Chapter 2- Type of Attack Indicators Flashcards
Malware
harmful software
Virus
Malware that can reproduce itself
Fileless virus
a piece of malware that operates only in the memory of the computer
Worms
malware that self replicates and spreads quickly
Ransomware
a form of malware that locks the user out of their files or device until a payment is made
Crypto-malware
uses cryptography to encrypt personal information until the victim sends the attacker crypto to decrypt your data.
Trojan
software that pretends to be something else
PUP (Potentially Unwanted Program)
undesirable software; unwanted software that can cause performance problems
Backdoors
malware that is used to create a new way to get into the system
Remote Access Trojans (RATs)
a remote access tool that gives a third party access to your computer remotely and has complete control over your OS
Rootkit
A set of software tools (malware)that enable an unauthorized user to gain control of a computer system without being detected.
What are the five types of rootkits?
firmware, virtual, kernel, library and application level
Spyware
Malware that spies on you
Keyloggers
a piece of software that logs all of the keystrokes that a user enters
Bot
is an automated software application that performs repetitive tasks over a network
Botnet
a series of bots that are controlled across the network in a group; a group of bots working together
Logic Bomb
is a malicious piece of code that’s secretly inserted into a computer network, OS, or software application to cause harm.
Password Spraying
is an attack that uses a limited number of commonly used passwords and applies to a large number of accounts
Brute Force attack
when an attacker tries every possible password combination until a hash is matched.
dictionary attack
an attack that use a list of dictionary words to try to guess the password
offline brute force attack
an attack that can be employed to perform has comparisons against a stolen password file
online brute force attack
an attack that tend to be very noisy and easy to see by network security monitoring and are also limited by system response time and bandwich
Rainbow Tables
are precomputed tables or has values associated with passwords.
Salt
Random data that is added to a password when hashing
Malicious USB cable
Looks like a normal USB cable, but has additional electronics inside. Once connected, the table takes over.
Malicious flash drive
Looks like a normal flash drive, but may have additional electronics inside that can cause harm to your system.
Skimming
Stealing credit card information usually during a normal transaction.
Example: copy data from the magnetic strip: card number, expiration date, card holder’s name.
ATM Skimming
Includes a small camera to also watch you insert your PIN
Card Cloning
when the attacker makes a digital copy of the credit card information using a concealed or disguised electronic scanner.
Artificial Intelligence (AI)
is the simulation of human intelligence processes by machines, especially computer systems.
Machine Learning (ML)
Is a type of AI focused on building computer systems that learn from data, enabling software to improve its performance over time.
Birthday attack
the attacker tries to find two different input messages that produce the same hash value, called a collision
Cryptographic attack
You encrypted data and sent it to another person. The attacker doesn’t have the combination so they break the safe( the cryptography) and find other ways to undo the security
Collision attack
Is where two different inputs field the same output of a hash function
Downgrade attack
Instead of using perfectly good encryption, use something that’s not so great
-force the systems to downgrade their security
Command and control
refers to methods and tools used to communicate with and control an infected machine or network.
