Chapter 3: Attacks Using Malware Flashcards

1
Q

Network connected hardware devices

A

Endpoints

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Malicious software that enters a computer system without the user’s knowledge or consent and then performs an unwanted and harmful action

A

Malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

5 ways of classifying malware include …

A
  1. Imprison
  2. Launch
  3. Snoop
  4. Deceive
  5. Evade
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A type of malware attack which attempts to take away the freedom of the user to do what they want on their computer

A

Imprison

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A type of malware that prevents a user’s endpoint device from properly and fully functioning until a fee is paid

A

Ransomware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A type of malware that encrypts all the files on the device so that none of them can be opened until a ransom is paid

A

Cryptomalware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A type of malware attack that infects a computer to launch attacks on other computers

A

Launch

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A type of malware attached to a file

A

File-based virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A type of malware which takes advantage of native services and processes that are part of the OS to avoid detection and carry out its attacks

A

Fileless virus (Living-off-the-land binaries/LOLBins)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

5 qualities of fileless viruses include …

A
  1. Easy to infect
  2. Extensive control
  3. Persistent
  4. Difficult to detect
  5. Difficult to defend
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A type of malware which uses a computer network to replicate to other endpoints

A

Worm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A type of launch attack where an infected computer is placed under the remote control of an attacker for the purpose of launching attacks

A

Bot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A structure that sends instructions to infected bot computers

A

Command and control (C&C)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A type of malware that is deployed without the consent or control of the user

A

Spyware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Hardware or software that silently captures and stores each keystroke that a user types on a keyboard

A

Keylogger

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Software that users do not want on their computer

A

Potentially unwanted program (PUP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

An executable program that masquerades as performing a benign activity but also does something malicious

A

Trojan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Malware that infects a computer like a Trojan but also gives the threat agent unauthorized access to the victim’s computer by using specially configured communication protocols

A

Remote Access Trojan (RAT)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Malware that gives access to a computer, program, or service that circumvents any normal security protections

A

Backdoor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Computer code that is typically added to a legitimate program but lies dormant and evades detection until a specific logical event triggers it

A

Logic bomb

21
Q

Malware that can hide its presence and the presence of other malware on the computer

22
Q

An attack that takes advantage of a website that accepts user input without sanitizing it

A

Cross-site scripting (XSS)

23
Q

Attacks that introduce new input to exploit a vulnerability

A

Injections

24
Q

An attack that inserts statements to manipulate a database server using Structures Query Language commands

A

SQL injection

25
A language used to view and manipulate data that is stored in a relational database
Structured Query Language (SQL)
26
An attack that inserts statements to manipulate a database server using eXtensible Markup Language (XML)
XML injection
27
A markup language designed to store information
eXtensible Markup Language (XML)
28
An attack that takes advantage of an authentication “token” that a website sends to a user’s web browser to imitate the identity and privileges of the victim
Cross-site request forgery (CSFR) or client-side request forgery
29
An attack that takes advantage of a trusting relationship between web servers
Server-side request forgery (SSRF)
30
An attack that copies data and then uses it for an attack
Replay attack
31
An attack that depletes parts of memory and interferes with the normal operation of the program in RAM to give an attacker access to the underlying OS
Resource exhaustion attacks
32
A situation that occurs when, due to a programming error, memory is not freed when the program has finished using it
Memory leak
33
An attack that occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer
Buffer overflow attack
34
An attack that changes the value of a variable to something outside the range that the programmer had intended by using an integer overflow
Integer overflow attack
35
A programming error that does not filter or validate user input to prevent a malicious action
Improper input handling
36
A programming error that does not properly trap an error condition
Error handling
37
A flaw that results in a pointer given a NULL instead of valid value
Pointer/object dereference
38
A situation in software that occurs when two concurrent threads of execution access a shared resource simultaneously
Race condition
39
A software check of the state of a resource before using that resource
Time of check/time of use
40
An attack that targets vulnerabilities in an API
Application program interface (API) attack
41
An attack that alters a device driver from its normal function
Device driver manipulation
42
Transparently adding a small coding library that intercepts calls made by the device and changes the parameters passed between the device and device driver
Shimming
43
Changing the design of existing code
Refactoring
44
An attack that inserts code into a running process through a DLL to cause a program to function in a different way than intended
Dynamic link library (DLL) injection
45
Technology that imitates human abilities
Artificial intelligence
46
“Teaching” a technology device to “learn” through repeated experience by itself without the continual instructions of a computer programmer
Machine learning
47
Exploiting the risks associated with using AI and ML in cybersec
Adversarial artificial intelligence
48
A risk associated with the vulnerabilities in AI-powered cybersecurity applications and their devices
Security of the ML algorithm
49
A risk associated with attackers can attempt to alter the training data that is used by ML
Tainted training data for machine learning