Chapter 6 Flashcards
Comparing Threats, Vulnerabilities , and Common Attacks
Open-Source Intelligence
A method of gathering data using public sources, such as social media sites and news outlets
Script Kiddie
An attacker with little expertise or sophistication
Script kiddies use existing scripts to launch attacks
Hacktivist
An attacker who launches attacks as part of an activist movement or to further a cause
Insider
An attacker who launches attacks from within an organization, typically as an employee
APT
Advanced persistent threat is a group that has both the capability and intent to launch sophisticated and targeted attacks
DoS
Denial-of-service is an attack from a single source that attempts to disrupt the services provided by the attacked system
Compare with DDoS
DDoS
Distributed denial -of-service is an attack on a system launched from multiple source intended to make a computer’s resources or services unavailable to users
DDoS attacks typically include sustained, abnormally high network traffic
Compare with DoS
Resource Exhaustion
The malicious result of many DoS and DDoS attacks
The attack overloads a computer’s resources (such as the processor and memory), resulting in service interruption
Virus
Malicious code that attaches itself to a host application
The host application must be executed to run, and the malicious code executes when the host application is executed
Worm
Self-replacing malware that travels through a network
Worms do not need user interaction to execute
Logic Bomb
A type of malware that executes in response to an event
The event might be a specific date or time, or a user action such as when a user launches a specific program
Malware
Malicious software
It includes a wide range of software that has malicious intent, such as viruses, worms, ransomware, rootkits, logic bombs, and more
Backdoor
An alternate method of accessing a system
Malware often adds a backdoor into a system after it infects it
Trojan
Malware also known as a Trojan horse
A Trojan often looks useful, but is malicious
RAT
Remote access Trojan
Malware that allows an attacker to take control of a system form a remote location
Ransomware
A type of malware used to extort money from individuals and organization
Ransomware typically encrypts the user’s data and demands a ransom before decryption the data
Crypto-Malware
A type of ransomware that encrypt the user’s data
Keylogger
Software or hardware used to capture a user’s keystrokes
Keystrokes are stored in a file and can be manually retrieved or automatically sent to an attacker
Spyware
Software installed on users’ systems without their awareness or consent
Its purpose is often to monitor the user’s computer and the user’s activity
Bots
Software robots that function automatically
A botnet is a group of computers that are joined together
Attackers often use malware to join computers to a botnet, and then use the botnet to launch attacks
Rootkit
A type of malware that has system-level access to a computer
Rootkits are often able to hide themselves from users and antivirus software
Social Engineering
The practice of using social tactics to gain information
Social engineers attempt to gain information from people, or get people to do things they wouldn’t normally do
Shoulder Surfing
The practice of looking over someone’s shoulder to obtain information, such as on a computer screen
A screen filter placed over a monitor helps reduce the success of shoulder surfing
Screen Filter
A physical security device used to reduce visibility of a computer screen
Screen filters help prevent shoulder surfing
Hoax
A message, often circulated through email, that tells of impending doom from a virus or other security threat that simply doesn’t exist
Tailgating
A social engineering attack where one person follows behind another person without using credentials
Mantraps help prevent tailgating
Mantrap
A physical security mechanism designed to control access to a secure area
A mantrap prevents tailgating
Dumpster Diving
The practice of searching through trash looking to gain information from discarded documents
Shredding or burning papers helps prevent the success of dumpster diving
Watering Hole Attack
An attack method that infects web sites that a group is likely to trust and visit
Spam
Unwanted or unsolicited email
Attackers often launch attacks using spam
Phishing
The practice of sending email to users with the purpose of tricking them into revealing personal information or clicking on a link
Domain Abuse Notice
Filler
Spear phishing
A targeted form of phishing
Attackers often launch attacks using spam
Whaling
A form of spear phishing that attempts to target high-level executives
When successful, attackers gain confidential company information that they might not be able to get anywhere else
Privilege Escalation
The process of gaining elevated rights and permissions
Malware typically uses a variety of techniques to gain elevated privileges
Spam Filter on Mail Gateways
Filler
Anti-Malware Software on Mail Gateways
Filler
All Systems
Filler
Boundaries or Firewalls
Filler
Antivirus
Software that protects systems from malware
Although it is called antivirus software, it protects against most malware, including viruses, Trojans, worms, and more
DEP
Filler
Spam Filter
Spam filter is a method of blocking unwanted email
By blocking email, it often blocks malware
Zero-Day Vulnerability
A vulnerability or bug that is unknown to trusted sources but can be exploited by attackers
Zero-day attacks take advantage of zero-day vulnerabilities
Impersonation
Filler
Vishing
Filler
