5.13 Information System Attack Methods& Techniques Flashcards
What is alteration attack ?
When unauthorised modification affect the integrity of the data/code. Cryptographic hash is a primary défense against alteration attack
What is botnets ?
A collection of compromised computers (called zombie computers) running software usually worms , Trojan horses or back doors. (Eg. DoS attacks, adware, spyware and spam)
What is a Denial of Service (DoS) attack?
Attack meant to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic, or sending it information that triggers a crash. Eg. Buffer overflows, brute force, DDos, ping flood, teardrop attack etc
What is Dial-in penetration attack/ war dialing ?
An intruder determine the dial phone nb ranges from an external sources (internet). Information can also be obtain using social engineering
What is eavesdropping ?
happen when cyber criminals or attackers listen in to network traffic traveling over computers, servers, mobile devices and Internet of Things (IoT) devices.
What is email attacks and techniques ?
Attack that occurs via emails: email bombing (abuser repeatedly send identical email to an address), spam, email spoofing, phishing
What is flooding ?
DoS attack that bring down a network/service by flooding it with a large amount of traffic. The host memory buffer is filled by flooding it with connection that cannot be completed
What is a buffer overflow ?
Consumes the available memory or CPU time
What is a interupt attack ?
When malicious action is performed by invoking the OS to execute a particular system call
What is juice jacking ?
type of compromise of devices like phones and tablets which use the same cable for charging and data transfer, typically a USB cable. The goal of the attack is to either install malware on the device, or to surreptitiously copy potentially sensitive data.
What is malicious code ?
Différent types:
Trojan > programs that are disguised as useful programs and once executed performs action that the user did not intend (eg opening ports etc)
Logic bomb > program that is triggered when certains condition, time or event occurs. They can also be used by admin to trap attacker (honey token) cos they look vulnerable
Trap (back) door > bits of code embedded in programs by programmers to quickly gain access during testing or debugging. Can be a security home if not removed
What is man in the middle attack ?
an attacker is positioned between two communicating parties in order to intercept and/or alter data traveling between them.
What is masquerading ?
The intruder present an identity other than the original identity in order to gain access to data that cannot be accessed under the original identity
What is message modification ?
Capturing of a message and making unauthorised changes or deletion
What is network analysis ?
Gathering information on an organisation’s network to reveal vulnerability (known as footprint)
What is packet replay ?
The intruder passively captures a stream of packets as the stream moves along an unprotected network. These packet are then actively inserted into the network as if the stream were another genuine message stream
What is pharming ?
Attack that aime to redirect the traffic of a website to a bogus website. It can be done by changing the host’s file on a victim’s computer or by exploiting vulnerabilities in DNS
What is piggybacking ?
Following an authorised person through a secured door, it is considered as physical access exposure
What is Race conditions ?
Exploit a small window of time between the time that the security control is applied and the time that the service is used.
What is remote maintenance tools attack ?
If not securely configured and controlled, can be used as an attack method by hacker to gain remote access
What is resource enumeration and browsing ?
When the attacker list resources on target (directories, shares, names) etc