Attacks Flashcards
What is Social Engineering?
An attack against a user, and typically involves some form of social interaction
A training and awareness program is the best defense…
What is Phishing?
An attacker attempts to obtain sensitive information from users by masquerading as a trusted entity in an email or instant message sent to a large group of often random users
What is Spear Phishing?
A phishing attack aimed at a specific individual
What is a Whaling attack?
A phishing attack targeted against a high value target like a corporate officer or system admin
What is a Vishing attack?
A form of social engineering attack over voice lines (VoIP).
What is Tailgating?
The act of following an authorized person through a doorway without using your own credentials
What is an Impersonation attack?
A social engineering technique that can occur in person, over a phone, or online, where the attacker assumes a role that is recognized by the person being attacked, and in assuming that role, the attacker uses the potential victim’s biases against their better judgment to follow procedures
What is Dumpster Diving?
The practice of searching through trash to discover material that has been thrown away that is sensitive, yet not destroyed or shredded
What is Shoulder Surfing?
Stealing of credentials by looking over someone’s shoulder while they type them into a system
What is a Watering Hole attack?
The infecting of a specific target website, one that users trust and go to on a regular basis, with malware
What is a DoS attack?
Denial of Service (DoS)
An attack in which actions are taken to deprive authorized individuals from accessing a system, it’s resources, the data it stores or processes, or the network to which it is connected
What is a DDoS attack?
Distributed Denial of Service (DDoS)
A special type of DoS attack in which the attacker elicits the generally unwilling support of other systems to launch a many-against-one attack
What is a Man-in-the-middle attack?
Any attack that attempts to use a network node as the intermediary between two other nodes. Each of the endpoint nodes think it is talking directly to the other, but each is actually talking to the intermediary
What is Buffer Overflow?
A specific type of software coding error that enables user input to overflow the allocated storage area and corrupt a running program
What is XSS?
Cross-site Scripting (XSS)
A method of attacking a system by sending script commands to the system input and relying upon the parsers and execution elements to perform the requested scripted actions, thus instantiating the attack exploiting the trust a user has for the site
What is a Non-persistent XSS attack?
where the injected script is not persisted or stored, but rather is immediately executed and passed back via the web server
What is Persistent XSS attack?
Where the script is permanently stored on the web server or some back-end storage allowing the script to be used against others who log in to the system
What is DOM-based XSS attack?
Where the script is executed in the browser via the Document Object Model (DOM) process as opposed to the web server
What is CSRF or XSRF?
Cross-site Request Forgery (CSRF or XSRF)
A method of attacking a system by sending malicious input to the system and relying upon the parsers and execution elements to perform the requested actions, thus instantiating the attack. Exploits the trust a site has in the user’s browser
What is Privilege Escalation?
The step in an attack where an attacker increases their privilege, preferably to administrator or root level
What is ARP Poisoning?
Address Resolution Protocol (ARP) Poisoning
An attack that involves sending spoofed ARP or RARP replies to a victim in an attempt to alter the ARP table on the victim’s system. If successful, the attack will replace one or more MAC addresses in the victim’s ARP table with the MAC address the attacker supplies in their spoofed responses
What is Amplification?
An act of leveraging technology to increase the volume of an attack, such as pinging a network address to get all attacked devices to respond
What is DNS Poisoning?
Domain Name Service/Server (DNS) Poisoning
The changing of data in a DNS table to cause misaddressing of packets
What is Domain Hijacking?
The act of changing the registration of a domain name without the permission of its original registrant
What is a Man-in-the-Browser attack?
A man-in-the-middle attack involving browser helper objects and browsers to conduct the attack.
What is A Zero Day attack?
A vulnerability for which there is no previous knowledge
What is A Replay Attack?
The reusing of data during an attack to cause a system to respond based on previous acts
Best defense is use of encryption and short time frames…
What is a Pass the Hash attack?
An attack where the credentials are passed in hashed form to convince an object that permission has been granted
What is Clickjacking?
An attack against a user interface where the user clicks on something without knowing it, triggering a browser action unbeknownst to the user at the time
What is Session Hijacking?
An attack against a communication session by injecting packets into the middle of the communication session
What is Typo Squatting?
An attack form that involves capitalizing upon common typo errors at the URL level, hoping the browser user will not notice they end up on a different site
What is Driver Manipulation?
The attack on a system by changing drivers, thus changing the behavior of the system
What is Shimming?
The process of putting a layer of code between the driver and the OS to allow flexibility and portability
What is Refactoring?
The process of restructuring existing computer code without changing its external behavior to improve nonfunctional attributes of the software, such as improving code readability and/or reducing complexity
What is Spoofing?
Making data appear to have originated from another source so as to hide the true origin from the recipient
What is MAC Spoofing?
The act of changing a MAC address to bypass security checks based on the MAC address
What is IP address Spoofing?
Inserting a different IP address in the Form portion of the packet
What is an Evil Twin?
An attack involving an attacker-owned router in a wireless system, configured to match a legitimate router
What is Jamming?
A form of DoS that specifically targets the radio spectrum aspect of wireless
What is WPS?
Wi-Fi Protected Setup (WPS)
A network security standard that allows easy setup of a wireless home network
What is Bluejacking?
The sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, tablets, or laptop computers
What is Bluesnarfing?
The unauthorized access of information from a Bluetooth-enabled device through a Bluetooth connecting, often between mobile phones, desktops, laptops, and tablets
What is NFC?
Near Field Communication (NFC)
A set of wireless technologies that enables smartphones and other devices to establish radio communication over a short proximity, typically a distance of 10cm or less
What is a Disassociation attack?
An attack on a wireless network whereby the attacker sends a deauthentication frame in a wireless connection, to break an existing connection
What is a Birthday attack?
An attack methodology based on combinations rather than linear probability. In a room of 30 people, one doesn’t have to match a specific birthday, rather match any two birthdays in the room match, making the problem a combinatorial match, which is much more likely
What is a Rainbow Table attack?
A precomputed set of hash tables for matching passwords by searching rather than computing each on the fly
What is a salt?
A random set of characters designed to increase the length of the item being hashed, effectively making rainbow tables too big to compute
What is a Dictionary attack?
A password-cracking program that uses a list of dictionary words to try to guess the password
What is a Brute Force attack?
A password-cracking program that attempts all possible password combinations
