Chapter 3 Key Concepts and Terms

Question 1

Address resolution protocol (ARP) poisoning

Answer 1

When an attacker spoofs the MAC address of a targeted device by sending fake ARP resolution responses with a different MAC address.

Question 2

Armored virus

Answer 2

Virus with hardened code that makes it difficult to reverse-engineer and build an antivirus from the malware.

Question 3

Asset

Answer 3

Any item that has value.

Question 4

Attack on availability

Answer 4

Impacts access or uptime to a critical system, application, or data.

Question 5

Attack on IT assets

Answer 5

Penetration testing, unauthorized access, stolen passwords, deletion of data, etc.

Question 6

Attack on people

Answer 6

Using deception to get another human to perform an action.

Question 7

Attack

Answer 7

An attack on a system succeeds by exploiting a vulnerability in the system.

Question 8

Backdoors

Answer 8

Hidden access methods left by developers so they can access the system again without struggling with security controls.

Question 9

Between-the-lines wiretapping

Answer 9

Does not alter the messages sent by legitimate users, but inserts additional messages into the communication line when the legitimate user pauses.

Question 10

Birthday attacks

Answer 10

A type of cryptographic attack that is used to make brute-force attack of one-way hashes easier.

Question 11

Black-hat hacker

Answer 11

Will try to break IT security and gain access to systems with no authorization to prove technical prowess.

Question 12

Botnet

Answer 12

A bunch of internet-connected computers under the control of a remote hacker.

Question 13

Browser or URL hijacking

Answer 13

The user is directed to a different website than what they requested, usually a fake page the attacker created.

Question 14

Brute-force password attack

Answer 14

Attacker tries different passwords until one of them is successful.

Question 15

Christmas (Xmas) attack

Answer 15

Sending advanced TCP packets with flags set to confuse IP routers and network border routers with TCP header bits set to 1, lighting the IP router up like a Christmas tree.

Question 16

Cookie

Answer 16

A text file containing details gleaned from past visits to a website. Stored in cleartext.

Question 17

Cracker

Answer 17

A hacker with hostile intent, sophisticated skills, and interests in financial gain.

Question 18

Cryptolocker

Answer 18

A specific form of ransomware that encrypts local files or data until the victim pays a ransom to obtain the decryption keys.

Question 19

Denial of Service (DoS)

Answer 19

An attack that results in downtime or inability of a user to access a system by impacting the availability.

Question 20

Dictionary password attack

Answer 20

A simple attack that relies on users making poor passwords. A password-cracker program takes a dictionary file and attempts to log on by entering each dictionary entry as a password.

Question 21

Disclosure threats

Answer 21

Occurs when unauthorized users access private or confidential information that is stored in a network resource while it is in transit between network resources.

Question 22

Distributed denial of service (DDoS)

Answer 22

A type of DoS attack that also impacts a user’s ability to access a system by overloading the computer and preventing legitimate users from gaining access.

Question 23

DNS poisoning

Answer 23

Pharming that poisons a domain name server.

Question 24

Downtime

Answer 24

The time during which a service is not available due to a failure or maintenance.

Question 25

Espionage

Answer 25

The act of spying to obtain secret information, typically to aid another nation state.

Question 26

Exploit software

Answer 26

An application that incorporates known software vulnerabilities, data, and scripted commands to exploit a weakness in a computer system or IP host device.

Question 27

Exploit

Answer 27

Something a hacker can do once a vulnerability is found.

Question 28

Fabrications

Answer 28

The creation of some deception to trick unsuspecting users.

Question 29

Flooding attacks

Answer 29

Overwhelm the victim’s CPU, memory, or network resources by sending large numbers of useless requests to the machine.

Question 30

Gray-hat hackers

Answer 30

A hacker with average abilities who may one day become a black or white hat hacker.

Question 31

Hacker

Answer 31

In the computing world, someone who enjoys exploring and learning how to modify something.

Question 32

Hoax

Answer 32

An act intended to deceive or trick the receiver. Usually an email.

Question 33

Identity theft

Answer 33

When private data is used to impersonate an individual.

Question 34

Information leak

Answer 34

Any instance of someone who purposely distributes information without proper authorization.

Question 35

Intellectual Property

Answer 35

An asset at the center of many organizations.

Question 36

Interceptions

Answer 36

Eavesdropping on transmissions and redirecting them for unauthorized use.

Question 37

Interruptions

Answer 37

A break in the communication channel which blocks the transmission of data.

Question 38

Intrusive penetration testing

Answer 38

Positively verifies the network by working to exploit it.

Question 39

Keystroke logger

Answer 39

Surveillance software or hardware that can record to a log file every keystroke made with a keyboard.

Question 40

Logic attacks

Answer 40

Use software flaws to crash or hinder the performance of remote servers.

Question 41

Malware

Answer 41

Malicious software that infiltrates one or more target computers and follows the attackers instructions.

Question 42

Man-in-the-middle hijacking

Answer 42

Attacker uses a program to take control of a connection by masquerading as each end of the connection.

Question 43

Masquerade attack

Answer 43

A user or computer pretends to be another user or computer.

Question 44

Modifications

Answer 44

The alteration of data contained in transmissions or files.

Question 45

National Vulnerability Database (NVD)

Answer 45

The List of Common Vulnerabilities and Exposure (CVE), which is maintained by the U.S. Department of Homeland Security.

Question 46

Netcat

Answer 46

A utility that is the most popular backdoor tools in use today.

Question 47

Operating System (OS) fingerprint scanner

Answer 47

Software that allows an attacker to send a variety of packets to an IP host device, hoping to determine the target device’s operating system (OS) from the response.

Question 48

Opportunity cost

Answer 48

The amount of money a company loses during downtime.

Question 49

Organization’s Assets

Answer 49

Customer Data

Question 50

Password cracker

Answer 50

Software that performs one of two things:

Question 51

Pharming

Answer 51

Domain spoofing.

Question 52

Phishing

Answer 52

An email that is fake or bogus to trick the recipient into clicking on an embedded URL link or opening an email attachment.

Question 53

Phreaking

Answer 53

Exploiting bugs and glitches in the telephone system.

Question 54

Piggyback-entry wiretapping

Answer 54

Intercepts and modifies the original message by breaking the communications line and routhing the message to another computer that acts like a host.

Question 55

Polymorphic Malware

Answer 55

Malware that can morph, making it difficult to see and be remediated with antivirus or anti-malware applications.

Question 56

Port scanner

Answer 56

A tool used to scan for open IP ports that have been enabled.

Question 57

Promiscuous mode

Answer 57

Sniffers operate in promiscuous mode, allowing every packet to be seen and captured by the sniffer.

Question 58

Protocol Analyzer

Answer 58

AKA a sniffer. Software program that enables a computer to monitor and capture network traffic, whether on a LAN or a wireless network.

Question 59

Ransomware

Answer 59

A new form of malware linked to a time clock, forcing the victim to pay a ransom to prevent their data from being deleted.

Question 60

Replay attack

Answer 60

Capturing data packets from a network and retransmitting them to produce an unauthorized effect.

Question 61

Risk

Answer 61

The probability that something bad is going to happen.

Question 62

Rootkits

Answer 62

Malicious software programs designed to be hidden from normal methods of detection. Installed by attackers once they obtain root or system administrator access privileges.

Question 63

Rootkits

Answer 63

Modifies or replaces one or more existing programs to hide traces of attacks.

Question 64

Sabotage

Answer 64

The destruction of property or obstruction of normal operations.

Question 65

Security breach

Answer 65

Any event that results in the violation of any of the confidentiality, integrity, or availability security tenets.

Question 66

Session hijacking

Answer 66

Attacker tries to take over an existing connection between two network computers.

Question 67

Smurfing

Answer 67

Use directed broadcasts to create a flood of network traffic for a victim computer.

Question 68

Social engineering

Answer 68

Tricking authorized users into carrying out actions for unauthorized users.

Question 69

Software vulnerability

Answer 69

A bug or weakness in the program.

Question 70

Spam

Answer 70

Unwanted email.

Question 71

Spear phishing

Answer 71

Using email or instant messages to target a specific organization, seeking unauthorized access to confidential data.

Question 72

Spim

Answer 72

Unwanted IMs and chats.

Question 73

Spoofing

Answer 73

A person, program, or computer disguises itself as another person, program, or computer to gain access to some resource.

Question 74

Spyware

Answer 74

Malware that specifically threatens the confidentiality of information.

Question 75

SYN flood

Answer 75

Popular technique to launch a flood attack.

Question 76

Trojan

Answer 76

Malware that masquerades as a useful program.

Question 77

True downtime cost

Answer 77

AKA opportunity cost. The amount lost during downtime.

Question 78

Virus

Answer 78

Software program that attaches itself to or copies itself to another program or a computer.

Question 79

Vulnerability scanner

Answer 79

Software program used to identify and verify vulnerabilities on an IP host device.

Question 80

Vulnerability

Answer 80

A weakness in the design or software code itself. Can be exploited as a threat.

Question 81

Wardialer

Answer 81

A computer that dials telephone numbers looking for a computer on the other end.

Question 82

White-hat hacker

Answer 82

AKA an ethical hacker. An information security professional who has authorization to identify vulnerabilities and perform penetration testing.

Question 83

Wireless network attacks

Answer 83

Perform intrusive monitoring, packet capturing, and penetration tests on a wireless network.

Question 84

Wiretapping

Answer 84

Can be active, where attacker makes modifications to a line, or passive, where the unauthorized user simply listens to the transmission without changing the contents.

Question 85

Worm

Answer 85

A self-contained program that replicates and sends copies of itself to other computers, generally across a network, without any input or action.