Attack types Flashcards

1
Q

Steals data from Bluetooth-enabled devices

A

Bluesnarfing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Takes over a user’s session by obtaining or predicting a valid session token

A

Session Hijack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Sends unsolicited messages over Bluetooth to nearby devices

A

Bluejacking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Chains multiple SQL commands with a delimiter to execute them sequentially

A

Stacked Queries

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Increases the volume of an attack by using network resources to magnify traffic

A

Amplification Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Intercepts network handshakes to crack wireless encryption keys

A

Handshake capture

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Intercepts data on a network by linking an attacker’s MAC to a legitimate IP address

A

ARP Poisoning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Fakes a login or splash page to capture user credentials

A

Captive PortalS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Sets up a rogue WiFi access point to intercept wireless communications

A

Evil Twin

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Impersonates devices by mimicking their MAC addresses

A

MAC Spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Deceives a user into submitting a malicious request via image tags, hidden forms, etc

A

CSRF

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Bypasses network segmentation by sending packets to a switch that forwards them to other VLANs

A

VLAN Hopping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Reflects a malicious script off of a web application to the user’s browser

A

XSS - Reflected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Masquerades as a legitimate entity by falsifying data to gain an advantage

A

Spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Reuses valid data transmission to fraudulently or maliciously repeat or delay operations

A

Session Replay

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Exploits Windows network protocols to intercept traffic and gain credentials

A

LLMNR/NBT-NS Poisoning

17
Q

Forcibly disconnects devices from a network

A

Deauthentication

18
Q

Exploits vulnerable web applications to force them to make requests to unintended locations

A

SSRF

19
Q

Attempts to access a large number of accounts with commonly used passwords

A

Password Spraying

20
Q

Captures authentication session to access a network resource without credentials

A

NTLM Relay Attacks

21
Q

Denies service to valid users by overwhelming a system with requests

A

DoS

22
Q

Captures and retransmits signals, such as from a key fob, to gain unauthorized access

A

Relay Attacks

23
Q

exploits Kerberos authentication to crack passwords of service accounts

A

Kerberoasting

24
Q

Systematically tries every possible password combination

A

Brute Force

25
Q

Intercepts data between two parties to steal or modify it

A

On-path Attack

26
Q

Stores malicious script in server databases to execute whenever the stored data is viewed

A

XSS-Persistent

27
Q

Triggers malicious actions on a web application where a user is authenticated

A

XSRF

28
Q

Uses a pre-arranged list of likely passwords

A

Dictionary Attack

29
Q

Copies RFID tags for unauthorized access to secure areas

A

RFID Cloning

30
Q

Inserts false information into DNS cache to redirect users to malicious sites

A

DNS Cache Poisoning