Cyber 160 Module 3~ Threats and Attacks and Endpoints

Question 1

**

network connected hardware devices

Answer 1

endpoint

Question 2

software that enters a computer system without the users knowledge or consent and then performs, unwanted and harmful actions

Answer 2

malware

imprison

Question 3

prevents a user endpoint device from properly and fully functioning until a fee is paid

Answer 3

ransomware

imprison

Question 4

type of ransomware that encrypts all the files on the devices so that none of them can be opened

Answer 4

cryptoware

imprison

Question 5

malicious computer code that is attached to a file

Ex: user might send an infected email to another user and once the virus reaches the computer it begins to infect it

Answer 5

file-based virus

launch

Question 6

does not attatch to a file, takes advantage of native services and proccesses that are part of the operating system to avoid detection and carry out it’s attacks

Answer 6

fileless virus

launch

Question 7

uses a computer network to replicate

Answer 7

net virus or worm

launch

Question 8

infected computer placed under the remote control of an attacker for the purpose of launching attacks

Answer 8

zombie or bot

launch

Question 9

a structure that sends instructions to infected bot computers

Answer 9

command and control (C&C)

launch

Question 10

tracking software that’s developed without the consent or control of the user

Answer 10

spyware

snoop

Question 11

silently caputres and stores each keystroke that a user types on the computer keyboard

Answer 11

keylogger

snoop

Question 12

software that users do not want on their comptuer that comes pre-installed

Ex: pop-up windows

Answer 12

potentially unwanted programs (PUPs)

deceive

Question 13

executable program that masquerades as performing a kind activity but also does something malicious

Answer 13

trojan

deceive

Question 14

basic functionality of a trojan but also gives the threat agaent unauthorized remote access to the victim’s computer by using specially configured command protocols

Answer 14

remote access trojan (rat)

deceiver

Question 15

computer code that is typically added to a legitimate program but lies dormant and evades detection until a specific logical event triggers it

Answer 15

logic bomb

evade

Question 15

fives access to a computer program or seervice that cirumvents any normal security protectections ; allows attacker to return and bypass securtiy settings

Answer 15

backdoor

evade

Question 16

hides its presence and the presence of other malware on the computer

Answer 16

rootkit

evade

Question 17

attack takes advtage of a website that accepts user input without validating

Answer 17

cross-site scripting (xss)

Question 18

inserts statements to manipulate a database server using structured querty language command and targets SQL servers by introducing malicous commands into them

Answer 18

SQL injection

Question 19

attack that introduces new input to exploit a vulnerability

Answer 19

injection

Question 20

language used to view and manipulate data thats stored in a relational database

Answer 20

Structured Query Language

Question 21

markup language designed to store information

Answer 21

eXtensible Markup Language

Question 22

inserts statemnet to manipulate a database server using extensible Markup Language (XML)

Answer 22

XML injection

Question 23

takes advantage of an unauthentication “token” that a website sends to a user’s web browser while pretending to be an authroized user

Answer 23

cross site request forgery (CSRF)

Question 24

takes advantave of an authentication "token" that a website sends to a user's web browser to imitate the identity and privillege of the victim

Answer 24

client-side request forgery

Question 25

takes advantage of a trusting relationship between web servers to gain access to sensitive data or inject harmful data

Answer 25

server- side request forgery (SSRF)

Question 26

attack that copies data and the uses it for an attack; later threat actor retransmits selected and edited portions of coppied command to later impersonate the legitimate user

Answer 26

replay

Question 27

depletes part of memory and thus interferes with normal operatings of the program in RAM

Answer 27

resource exhaustion attacks

Question 28

due to a programming error, memory is not freed when the program has finsihed being used

Answer 28

memory leak

Question 29

proccess attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer

Answer 29

buffer overflow attack

Question 30

attackers change the value of a variable to something outside the range the programmer had inteded by using an integer overflow ## Footnote Ex: withdrawing $1 from an account getting a balance of $0 could cause a balance of $4,234,432,567

Answer 30

integer over flow attack

Question 31

programming error that doesn't filter or validate user input to prevent a malicious action

Answer 31

improper input handling

Question 32

programming error that does not properly trap an error condition

Answer 32

error handling

Question 33

flaw that results in a pointer given a NULL instead of valid value

Answer 33

project/object derference

Question 34

when two concurrent threads of execution access on a shared resource simultaneously

Answer 34

race condition

Question 35

software check of the state of a resource before using that resource

Answer 35

time of check / time of use

Question 36

attack that targets vulnerabilities is an API

Answer 36

application program interface (API) attack

Question 37

link provided by operating system, web browser or other platform that allows a developer access to resources at a high level

Answer 37

application program interface (API)

Question 38

software that controls and operates an external hardware device thats connected to a computer

Answer 38

device driver

Question 39

attack that alters a device driver from its normal function

Answer 39

device driver manipulation

Question 40

changing the design of exhisitng code

Answer 40

refactoring

Question 41

storage of both code and data that can be used by more than one program at the same time

Answer 41

Dynamic- Link Library (DLL)

Question 42

attack that inserts code into a running proccess through a DLL to cause a program to function in a different way then intended

Answer 42

DLL injection

Question 43

exploiting the risks associated with using AI and ML in cyber security

Answer 43

adversial artificial intelligence

Question 44

risks associated with the vulnerabilities in AI- powered cybersercuirty applications and their devices

Answer 44

security of ML algortithms

Question 45

risks associated wihth attackers can attempt to alter the trainnig data thats used by ML and can attempt to alter ttraining data used by machine learning to produce false negative and cloak themselves

Answer 45

tainted training data for machine learning