Chapter 16 Flashcards
Whats cyber threats
threats that comes from individual hackers, criminal groups
Whats cybersecurity
The measure a company takes to protect a computer or a systems against unauthorized access or attacks
What are some of the recent cyber attacks
Colonial pipeline : Attack for ransomware
Florida water supply : Hacker accessed the water and increased the sodium hydroxide levels to fatals amounts
Equifax: Names ,social security and more were stolen during data breach
Whats is Nation Institute of Standard and Technology (NIST) five functions that company should address to cybersecurity risk
- recover
2.Identify - Protect
- Detect
- Respond
Whats the cyber kill chain
the life cycle of cyberattack from the early stage of gathering information through the final steps of damaging the network
The three steps in cyber kill chain are
gathering info about the network
Accessing the network
Disrupting the network, causing damage
What are the 3 types of cyber attacks
Reconnaissance attacks
Access attacks
Disruptive attacks
Explain reconnaissance attacks
knowledge gathering attacks that help attackers identify targets and plan their operations.
They can set the stage for later access and disrupt the network
When gathering information whats are the categories and explain them
Physical attack: Threaten element a network administrator has no control over. Ex: people, physical security
Logical attacks: Occur on a fully digital spectrum
Whats physical reconnaissance attack
use human interaction to generate info about the network
Phishing is
involves persuading people to perform acts that would give access to confidential information
Whats email phishing
deceptive request designed to trick the victim into sharing private information
Whats dumpster diving
is looking through someone else physical trash
Eavesdropping is
unauthorized interception of communication
To avoid the eavesdropping risk company
use encrypt data and secure communication line. They use file transfer protocol (FTP) that allows them to transfer between company network and outside parties
What a logical reconnaissance attacks
use digital attacks and does not require human target
Ping sweeps ( IP Probe) is
identify which host are active in the network by sending communication to each ip address to see if there is a response packet. If the IP does not sent a response packet the packet assumes that the IP address is not active and remove it from the list of prospective access points
Port scnas is
After the ping sweeps is port scans which indicates the ports that are open and sending or receiving data on the network. They wait for the packet to sees if the ports are active
What are logical reconnaissance control activities and explain them
Vulnerability scans: Its perform to detect and classify security loopholes in the infrastructure
Penetration test : Its attempting to hack their own company
Patches: company must ensure that their are running the up to date patches
Whats a physical access attacks
result in acces to either hardware or people
Example of physical acesss attacks
Tailgating
Accidental tailgating: authorized user is unaware
Polite tailgating; authorized user is aware of the other person but may politely hold the door for the tailgater
Whats logical access attacks
seek unauthorized acess to a systems or an application by either exploiting a network vulnerability during renaissance attack or use force to get t
Brute force attack are
attackers attempting many password to access the network before finding the correct one
On path attack are
hacker is actively injected into the connection ( just like eavesdropping)
IP Spoofing is
Creates and IP with modified addresses to disguise their identity and impersonate a legitimate computer network
hat are the packets in IP Spoofing
Normal packet: IP address of the packet sender
Spoofed packets: Forged sources address
Whats denial of service attacks
the goal is to send excessive traffic to a server so that it is unavailable for real users
What are Botnets
they are computers that are programmed to do whatever the attackers want
Whats a distributed denial of service attacks
uses multiple computers to increase pressure on the victim server unti its unavailable
What are malware attacks
Malicious code that is written to cause harm and attack the target system
What is an example of malware
virus
Explain worms
replicate human interaction whitout assistance
Explain logic bomb
malicious code that is programmed into a systems and remains dormant until certain conditions are met. They are difficult to detect or prevent until they are active
Trojan horse is
disguised as software but carries malicious code that may activated via a logic bomb. They are non replicating and use to obtain back door access
