CyberS C3 Flashcards

1
Q

What are the different types of malware and their characteristics?

A
  • Viruses: Malicious executable code attached to legitimate files, requiring user initiation.
    • Worms: Self-replicating malicious code exploiting network vulnerabilities.
    • Trojan horse: Malware pretending as a legitimate program, exploiting user privileges.
    • Logic Bomb: Malicious program activated by specific triggers.
    • Ransomware: Holds data captive, demanding payment for release.
    • Backdoors and Rootkits: Programs introduced by criminals to bypass system authentication and access systems.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Explain the risks associated with email and browser attacks

A
  • Spam: Unsolicited/unwanted emails often containing harmful links or content.
    • Spyware: Collects information about user activities.
    • Spyware often includes activity trackers, keystroke
      collection, and data capture
      . In an attempt to overcome
      security measures, spyware often modifies security
      settings.
    • Adware: Displays unwanted pop-ups, often analyzing user interests.
    • Scareware: Persuades users through fear to take specific actions.Scareware forges popup windows that resemble operating system dialogue
      windows
    • Phishing: Fraudulent attempts to obtain sensitive information by posing as a trusted entity.
    • Spear phishing: Targeted phishing attacks aimed at specific individuals.
    • Vishing: Phishing attacks using voice communication.Criminals can spoof calls
      from legitimate sources using voice over IP (VoIP)
      technology
    • Pharming: Impersonates legitimate websites to deceive users.
    • Whaling: Phishing attacks targeting high-profile individuals.such as
      senior executives

Plugins: Adobe’s Flash and Shockwave plugins enhance web page visuals and display content developed using the respective software.

SEO Poisoning: Malicious use of SEO techniques to manipulate search engine rankings, making malicious websites appear higher in search results.

Browser Hijacker: Malware that modifies browser settings to redirect users to websites benefiting cybercriminals.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is social engineering, and what are its common tactics?

A

Social engineering is a non-technical attack method that manipulates individuals into disclosing confidential information or performing actions.
- Pretexting: This is when an attacker calls an individual and
lies to them in an attempt to gain access to privileged data.
- Something for Something (Quid pro quo): Requesting personal information in exchange for a benefit.
- Shoulder surfing involves attackers observing or capturing sensitive information like PINs or access codes by watching their victims directly or using tools like binoculars and cameras.
- Impersonation and HoaxesImpersonation involves criminals pretending to be someone else to deceive victims, as seen in scams where fraudsters pose as trusted entities like the IRS to extort money.
- Piggybacking and tailgating involve unauthorized individuals following closely behind an authorized person to gain entry to restricted areas.

  • Online, Email, and Web-based Trickery - Forwarding
    hoax emails and other jokes, funny movies, and non-workrelated emails at work may violate the company’s
    acceptable use policy and result in disciplinary actions.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Describe the different types of cyberattacks and their implications.

A
  • Denial-of-Service (DoS) Attacks: are a type of network attack. A DoS attack results in
    some sort of interruption of network services to users, devices, or applications
    • Sniffing: Eavesdropping on network traffic to capture sensitive data.
    • Spoofing: Impersonating trusted entities to exploit relationships.
    • Man-in-the-middle (MitM): Intercepting and potentially altering communications between computers.
    • Zero-Day Attacks: Exploiting unknown software vulnerabilities,that are unknown or undisclosed by the software
      vendor. The term zero hour describes the moment when someone
      discovers the exploit
    • Keyboard Logging: Recording keystrokes to capture sensitive information.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the vulnerabilities associated with wireless and mobile attacks?

A
  • Grayware: Grayware includes applications that behave in an annoying or undesirable
    manner. Grayware may not have recognizable malware concealed within, but
    it still may pose a risk to the user.
    • SMiShing: SMS-based phishing attacks tricking users into divulging sensitive information.
    • Rogue Access Points: A rogue access point is a wireless
      access point installed on a secure network without explicit
      authorization..A rogue access point can be set up in two
      ways.
    • 1 RF Jamming: Deliberate interference disrupting wireless transmissions.(EMI) and (RFI)
    • 2 Bluejacking and Bluesnarfing: - Bluejacking is the term
      used for sending unauthorized messages to another
      Bluetooth device. Bluesnarfing occurs when the attacker
      copies the victim’s information from his device
    • WEP and WPA Attacks: (WEP) is a security protocol that attempted to provide a wireless local area network (WLAN) with the same level of security as a wired LAN. WEP seeks to provide similar protection for data transmitted over the WLAN with encryption.

-WEP uses a key for encryption.

-there is no provision for key management with WEP, so the number of people sharing the key will continually grow.

Wi-Fi Protected Access (WPA) and then WPA2 came out as improved protocols to replace WEP. WPA2 does not have the same encryption problems because an attacker cannot recover the key by observing traffic.

-WPA2 is susceptible to attack because cyber criminals can analyze the packets going between the access point and a legitimate user.

-Cyber criminals use a packet sniffer and then run attacks offline on the passphrase.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How can organizations defend against application attacks?

A
  • Write secure code.
    • Treat all external inputs as potentially hostile.
    • Validate all inputs rigorously.
    • Keep software up-to-date.
    • Actively install security updates.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the types of Application Attacks

A

**Cross-site scripting (XSS) is a vulnerability found in web applications. XSS
allows criminals to inject scripts into the web pages viewed by users, exploiting vulnerabilities within websites or web applications without directly targeting the victim.

Code injection attacks exploit vulnerabilities in programs, like SQL or XML databases, by injecting malicious code due to improper validation of database queries.

Buffer overflow happens when data exceeds the allocated buffer’s limits, allowing an application to access other processes’ memory, potentially causing system crashes, data breaches, or privilege escalation.

Remote Code Execution vulnerabilities enable cybercriminals to execute malicious code, gaining control of a system with the user’s privileges and allowing them to run any command on the target machine.

ActiveX Controls and Java controls are plugins for Internet Explorer:
- ActiveX Controls: Installed software pieces, some of which may be malicious, allowing extended capabilities and working across Microsoft applications.
- Java Controls: Operate through the Java Virtual Machine (JVM), which isolates untrusted code; however, vulnerabilities can bypass these restrictions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly