Common Attack Types Flashcards
Backdoor
a means of regaining access to a compromised system by installing/configuring software to enable remote access
Brute force attack
an attack made by trying all possible combinations of passwords or encryption keys until the
correct one is found.
Buffer overflow
occurs when a program tries to store more data in a buffer than it can hold, can corrupt or overwrite data
Cross-site scripting
when an attacker uses a web application to send malicious code to a different end user.
DoS attack
an assault from a single source that floods it with so many requests that it becomes overwhelmed and either stops or becomes impaired
Social engineering
an attempt to exploit social vulnerabilities to gain access to information
Phishing
email attack that attempts to convince a user that the originator is genuine, but with the intention of obtaining information for use in social engineering
Spear phishing
an attack where social engineering techniques are used to masquerade as a trusted party to obtain
important information such as passwords from the victim.
SQL injection
When specially crafted user-controlled input consisting of SQL syntax is used without proper validation as part of SQL queries, it is possible to glean information from the database in ways
Zero-day exploit
a vulnerability that is exploited before the software creator is even aware of its existence.
Viruses
a piece of code that can replicate itself and spread from one computer to another. It requires intervention or execution to replicate and/or cause damage.
Network worm
a piece of self-replicating code designed to
spread itself across computer networks
Trojan horses
a piece of malware that gains access to a system by hiding within a genuine application
Botnets
a large network of compromised computers that can be controlled to launch large-scale attacks such as denial-of-service (DoS)
Spyware
malware that gathers information about a person without their knowledge
