Macro virus
form of code that allows a virus to be embedded inside another document
Program virus
multipartite virus
combo of boot virus and program virus
encrypted virus
designed to hide itself from being detected by encrypting its malcious code so anti virus software will not detect it
Polymorphic virus
advanced form of encrypted, it changes the viruses code each time it is executed by altering the decryption module in order for it to evade detection
Metamorphic virus
more advanced then polymorhpic able to rewrite themselves entirely before it attempts to infect a given file
stealth virus
technique used to prevent the virus from being detected by the anti virus software
armored virus
have a layer of protection to confuse a program or a person who is trying to analyze it
hoax
form of technical social engineering that attempts to scare our end users into taking some kind of undesirable action on their system (a message pops up saying you have a virus and gives you steps to remove it)
worm
unlike a virus that requires a user action, a worm replicates itself in the network without any action it takes advantage of vulnerabilities in os or apps aka missing security patches
it is malicious software
trojan
piece of malicious code that is disguised as harmless or desirable software could be a tetris game for example
RAT Remote Access Trojan
widely used by modern attackers because it provides the attacker with remote control of a victim machine
Ransomeware
type of malicious software designed to block access to a system by encrypting data until a ransom is paid
Zombies
Name of a compromised system that is part of a botnet. It is used to perform tasks using remote commands from the attacker without user knowledge
attakers often use only 20-25% of zombies power
Botnet
a network compromised of zombies controlled by malicious actors
mostly used for DDoS
Command and Control Node
Computer responsible for managing and coordinating the activities of other nodes or devices within a network
Rootkit
Digs deeply into OS to embed itself there and gain admin privileges over a system without being detected
can open and shut ports, delete programs install programs etc
Ring 3
outermost ring where user permissions are used
Ring 0
inntermost or highest permission level aka kernel mode
kernel mode
allows a system to control access to things like device drivers, sound card, monitor etc
DLL Injection
Technique used to run arbitrary code within the address space of another process by forcing it to load a dynamic link library