Chapter 3 Key Concepts and Terms Flashcards
Address resolution protocol (ARP) poisoning
When an attacker spoofs the MAC address of a targeted device by sending fake ARP resolution responses with a different MAC address.
Armored virus
Virus with hardened code that makes it difficult to reverse-engineer and build an antivirus from the malware.
Asset
Any item that has value.
Attack on availability
Impacts access or uptime to a critical system, application, or data.
Attack on IT assets
Penetration testing, unauthorized access, stolen passwords, deletion of data, etc.
Attack on people
Using deception to get another human to perform an action.
Attack
An attack on a system succeeds by exploiting a vulnerability in the system.
Backdoors
Hidden access methods left by developers so they can access the system again without struggling with security controls.
Between-the-lines wiretapping
Does not alter the messages sent by legitimate users, but inserts additional messages into the communication line when the legitimate user pauses.
Birthday attacks
A type of cryptographic attack that is used to make brute-force attack of one-way hashes easier.
Black-hat hacker
Will try to break IT security and gain access to systems with no authorization to prove technical prowess.
Botnet
A bunch of internet-connected computers under the control of a remote hacker.
Browser or URL hijacking
The user is directed to a different website than what they requested, usually a fake page the attacker created.
Brute-force password attack
Attacker tries different passwords until one of them is successful.
Christmas (Xmas) attack
Sending advanced TCP packets with flags set to confuse IP routers and network border routers with TCP header bits set to 1, lighting the IP router up like a Christmas tree.
Cookie
A text file containing details gleaned from past visits to a website. Stored in cleartext.
Cracker
A hacker with hostile intent, sophisticated skills, and interests in financial gain.
Cryptolocker
A specific form of ransomware that encrypts local files or data until the victim pays a ransom to obtain the decryption keys.
Denial of Service (DoS)
An attack that results in downtime or inability of a user to access a system by impacting the availability.
Dictionary password attack
A simple attack that relies on users making poor passwords. A password-cracker program takes a dictionary file and attempts to log on by entering each dictionary entry as a password.
Disclosure threats
Occurs when unauthorized users access private or confidential information that is stored in a network resource while it is in transit between network resources.
Distributed denial of service (DDoS)
A type of DoS attack that also impacts a user’s ability to access a system by overloading the computer and preventing legitimate users from gaining access.
DNS poisoning
Pharming that poisons a domain name server.
Downtime
The time during which a service is not available due to a failure or maintenance.
Espionage
The act of spying to obtain secret information, typically to aid another nation state.
Exploit software
An application that incorporates known software vulnerabilities, data, and scripted commands to exploit a weakness in a computer system or IP host device.
Exploit
Something a hacker can do once a vulnerability is found.
Fabrications
The creation of some deception to trick unsuspecting users.
Flooding attacks
Overwhelm the victim’s CPU, memory, or network resources by sending large numbers of useless requests to the machine.
Gray-hat hackers
A hacker with average abilities who may one day become a black or white hat hacker.
Hacker
In the computing world, someone who enjoys exploring and learning how to modify something.
Hoax
An act intended to deceive or trick the receiver. Usually an email.
Identity theft
When private data is used to impersonate an individual.
Information leak
Any instance of someone who purposely distributes information without proper authorization.
Intellectual Property
An asset at the center of many organizations.
Interceptions
Eavesdropping on transmissions and redirecting them for unauthorized use.
Interruptions
A break in the communication channel which blocks the transmission of data.
Intrusive penetration testing
Positively verifies the network by working to exploit it.
Keystroke logger
Surveillance software or hardware that can record to a log file every keystroke made with a keyboard.
Logic attacks
Use software flaws to crash or hinder the performance of remote servers.
Malware
Malicious software that infiltrates one or more target computers and follows the attackers instructions.
Man-in-the-middle hijacking
Attacker uses a program to take control of a connection by masquerading as each end of the connection.
Masquerade attack
A user or computer pretends to be another user or computer.
Modifications
The alteration of data contained in transmissions or files.
National Vulnerability Database (NVD)
The List of Common Vulnerabilities and Exposure (CVE), which is maintained by the U.S. Department of Homeland Security.
Netcat
A utility that is the most popular backdoor tools in use today.
Operating System (OS) fingerprint scanner
Software that allows an attacker to send a variety of packets to an IP host device, hoping to determine the target device’s operating system (OS) from the response.
Opportunity cost
The amount of money a company loses during downtime.
Organization’s Assets
Customer Data
Password cracker
Software that performs one of two things:
Pharming
Domain spoofing.
Phishing
An email that is fake or bogus to trick the recipient into clicking on an embedded URL link or opening an email attachment.
Phreaking
Exploiting bugs and glitches in the telephone system.
Piggyback-entry wiretapping
Intercepts and modifies the original message by breaking the communications line and routhing the message to another computer that acts like a host.
Polymorphic Malware
Malware that can morph, making it difficult to see and be remediated with antivirus or anti-malware applications.
Port scanner
A tool used to scan for open IP ports that have been enabled.
Promiscuous mode
Sniffers operate in promiscuous mode, allowing every packet to be seen and captured by the sniffer.
Protocol Analyzer
AKA a sniffer. Software program that enables a computer to monitor and capture network traffic, whether on a LAN or a wireless network.
Ransomware
A new form of malware linked to a time clock, forcing the victim to pay a ransom to prevent their data from being deleted.
Replay attack
Capturing data packets from a network and retransmitting them to produce an unauthorized effect.
Risk
The probability that something bad is going to happen.
Rootkits
Malicious software programs designed to be hidden from normal methods of detection. Installed by attackers once they obtain root or system administrator access privileges.
Rootkits
Modifies or replaces one or more existing programs to hide traces of attacks.
Sabotage
The destruction of property or obstruction of normal operations.
Security breach
Any event that results in the violation of any of the confidentiality, integrity, or availability security tenets.
Session hijacking
Attacker tries to take over an existing connection between two network computers.
Smurfing
Use directed broadcasts to create a flood of network traffic for a victim computer.
Social engineering
Tricking authorized users into carrying out actions for unauthorized users.
Software vulnerability
A bug or weakness in the program.
Spam
Unwanted email.
Spear phishing
Using email or instant messages to target a specific organization, seeking unauthorized access to confidential data.
Spim
Unwanted IMs and chats.
Spoofing
A person, program, or computer disguises itself as another person, program, or computer to gain access to some resource.
Spyware
Malware that specifically threatens the confidentiality of information.
SYN flood
Popular technique to launch a flood attack.
Trojan
Malware that masquerades as a useful program.
True downtime cost
AKA opportunity cost. The amount lost during downtime.
Virus
Software program that attaches itself to or copies itself to another program or a computer.
Vulnerability scanner
Software program used to identify and verify vulnerabilities on an IP host device.
Vulnerability
A weakness in the design or software code itself. Can be exploited as a threat.
Wardialer
A computer that dials telephone numbers looking for a computer on the other end.
White-hat hacker
AKA an ethical hacker. An information security professional who has authorization to identify vulnerabilities and perform penetration testing.
Wireless network attacks
Perform intrusive monitoring, packet capturing, and penetration tests on a wireless network.
Wiretapping
Can be active, where attacker makes modifications to a line, or passive, where the unauthorized user simply listens to the transmission without changing the contents.
Worm
A self-contained program that replicates and sends copies of itself to other computers, generally across a network, without any input or action.
