Ch 9 Threat & Attack Flashcards
Adware
Software that gathers information to pass on to marketers order that intercepts personal data such as credit card numbers and makes it available to third parties
Antivirus software
Stop for that identifies the presence of the virus and is capable of removing or quarantining the virus
Armored virus
Virus that is protected in a way that makes disassembling it difficult. The difficult he makes it (Armour) against in a virus programs that have trouble getting to, and understanding, it’s code.
ARP spoofing
More commonly known as ARP poisoning, this involves the MAC (media access control) address of the data being fake.
Attack
Any on authorized intrusion into the normal operations of the computer or computer network. The attack can be carried out to gain access to the system or any of its resources.
Attack surface
The area of an application that is available to users – those who are on the authenticated and, more importantly, those who are not
Attack Service reduction (ASR)
Minimizing the possibility of exploitation by reducing the amount of code and letting potential damage.
Back door
And opening left in any program application (usually by the developer) that allows additional access to data. Typically, a Docktor he created for debugging purposes and is not documented. Before the product ships, the back doors are closed; when they aren’t closed, security loopholes exist.
Bot
And I made it software program (Network robot) that collects information on the web. And it’s malicious form, I bought is compromised computer being controlled remotely.
Buffer overflow
What type of denial dash of service – (DOS) attack that occurs when one data is put into a buffer than it can hold, There by overflowing it (as the name implies).
Click jacking
Using multiple transparent or opaque layers to Trick user into clicking a button or link on another page when they had intended to click on the top page.
Companion virus
A virus that creates a program that runs in the place of an expected program of the same name.
Cross – site request forgery (XSRF)
A form of web – beast attack in which on authorized commands are sent from a user that a website trusts .
Cross site scripting (XSS)
Running a script routine on a users machine from a website without their permission.
Denial of service (dos)
Hey type of attack that prevents any users – even legitimate ones Dash from using a system
Dictionary attack
The attack of attempting to crack passwords by testing them against the list to dictionary words with today’s Powell peters, an attacker can come bind kind of money available automated password – cracking utilities with several large dictionaries for Wordlist and crack huge numbers of passwords in a matter of minutes. Any password based on any dictionary word is vulnerable to such an attack
Phage virus
A virus that modified and alters other programs and databases.
Polymorphic
And attribute of some viruses that allows them to mutate and appear differently each time they crop up. The mutations make it harder for virus scanners to detect (and react) to the viruses.
Privilege escalation
The result when a user obtained access to a resource that they wouldn’t normally be able to access. Privilege escalation can be done inadvertently by running a program w set user I’d (suid) or set group id (sgid) permissions or by temporarily becoming another user (via su or sudo in Unix/Linux or runas in windows). It can also be done purposefully by and attacker seeking FULL access.
Watering hole attack
Identifying a site that is visited by those whom they are targeting, poisoning that site, and then waiting for the results.
Xmas tree attack
And advanced attack that tries to get around detection and send a packet w every single option enabled
Macro
May be found in Microsoft products using macro feature
Retrovirus
Attacks antivirus software
Shim
A small library that is created to intercept api calls transparently. 3 things can occur: 1. Handle the operation itself 2. Change the arguments passed 3. Redirect the request elsewhere
5 things to find threats
- Passively testing
- imap
- vulnerability scanner