Attacks Flashcards
What is Cross-site scripting (XSS)?
What is Malware?
Software that is specifically designed to disrupt, damage, or gain unauthorised access to a computer
Define Ransomeware?
This involves encrypting a victims data and cash is demanded in order for the threat actor to decrypt your data. The OS remains available in order to for the threat actor to remain in contact with you
Define a Virus?
This is Malware that can replicate itself and needs you to run a program - Reproduces itself through the system or over the network
Name some ways in which your machine can become infected with Malware
E-mail link
Clicking on a web page pop
Drive-by download
A worm
Name some Virus types
Program Virus
Boot sector virus
Script viruses
Macro viruses
Define a Worm?
Define bloatware?
Define Spyware?
How can you protect against Spyware?
Define a logic bomb?
How can you prevent a logic bomb?
Define a rootkit?
How can you find and remove rootkits?
What is phishing?
What is a threat vector?
A method used by the attacker to gain access to your system - Also called an attack vector
What are the threats of removable devices within an organisation and how can this be managed?
Malicious software on USB devices can get around the network therefore circumventing high security networks ie fire walls
Data exfiltration - These devices can be used to exfiltrate company data by a malicious insider or a threat actor who has physical access to machines
Data loss - This could be intentional or accidental
Compliance violations - Require strict control over sensitive data including how it is stored, transferred and accessed. Allowing unrestricted use can lead to data transfers that violate compliance policies
Removable media does not typically have encryption enabled which can lead to unprotected storage of sensitive data
Ways to mitigate this threat:
What are the threats of unsupported systems within an organisation and how can this be managed?
Unsupported systems pose a threat as they no longer receive security patches, updates or technical support from the vendor.
The following are issues of having unsupported systems:
Increased likelihood of a security exploit as they no longer receive patches to address newly discovered vulnerabilities.
Lack of vendor support and limited incident response
Potential for incompatibility with security tools like endpoint detection or encryption protocols
Some systems may lack critical data protection features
Ways to mitigate this threat:
Organisations should plan to upgrade unsupported systems wherever possible and implement mitigating controls like additional monitoring, limiting access, segmenting unsupported systems from critical networks
What is a keylogger?
