Chapter 5: Endpoint Vulnerabilities, Attacks, and Defenses Flashcards
What are Endpoints?
Any device - a better and more accurate description
What is Blocking Ransomeware?
Blocks user from using the computer correctly
What is Locking Ransomeware?
Encrypts some or all files on the device so that they can’t be open
What is spyware?
Tracking software deployed without consent
What is a Trojan?
Executable program that masquerades as performing good activity BUT does something malicious
What is RAT?
Remote Access Trojan
What is the definition of a Launch type of malware? (Virus, Worm, Bloatware, and Bot)
Infects a computer to launch attacks on other computers
What is a File-Base Virus?
Reproduces itself on the same computer without human intervention (Easy)
What is a Fileless Virus?
Not attached to files, takes advantage of native services and process - ex. RAM (Hard)
What is a worm (Network Virus)?
Malicious program that uses a computer network to replicate
What is Bloatware?
Software that is installed on a device without user requesting it
What is a Bot/Zombie?
Infected robot computer
What is a Botnet?
Multiple bot computers
What are Bot Herders?
Controls bots through a C&C structure
What is a logic bomb?
Computer code added to legit program but lies dormant& evades detection until a specific logical event
What is a Rootkit?
Malware hides its presence & possibly other malware
What is a Backdoor?
Gives access to a computer, program, or service that circumvents any normal security protections
What is an IoA?
Indicator of Attack - A sign an attack is currently underway
What is an IoC?
Indicator of Compromise - A sign an attack has already happened
What is Privilege Escalation?
Allows attacker to gain access beyond what is entitled for a user
What is Buffer Overflow?
A process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer
What is a NULL Pointer/Object?
An improper handling situation
What is a Race Condition?
Two concurrent threads of execution access shared resource simultaneously
What is a web-based attacks?
Attacks through web application