Chapter 6: Comparing Threats, Vulnerabilities, and Common Attacks Flashcards
_____ _____ use existing computer scripts or code to launch attacks. They typically have very little expertise or sophistication, and very little funding.
Script kiddies
A_____ launches attacks as part of an activist movement or to further a cause.
hacktivist
_____(such as employees of a company) have legitimate access to an organization’s internal resources. They sometimes become malicious out of greed or revenge.
Insiders
Competitors sometimes engage in attacks to gain _____ _____ about another company.
proprietary information
Organized crime is an enterprise that employs a group of
individuals working together in criminal activities. Their primary motivation is _____.
money
Some attackers are organized and sponsored by a _____-_____ or government.
nation-state
An ____ ____ ____ is a targeted attack against a network. It has both the capability and intent to launch sophisticated and targeted attacks. They are sponsored by a nation-state and often have a significant amount of resources and funding.
advanced persistent threat (APT)
A common method attackers often use before launching an attack is to gather information from ___-____ _____, including any information available via web sites and social media.
open-source intelligence
_____includes several different types of malicious code, including viruses, worms, logic bombs, backdoors, Trojans, ransomware, rootkits, and more.
Malware
A_____ is malicious code that attaches itself to a host application. The code runs when the application is launched.
virus
A_____ is self-replicating malware that travels throughout a network without user intervention.
worm
A _____ _____ executes in response to an event, such as a day, time, or condition. Malicious insiders have planted logic bombs into existing systems, and these logic bombs have delivered their payload after the employee left the company.
logic bomb
_____provide another way of accessing a system. Malware often inserts this into systems, giving attackers remote access to systems.
Backdoors
A _____ appears to be one thing, such as pirated software or free antivirus software, but is something malicious. s.
Trojan
A ____ ____ ____ is a type of malware that allows attackers to take control of systems from remote location
remote access Trojan (RAT)
Drive-by downloads often attempt to infect systems with _____.
Trojans
_____ is a type of malware that takes control of a user’s system or data. Criminals attempt to extort payment as ransom combined to return control to the user .
Ransomware
_____-_____ is ransomware that encrypts the user’s data. Attackers demand payment to decrypt the data.
Crypto- malware
_____ is software installed on user systems without the user’s knowledge or consent and it monitors the user’s activities. It sometimes includes a keylogger that records user keystrokes.
Spyware
A_____ is a group of computers called zombies controlled through a command-and- control server. Attackers use malware to join computers to botnets.
botnet
____ ____ launch attacks through botnets.
Bot herders
_____take root-level or kernel-level control of a system. They
hide their processes to avoid detection. They can remove user privileges and modify system files.
Rootkits
_____ _____ is the practice of using social tactics to gain information or trick users into performing an action they wouldn’t normally take.
Social engineering
_____ _____ attacks can occur in person, over the phone, while surfing the Internet, and via email. Many social engineers attempt to impersonate others.
Social engineering
_____ _____ is an attempt to gain unauthorized information through casual observation, such as looking over someone’s shoulder, or monitoring screens with a camera. Screen filters can thwart these attempts.
Shoulder surfing
A_____ is a message, often circulated through email, that tells of impending doom from a virus or other security threat that simply doesn’t exist.
hoax
_____ is the practice of one person following closely behind another without showing credentials. Mantraps help prevent this.
Tailgating
_____ ____ search through trash looking for information. Shredding or burning documents reduces the risk of dumpster diving.
Dumpster divers
____ ____ attacks discover sites that a targeted group visits and trusts. Attackers then modify these sites to download malware. When the targeted group visits the modified site, they are more likely to download and install infected files.
Watering hole
____is unwanted or unsolicited email. Attackers often use spam in different types of attacks.
Spam
____ is the practice of sending email to users with the purpose of tricking them into revealing sensitive information, installing malware, or clicking on a link.
Phishing
____ ____ and ____ are types of phishing. ____ ____ targets specific groups of users and ____ targets high-level executives.
Spear phishing and whaling
____ is a form of phishing that uses voice over the telephone and often uses Voice over IP (VoIP). Some attacks start with a recorded voice and then switch over to a live person.
Vishing
Antivirus software can detect and block different types of malware, such as worms, viruses, and Trojans. Antivirus software uses_____ to detect known malware.
signatures
When downloading signatures manually,____ can verify the integrity of signature files.
hashes
Antivirus software typically includes a ____ ____ ____ to detect files modified by a rootkit.
file integrity checker
____ ____ ____ prevents code from executing in memory locations marked as nonexecutable. The primary purpose of DEP is to protect a system from malware.
Data execution prevention (DEP)
____-____ software attempts to block unsolicited email. You can configure a spam filter to block individual email addresses and email domains.
Anti-spam
____-____ exploits take
advantage of vulnerabilities that are not known by trusted sources.
Zero-day
____ ____ and other criminals employ several psychology- based principles to help increase the effectiveness of their attacks. They are authority, intimidation, consensus, scarcity, urgency, familiarity, and trust.
Social engineers
