Cheat Sheet Flashcards

1
Q

Virus

A

replicates using port 1900

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Polymorphic virus

A

mutates, as does its hash value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Ransomware

A

asks for money; could be subtle

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Worm

A

spreads using port 5000

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Trojan

A

could change .dll files

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Rootkit

A

upon reinstalling the OS, it is still there; in Linux, look for the bash shell as a path

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Keylogger

A

logs keystrokes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Adware

A

uses popups

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Bots

A

infected machine used as an attack vector

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

RAT

A

sends back passwords to the hacker, who then logs in

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Logic bomb

A

needs a trigger, such as time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Phishing

A

uses email; targets one person

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Spear phishing

A

attacks a group; look for plurals in the question

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Whaling

A

attacks CEO or high‐level executives

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Vishing

A

uses a telephone or leaves a voicemail

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Tailgating

A

follows someone through; does not use credentials

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Impersonating

A

pretends to be from the help desk or IT team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Dumpster diving

A

pulls information from the trash bin

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Shoulder surfing

A

someone looks over an employee’s shoulder or uses a smartphone to video your bank transaction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Watering hole

A

infects a trusted website

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Authority

A

email from CEO or HR; asks you to fill in a form

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Urgency

A

letting a fireman into the server room

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

DoS

A

one host taking out another

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

DDoS

A

multiple hosts taking out one host

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Man‐in‐the middle

A

interception attack data in real time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Replay

A

interception attack data replayed at a later date

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Kerberos

A

prevents replay and pass‐the‐hash attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Buffer overflow

A

too much data in a field

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Integer overflow

A

too large a number in a data field

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

XSS

A

uses HTML tags/JavaScript; no authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

XSRF/CSRF

A

asks you to click on an icon and provide authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Privilege escalation

A

tries to get admin rights

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

ARP poisoning

A

prevented by using static entries in the arp cache—for example, arp ‐s

34
Q

DNS poisoning

A

prevented by using DNSSEC that produces RRSIG records

35
Q

ARP

A

local LAN attack

36
Q

Man‐in‐the‐browser

A

trojan already installed; after bank transactions; URL does not change

37
Q

Zero‐day virus

A

cannot be detected other than baseline; takes more time to get antidote.

38
Q

Pass‐the‐hash

A

attacks NTLM authentication; prevented by disabling NTLM or using Kerberos

39
Q

Session hijacking

A

steals your cookies

40
Q

Evil twin

A

looks like a legitimate WAP

41
Q

Rogue AP

A

free; steals information; prevented by using 802.1x

42
Q

Jamming

A

interference attack

43
Q

WPS

A

push the button; brute-force attacks underlying password

44
Q

Bluejacking

A

hijacks Bluetooth phone; sends text messages

45
Q

Bluesnarfing

A

steals contacts from Bluetooth phone

46
Q

RFID

A

prevents theft of small devices

47
Q

NFC

A

wireless payment; short range

48
Q

Birthday

A

hash-collision attack; digital signatures vulnerable

49
Q

Disassociation attacks

A

prevents access to the WAP

50
Q

Rainbow tables

A

precomputed list of passwords and hashes; used for hash-collision attacks

51
Q

Dictionary

A

password; prevented by using a random character in your password or misspelling your password

52
Q

Brute force

A

every available combination; prevents account lockout low value or salt password

53
Q

Collison

A

matches hashes

54
Q

Weak implementation

A

uses WEP; better to use WPA2‐CCMP as it is the strongest

54
Q

Downgrade

A

uses legacy SSL rather than TLS; POODLE is a classic example

55
Q

Script kiddie

A

purchases scripts and programs, probably from the dark web

56
Q

Hacktivist

A

politically motivated agent

57
Q

Nation state/APT

A

foreign government agent

58
Q

Organized crime

A

profit-driven agent who will blackmail you

59
Q

Competitors

A

steals your trade secrets; beats you to market with your product

59
Q

Insider

A

known as a malicious insider; hardest to detect

60
Q

Intrusive

A

can cause damage

61
Q

Black box

A

knows nothing

62
Q

White box

A

knows everything

63
Q

Gray box

A

has at least one piece of information—for example, a password or diagram

64
Q

Fuzzing

A

enters random characters into an application for spurious results; black-/white-box pen testers use it

65
Q

Pivot

A

accesses a network through a vulnerable host, then attacks a secondary, more important host

66
Q

Initial exploitation

A

where pen testing starts

67
Q

Escalation of privileges

A

obtains admin rights

68
Q

Intrusive scan

A

used in pen testing; can cause damage to your system

69
Q

Passive

A

no damage

70
Q

Credentialed

A

admin rights; more information; audit files; account and certificate information

71
Q

Non‐credentialed

A

low level; finds missing patches

72
Q

Race condition

A

two threads accessing data at the same time

73
Q

End‐of‐life systems

A

lack of vendor support; no patches

74
Q

Error handling

A

customer side makes error small; IT support error needs all information

75
Q

Default configuration

A

changes username or passwords

76
Q

Untrained users

A

not complying with policies

76
Q

Resource exhaustion

A

running CPU at 100% or running out of memory

77
Q

Key management

A

ensures keys signed in and out each day