Active_Attacks_Flashcards

Question 1

Man-in-the-Middle (MITM)

Answer 1

Intercepting communications to read, alter, or inject data.

Question 2

Session Hijacking

Answer 2

Taking over an active user session by stealing cookies or session tokens.

Question 3

Spoofing

Answer 3

Impersonating another device or user, such as IP or DNS spoofing.

Question 4

Injection Attacks

Answer 4

Inserting malicious code or commands into input fields or data streams.

Question 5

Replay Attacks

Answer 5

Capturing and resending valid data packets for unauthorized actions.

Question 6

Denial-of-Service (DoS)

Answer 6

Overloading a system with requests to make it unavailable.

Question 7

Distributed Denial-of-Service (DDoS)

Answer 7

Multiple systems flooding a target to overwhelm resources.

Question 8

Logic Bombs

Answer 8

Malware triggered by specific conditions to disrupt operations.

Question 9

Privilege Escalation

Answer 9

Exploiting bugs to gain unauthorized higher-level permissions.

Question 10

Buffer Overflow

Answer 10

Overwriting memory regions to execute arbitrary code.

Question 11

Zero-Day Exploits

Answer 11

Attacking vulnerabilities not yet patched or publicly known.

Question 12

Trojan Horse

Answer 12

Malicious software disguised as legitimate.

Question 13

Ransomware

Answer 13

Encrypting user data and demanding payment for the decryption key.

Question 14

Worms

Answer 14

Self-replicating malware that spreads across networks.

Question 15

Spyware/Adware

Answer 15

Collecting sensitive information or displaying unwanted advertisements.

Question 16

Phishing

Answer 16

Tricking users into providing sensitive information via fake emails or websites.

Question 17

Spear Phishing

Answer 17

A targeted version of phishing aimed at specific individuals or organizations.

Question 18

Baiting

Answer 18

Offering something enticing to trick users into exposing data or installing malware.

Question 19

Brute Force

Answer 19

Attempting all possible combinations to crack passwords or encryption.

Question 20

Keylogger Attacks

Answer 20

Capturing keystrokes to extract sensitive data like passwords.

Question 21

Cryptanalysis

Answer 21

Exploiting weaknesses in cryptographic algorithms to decrypt data.

Question 22

Evil Twin Attack

Answer 22

Creating a rogue Wi-Fi network to intercept data.

Question 23

Deauthentication Attack

Answer 23

Disconnecting users from a Wi-Fi network to capture credentials.

Question 24

Advanced Persistent Threats (APTs)

Answer 24

Long-term targeted attacks for stealing data or compromising infrastructure.

Question 25

DNS Spoofing/Cache Poisoning

Answer 25

Redirecting users to malicious websites by altering DNS records.

Question 26

BGP Hijacking

Answer 26

Redirecting internet traffic by manipulating routing tables.

Question 27

Malicious Insiders

Answer 27

Employees intentionally exploiting their access for malicious purposes.

Question 28

Exploited Insiders

Answer 28

Attackers tricking insiders into performing malicious actions.

Question 29

Firmware Tampering

Answer 29

Modifying firmware to control or disrupt IoT devices.

Question 30

Botnet Formation

Answer 30

Compromising IoT devices to form a botnet for attacks.

Question 31

USB Injection

Answer 31

Using infected USB drives to deploy malware.

Question 32

Hardware Trojans

Answer 32

Malicious modifications to hardware for spying or sabotage.

Question 33

Cross-Tenant Access

Answer 33

Exploiting vulnerabilities in shared cloud environments.

Question 34

Account Hijacking

Answer 34

Gaining unauthorized access to cloud accounts to manipulate data.

Question 35

Deepfake Attacks

Answer 35

Using AI to create fake video or audio content for deception.

Question 36

Adversarial AI

Answer 36

Attacking machine learning models to manipulate outcomes.