Chapter 5: Endpoint Vulnerabilities, Attacks, and Defenses Flashcards

1
Q

What are Endpoints?

A

Any device - a better and more accurate description

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Blocking Ransomeware?

A

Blocks user from using the computer correctly

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is Locking Ransomeware?

A

Encrypts some or all files on the device so that they can’t be open

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is spyware?

A

Tracking software deployed without consent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a Trojan?

A

Executable program that masquerades as performing good activity BUT does something malicious

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is RAT?

A

Remote Access Trojan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the definition of a Launch type of malware? (Virus, Worm, Bloatware, and Bot)

A

Infects a computer to launch attacks on other computers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a File-Base Virus?

A

Reproduces itself on the same computer without human intervention (Easy)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a Fileless Virus?

A

Not attached to files, takes advantage of native services and process - ex. RAM (Hard)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a worm (Network Virus)?

A

Malicious program that uses a computer network to replicate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is Bloatware?

A

Software that is installed on a device without user requesting it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is a Bot/Zombie?

A

Infected robot computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a Botnet?

A

Multiple bot computers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are Bot Herders?

A

Controls bots through a C&C structure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a logic bomb?

A

Computer code added to legit program but lies dormant& evades detection until a specific logical event

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a Rootkit?

A

Malware hides its presence & possibly other malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is a Backdoor?

A

Gives access to a computer, program, or service that circumvents any normal security protections

18
Q

What is an IoA?

A

Indicator of Attack - A sign an attack is currently underway

19
Q

What is an IoC?

A

Indicator of Compromise - A sign an attack has already happened

20
Q

What is Privilege Escalation?

A

Allows attacker to gain access beyond what is entitled for a user

21
Q

What is Buffer Overflow?

A

A process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer

22
Q

What is a NULL Pointer/Object?

A

An improper handling situation

23
Q

What is a Race Condition?

A

Two concurrent threads of execution access shared resource simultaneously

24
Q

What is a web-based attacks?

A

Attacks through web application

25
What is Directory Traversal?
Takes advantage of a vulnerability so that a user can move from the root directory or other restricted directory
26
What are Request Forgery attacks?
A request that has been fabricated
27
What is Cross-site scripting? (XSS)
A website that accepts user input without validating it & uses that in put in a response; no sanitizing
28
What is sanitizing in programing?
the process of cleaning or filtering user input to ensure it doesn’t contain any malicious code that could be executed by the web application - to “clean” anything from “bad things”
29
What is CSRF?
Cross-Site Request Forgery - Takes advantage of an authentication "Token" that a website sends to a users browser
30
What is SSRF?
Server-Site Request Forgery - Takes advantage of a trusting relationship between servers
31
What is a Replay attack?
Commonly against digital identities, Impersonates legitimate user - copies data and then uses it for an attack
32
What is Antivirus?
Monitors computer activity, examines computer for file-based virus infection
33
What is static analysis?
Older AV products that use signature-based monitoring
34
What is dynamic analysis?
Looking for characteristics. heuristic monitoring
35
What is Secure Cookies?
Encrypted request over the secure HTTPS protocol
36
What is HTTP Response Headers?
Headers that tell browser how to behave with website
37
What is HIDS?
Host Intrusion Detection Systems - Used to detect attack
38
What is an HIPS?
Host Intrusion Prevention Systems - Monitor activity to block malicious attack
39
What is EDR?
Endpoint Detection & Response - Tools more robust than HIDS & HIPS, Preform more analytics to ID anomalies
40
What is a keylogger?
Software or Hardware that silently captures and stores each keystroke that is typed on a user's keyboard - Can even be able to take screenshots of the screen and send that over the ethernet to the threat actor (software) - Sometimes needs to be installed and retrieve without being detected (hardware)
41
What is TOC/TOU?
Time of Check/Time of Use - A race condition in which a threat actor can influence the state of the resource between a check
42
What is TOE?
Target of Evaluation - A system, product, and its documentation that is the subject of a security evaluation