Comparing Threats, Vulnerabilities, and Common Attacks Flashcards
A targeted attack against a network by an organized group that is sponsored by a nation-state or government
Advanced Persistent Threat - APT
Malware that seems legitimate or beneficial but its actually malicious
Trojan
Malware that masquerades as a free antivirus program
Rogueware
A type of malware that allows attackers to take control of systems from remote locations
Remote Access Trojan - RAT
A specific type of trojan that encrypts the user’s data or take control of the computer and lock out the user. Demand for payment in exchange for access follows
Ransomware
Ransomware that encrypts the user’s data is sometimes referred to as
Crypto-malware
A blackmail technique associated with ransomware that threatens to publish the files along with the victims credentials
Doxing
A type of software that tries to separate users from their money using data-harvesting techniques
Privacy-invasive software
A message that tells of impending doom from a virus or other security threat that simply doesn’t exist
hoax
Attempts to discover which web sites a group of people are likely to visit and then infects those web sites with malware that can infect the visitors
Watering Hole Attack
This occurs when a user or process accesses elevated rights and permissions
Privilege Escalation
A type of threat detection that occurs from recognizing known patters ork data definition files
Signature based detection
A type of threat detection that detects previously unknown threats that do not have signatures to include zero-day exploits
Heuristic based detection
A type of threat detection that detect modified system files. Capable of finding rootkit infections.
File Integrity Checkers
This is a security feature that prevents code from executing in memory regions marked as non-executable. It’s primary purpose is to protect system from malware
Data Execution Prevention - DEP
