Chapter 6: Comparing Threats, Vulnerabilities, and Common Attacks

Question 1

_____ _____ use existing computer scripts or code to launch attacks. They typically have very little expertise or sophistication, and very little funding.

Answer 1

Script kiddies

Question 2

A_____ launches attacks as part of an activist movement or to further a cause.

Answer 2

hacktivist

Question 3

_____(such as employees of a company) have legitimate access to an organization’s internal resources. They sometimes become malicious out of greed or revenge.

Answer 3

Insiders

Question 4

Competitors sometimes engage in attacks to gain _____ _____ about another company.

Answer 4

proprietary information

Question 5

Organized crime is an enterprise that employs a group of

individuals working together in criminal activities. Their primary motivation is _____.

Answer 5

money

Question 6

Some attackers are organized and sponsored by a _____-_____ or government.

Answer 6

nation-state

Question 7

An ____ ____ ____ is a targeted attack against a network. It has both the capability and intent to launch sophisticated and targeted attacks. They are sponsored by a nation-state and often have a significant amount of resources and funding.

Answer 7

advanced persistent threat (APT)

Question 8

A common method attackers often use before launching an attack is to gather information from ___-____ _____, including any information available via web sites and social media.

Answer 8

open-source intelligence

Question 9

_____includes several different types of malicious code, including viruses, worms, logic bombs, backdoors, Trojans, ransomware, rootkits, and more.

Answer 9

Malware

Question 10

A_____ is malicious code that attaches itself to a host application. The code runs when the application is launched.

Answer 10

virus

Question 11

A_____ is self-replicating malware that travels throughout a network without user intervention.

Answer 11

worm

Question 12

A _____ _____ executes in response to an event, such as a day, time, or condition. Malicious insiders have planted logic bombs into existing systems, and these logic bombs have delivered their payload after the employee left the company.

Answer 12

logic bomb

Question 13

_____provide another way of accessing a system. Malware often inserts this into systems, giving attackers remote access to systems.

Answer 13

Backdoors

Question 14

A _____ appears to be one thing, such as pirated software or free antivirus software, but is something malicious. s.

Answer 14

Trojan

Question 15

A ____ ____ ____ is a type of malware that allows attackers to take control of systems from remote location

Answer 15

remote access Trojan (RAT)

Question 16

Drive-by downloads often attempt to infect systems with _____.

Answer 16

Trojans

Question 17

_____ is a type of malware that takes control of a user’s system or data. Criminals attempt to extort payment as ransom combined to return control to the user .

Answer 17

Ransomware

Question 18

_____-_____ is ransomware that encrypts the user’s data. Attackers demand payment to decrypt the data.

Answer 18

Crypto- malware

Question 19

_____ is software installed on user systems without the user’s knowledge or consent and it monitors the user’s activities. It sometimes includes a keylogger that records user keystrokes.

Answer 19

Spyware

Question 20

A_____ is a group of computers called zombies controlled through a command-and- control server. Attackers use malware to join computers to botnets.

Answer 20

botnet

Question 21

____ ____ launch attacks through botnets.

Answer 21

Bot herders

Question 22

_____take root-level or kernel-level control of a system. They
hide their processes to avoid detection. They can remove user privileges and modify system files.

Answer 22

Rootkits

Question 23

_____ _____ is the practice of using social tactics to gain information or trick users into performing an action they wouldn’t normally take.

Answer 23

Social engineering

Question 24

_____ _____ attacks can occur in person, over the phone, while surfing the Internet, and via email. Many social engineers attempt to impersonate others.

Answer 24

Social engineering

Question 25

_____ _____ is an attempt to gain unauthorized information through casual observation, such as looking over someone’s shoulder, or monitoring screens with a camera. Screen filters can thwart these attempts.

Answer 25

Shoulder surfing

Question 26

A_____ is a message, often circulated through email, that tells of impending doom from a virus or other security threat that simply doesn’t exist.

Answer 26

hoax

Question 27

_____ is the practice of one person following closely behind another without showing credentials. Mantraps help prevent this.

Answer 27

Tailgating

Question 28

_____ ____ search through trash looking for information. Shredding or burning documents reduces the risk of dumpster diving.

Answer 28

Dumpster divers

Question 29

____ ____ attacks discover sites that a targeted group visits and trusts. Attackers then modify these sites to download malware. When the targeted group visits the modified site, they are more likely to download and install infected files.

Answer 29

Watering hole

Question 30

____is unwanted or unsolicited email. Attackers often use spam in different types of attacks.

Answer 30

Spam

Question 31

____ is the practice of sending email to users with the purpose of tricking them into revealing sensitive information, installing malware, or clicking on a link.

Answer 31

Phishing

Question 32

____ ____ and ____ are types of phishing. ____ ____ targets specific groups of users and ____ targets high-level executives.

Answer 32

Spear phishing and whaling

Question 33

____ is a form of phishing that uses voice over the telephone and often uses Voice over IP (VoIP). Some attacks start with a recorded voice and then switch over to a live person.

Answer 33

Vishing

Question 34

Antivirus software can detect and block different types of malware, such as worms, viruses, and Trojans. Antivirus software uses_____ to detect known malware.

Answer 34

signatures

Question 35

When downloading signatures manually,____ can verify the integrity of signature files.

Answer 35

hashes

Question 36

Antivirus software typically includes a ____ ____ ____ to detect files modified by a rootkit.

Answer 36

file integrity checker

Question 37

____ ____ ____ prevents code from executing in memory locations marked as nonexecutable. The primary purpose of DEP is to protect a system from malware.

Answer 37

Data execution prevention (DEP)

Question 38

____-____ software attempts to block unsolicited email. You can configure a spam filter to block individual email addresses and email domains.

Answer 38

Anti-spam

Question 39

____-____ exploits take

advantage of vulnerabilities that are not known by trusted sources.

Answer 39

Zero-day

Question 40

____ ____ and other criminals employ several psychology- based principles to help increase the effectiveness of their attacks. They are authority, intimidation, consensus, scarcity, urgency, familiarity, and trust.

Answer 40

Social engineers