Ch6: Comparing Threats, Vulnerabilities, and Common Attacks Flashcards
Script kiddie
An attacker who uses existing computer scripts to launch attacks, typically with very little expertise, sophistication, and funding
Hacktivist
launches attacks as part of an activist movement or to further a cause
Insider
Anyone who has legitimate access to an organization’s internal resources, such as an employee
Organized crime elements are…
typically motivated by greed and money but often use sophisticated techniques
APTs
Advanced Persistent Threats are sponsored by governments and they launch sophisticated, targeted attacks
DoS attack
A denial-of-service attack is an attack from a single source that attempts to disrupt the services provided by another system
DDoS attack
A distrubuted denial-of-service attack includes multiple computers attacking a single target. DDoS attacks typically include sustained, abnormally high network traffic
Malware
includes a wide variety of malicious code including viruses, worms, Trojans, ransomware, and more
Virus
a malicious program that attaches itself to an application and runs when the application is started
Worm
a self-replicating program that doesn’t need user interaction to run
Logic bomb
executes in response to an event, such as when a specific application is executed or a specific time arrives
Backdoor
A backdoor provides another way to access a system
Trojan
A Trojan appears to be something useful but includes a malicious component, such as installing a backdoor on a user’s system. Many Trojans are delivered via drive-by-downloads. They can also infect systems from fake AV software, pirated software, games, or infected USBs
Ransomware
a type of malware that takes control of a user’s system or data. Criminals then attempt to extort payment from the victim. Ransomware often includes threats of damaging a user’s system or data if the victim does not pay the ransom.
Crypto-malware
Ransomware that encrypts the user’s data