Chapter 1.2 - Attack Types Flashcards

Given a scenario, analyze potential indicators to determine the type of attack

1
Q

Malware

A

Malicious software used to intend harm and gather information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Ransomware

A

Taking away data and requiring victim to pay to get it back

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Trojans

A

Software that pretends to be something else to conquer your computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Worms

A

Malware that self-replicates itself
Does NOT need to be executed by the user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Potentially Unwanted Programs (PUPs)

A

Usually downloaded by trojans
Software that a user may perceive as unwanted or unnecessary

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

File less Virus

A

A stealth attack operated in memory
Avoids anti-virus detection and is never installed in a file or application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Command and Control

A

Responsible for sending out commands to bots

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Bots (Robots)

A

A type of software application or script that performs automated tasks on command

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Cryptomalware

A

Newer generation of ransomware
Uses cryptography to encrypt victim information and sends the victim the key to decrypt if the victim sends them cryptocurrency

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Logic Bombs

A

Waits for a predefined moment before attack is executed
Example: time, date, event

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Keyloggers

A

A form of malware or hardware that keeps track of and records your keystrokes as you type

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Remote Access Trojan (RATs)

A

Installed as a backdoor
Malware use to gain complete control of operating system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Rootkit

A

Modifies files in the foundational building blocks of the operating system (the core)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Backdoor

A

A new way to get into system with out going through front door and as much security
Placed on system through malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Virus

A

Malware that can reproduce itself
Executed by user when a program is run
Examples: program, boot sector, script, macro viruses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Adware

A

Pop-ups that can cause performance issues on your device

17
Q

Spyware

A

Malware that spies on you and everything you do

18
Q

Botnets

A

A group of bots working together
DDoS

19
Q

Spraying Attack

A

Attacking an account with the top three (or more) passwords
Move on if they do not work so there are no lockouts, alarms, or alerts

20
Q

Dictionary Attack

A

Using a dictionary to find common words or wordlists

21
Q

Brute Force Attack

A

Trying every possible password combination until the hash is met

22
Q

Brute Force Attack - Online

A

Keep trying the login process
Very slow
Might lockout after a certain amount of attempts

23
Q

Brute Force Attack - Offline

A

Brute forcing the hash
Get a list of users and hashes
Calculate a password hash, compare it to the stored hash

24
Q

Rainbow Table

A

Pre-built/ calculated set of hashes
Increases speed

25
Plaintext/ Unencrypted
Storing passwords in the "clear" There is no encryption and you can read the stored password
26
Malicious Universal Serial Bus (USB) Cable
Looks like a normal USB cable but has additional electronics inside Human Interface Device (HID) Downloads and installs malicious software
27
Malicious Flash Drive
Looks like a normal flash drive but can cause damage Load malware documents, boot device, ethernet adapter
28
Card Cloning
Get card details from a skimmer Create a duplicate of a card
29
Skimming
Stealing credit card information during a normal transaction
30
Tainted Training Data for Machine Learning (ML)
Attackers sending modified training data that causes AI to behave incorrectly
31
Security of Machine Learning Algorithms
Check the training data Retrain with new data Train the AI with possible poisoning
32
Evasion Attacks
Used to trick the AI into giving off confidential information
33
Supply Chain Attacks
Attackers can affect the supply chain by infecting different parts without suspicion One exploit can infect the entire chain
34
Birthday Attack
Finding a hash collision through the effect of chance
35
Collision Attack
Finding two inputs producing the same hash value
36
Downgrade Attack
Having a system downgrade their encryption making it easy to exploit Could use an on-path attack