Attacks

Question 1

What is Social Engineering?

Answer 1

An attack against a user, and typically involves some form of social interaction

A training and awareness program is the best defense…

Question 2

What is Phishing?

Answer 2

An attacker attempts to obtain sensitive information from users by masquerading as a trusted entity in an email or instant message sent to a large group of often random users

Question 3

What is Spear Phishing?

Answer 3

A phishing attack aimed at a specific individual

Question 4

What is a Whaling attack?

Answer 4

A phishing attack targeted against a high value target like a corporate officer or system admin

Question 5

What is a Vishing attack?

Answer 5

A form of social engineering attack over voice lines (VoIP).

Question 6

What is Tailgating?

Answer 6

The act of following an authorized person through a doorway without using your own credentials

Question 7

What is an Impersonation attack?

Answer 7

A social engineering technique that can occur in person, over a phone, or online, where the attacker assumes a role that is recognized by the person being attacked, and in assuming that role, the attacker uses the potential victim’s biases against their better judgment to follow procedures

Question 8

What is Dumpster Diving?

Answer 8

The practice of searching through trash to discover material that has been thrown away that is sensitive, yet not destroyed or shredded

Question 9

What is Shoulder Surfing?

Answer 9

Stealing of credentials by looking over someone’s shoulder while they type them into a system

Question 10

What is a Watering Hole attack?

Answer 10

The infecting of a specific target website, one that users trust and go to on a regular basis, with malware

Question 11

What is a DoS attack?

Answer 11

Denial of Service (DoS)

An attack in which actions are taken to deprive authorized individuals from accessing a system, it’s resources, the data it stores or processes, or the network to which it is connected

Question 12

What is a DDoS attack?

Answer 12

Distributed Denial of Service (DDoS)

A special type of DoS attack in which the attacker elicits the generally unwilling support of other systems to launch a many-against-one attack

Question 13

What is a Man-in-the-middle attack?

Answer 13

Any attack that attempts to use a network node as the intermediary between two other nodes. Each of the endpoint nodes think it is talking directly to the other, but each is actually talking to the intermediary

Question 14

What is Buffer Overflow?

Answer 14

A specific type of software coding error that enables user input to overflow the allocated storage area and corrupt a running program

Question 15

What is XSS?

Answer 15

Cross-site Scripting (XSS)

A method of attacking a system by sending script commands to the system input and relying upon the parsers and execution elements to perform the requested scripted actions, thus instantiating the attack exploiting the trust a user has for the site

Question 16

What is a Non-persistent XSS attack?

Answer 16

where the injected script is not persisted or stored, but rather is immediately executed and passed back via the web server

Question 17

What is Persistent XSS attack?

Answer 17

Where the script is permanently stored on the web server or some back-end storage allowing the script to be used against others who log in to the system

Question 18

What is DOM-based XSS attack?

Answer 18

Where the script is executed in the browser via the Document Object Model (DOM) process as opposed to the web server

Question 19

What is CSRF or XSRF?

Answer 19

Cross-site Request Forgery (CSRF or XSRF)

A method of attacking a system by sending malicious input to the system and relying upon the parsers and execution elements to perform the requested actions, thus instantiating the attack. Exploits the trust a site has in the user’s browser

Question 20

What is Privilege Escalation?

Answer 20

The step in an attack where an attacker increases their privilege, preferably to administrator or root level

Question 21

What is ARP Poisoning?

Answer 21

Address Resolution Protocol (ARP) Poisoning

An attack that involves sending spoofed ARP or RARP replies to a victim in an attempt to alter the ARP table on the victim’s system. If successful, the attack will replace one or more MAC addresses in the victim’s ARP table with the MAC address the attacker supplies in their spoofed responses

Question 22

What is Amplification?

Answer 22

An act of leveraging technology to increase the volume of an attack, such as pinging a network address to get all attacked devices to respond

Question 23

What is DNS Poisoning?

Answer 23

Domain Name Service/Server (DNS) Poisoning

The changing of data in a DNS table to cause misaddressing of packets

Question 24

What is Domain Hijacking?

Answer 24

The act of changing the registration of a domain name without the permission of its original registrant

Question 25

What is a Man-in-the-Browser attack?

Answer 25

A man-in-the-middle attack involving browser helper objects and browsers to conduct the attack.

Question 26

What is A Zero Day attack?

Answer 26

A vulnerability for which there is no previous knowledge

Question 27

What is A Replay Attack?

Answer 27

The reusing of data during an attack to cause a system to respond based on previous acts

Best defense is use of encryption and short time frames…

Question 28

What is a Pass the Hash attack?

Answer 28

An attack where the credentials are passed in hashed form to convince an object that permission has been granted

Question 29

What is Clickjacking?

Answer 29

An attack against a user interface where the user clicks on something without knowing it, triggering a browser action unbeknownst to the user at the time

Question 30

What is Session Hijacking?

Answer 30

An attack against a communication session by injecting packets into the middle of the communication session

Question 31

What is Typo Squatting?

Answer 31

An attack form that involves capitalizing upon common typo errors at the URL level, hoping the browser user will not notice they end up on a different site

Question 32

What is Driver Manipulation?

Answer 32

The attack on a system by changing drivers, thus changing the behavior of the system

Question 33

What is Shimming?

Answer 33

The process of putting a layer of code between the driver and the OS to allow flexibility and portability

Question 34

What is Refactoring?

Answer 34

The process of restructuring existing computer code without changing its external behavior to improve nonfunctional attributes of the software, such as improving code readability and/or reducing complexity

Question 35

What is Spoofing?

Answer 35

Making data appear to have originated from another source so as to hide the true origin from the recipient

Question 36

What is MAC Spoofing?

Answer 36

The act of changing a MAC address to bypass security checks based on the MAC address

Question 37

What is IP address Spoofing?

Answer 37

Inserting a different IP address in the Form portion of the packet

Question 38

What is an Evil Twin?

Answer 38

An attack involving an attacker-owned router in a wireless system, configured to match a legitimate router

Question 39

What is Jamming?

Answer 39

A form of DoS that specifically targets the radio spectrum aspect of wireless

Question 40

What is WPS?

Answer 40

Wi-Fi Protected Setup (WPS)

A network security standard that allows easy setup of a wireless home network

Question 41

What is Bluejacking?

Answer 41

The sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, tablets, or laptop computers

Question 42

What is Bluesnarfing?

Answer 42

The unauthorized access of information from a Bluetooth-enabled device through a Bluetooth connecting, often between mobile phones, desktops, laptops, and tablets

Question 43

What is NFC?

Answer 43

Near Field Communication (NFC)

A set of wireless technologies that enables smartphones and other devices to establish radio communication over a short proximity, typically a distance of 10cm or less

Question 44

What is a Disassociation attack?

Answer 44

An attack on a wireless network whereby the attacker sends a deauthentication frame in a wireless connection, to break an existing connection

Question 45

What is a Birthday attack?

Answer 45

An attack methodology based on combinations rather than linear probability. In a room of 30 people, one doesn’t have to match a specific birthday, rather match any two birthdays in the room match, making the problem a combinatorial match, which is much more likely

Question 46

What is a Rainbow Table attack?

Answer 46

A precomputed set of hash tables for matching passwords by searching rather than computing each on the fly

Question 47

What is a salt?

Answer 47

A random set of characters designed to increase the length of the item being hashed, effectively making rainbow tables too big to compute

Question 48

What is a Dictionary attack?

Answer 48

A password-cracking program that uses a list of dictionary words to try to guess the password

Question 49

What is a Brute Force attack?

Answer 49

A password-cracking program that attempts all possible password combinations