Cybersecurity Vocab. Flashcards

1
Q

Domain hijacking

A

Domain hijacking is a type of hijacking attack where the attacker steals a domain name by altering its registration information and then transferring the domain name to another entity. Brandjacking is another term for domain hijacking.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

typosquatting

A

Typosquatting relies on users navigating to misspelled domains. An attacker registers a domain name with a common misspelling of an existing domain. Users who misspell a URL in the web browser arrive at the attacker’s website.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

kiting

A

Kiting is the act of continually registering, deleting, and reregistering a name within the five-day grace period without having to pay for it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

tasting

A

Tasting is a Domain Name Server (DNS) exploit that involves registering a domain temporarily to see how many hits it generates within the five-day grace period.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

hoax attack

A

In a hoax attack, an email alert or web pop-up will claim to have identified some sort of security problem, such as a virus infection, and offer a tool to fix the problem. The tool, of course, will be some sort of Trojan application.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

pharming

A

Pharming relies on corrupting the way the victim’s computer performs Internet name resolution, so that they redirected them from the genuine site to the malicious one.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

tailgating

A

Tailgating is a means of entering a secure area without authorization, by following close behind the person that has permission to open the door or checkpoint.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Spam

A

Spam or bulk unsolicited messages, usually sent in the form of email advertisements or other appealing material, may deliver malware or lure a user to another form of attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

whaling

A

Whaling is a spear phishing attack directed specifically against upper levels of management in the organization (CEOs and other “big fish”).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

spear phishing

A

Spear phishing is a phishing scam where the attacker has some information that makes an individual target more likely to be fooled by the attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

spyware attack

A

Spyware is a program that monitors user activity and sends the information to someone else. This can occur with or without the user’s knowledge.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

phishing attack

A

Phishing is a combination of social engineering and spoofing, where the attacker sets up a spoof website to imitate a trusted one.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

rogueware attack

A

Rogueware is a fake antivirus web pop-up that claims to have detected viruses on the computer and prompts the user to initiate a full scan, which installs the attacker’s Trojan.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

vishing

A

Vishing describes a phishing attack conducted through a voice channel (telephone or VoIP, for instance).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

SMiShing

A

SMiShing refers to fraudulent SMS texts. Other vectors could include instant messaging or social media sites.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Phishing

A

Phishing is a type of email-based social engineering attack. The attacker sends email from a supposedly reputable source, such as a bank, to try to elicit private information from the victim. Pharming is a means of redirecting users from a legitimate website to a malicious one.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Pharming

A

Pharming relies on corrupting the way the victim’s computer performs Internet name resolution, which redirects the user from the genuine site to the malicious one.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

domain hijacking

A

Domain hijacking is a type of hijacking attack where the attacker steals a domain name by altering its registration information and then transferring the domain name to another entity. Brandjacking is another term for domain hijacking.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

kiting

A

Kiting is the act of continually registering, deleting, and reregistering a name within the five-day grace period without having to pay for it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

tasting

A

Tasting is a Domain Name Server (DNS) exploit that involves registering a domain temporarily to see how many hits it generates within the five-day grace period.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

shoulder surfing

A

Shoulder surfing refers to stealing a password or PIN (or other secure information) by watching the user type it, either in close proximity or remotely.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

lunchtime attack

A

If a user leaves a workstation unattended while logged on, an attacker can physically gain access to the system (often described as a lunchtime attack).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

credential harvesting

A

Credential harvesting is a campaign specifically designed to steal account credentials. The attacker has more interest in selling the database of captured logins than trying to exploit them directly.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

watering hole attack

A

A watering hole attack relies on the circumstance that users may use an unsecure third-party website, like a local pizza firm, which the attacker has compromised.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

colocation

A

A colocation is a data center that contains racks with networking equipment owned by different companies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

authority

A

Many people find it difficult to refuse a request by someone they perceive as superior to them. Social engineers can try to exploit this behavior to intimidate their target by pretending to be someone of authority.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

consensus

A

With consensus/social proof impersonation, an attacker fools users into believing that a malicious website is legitimate by posting fake reviews. The victims believe the reviews and place their trust in the website.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

urgency

A

Creating a false sense of urgency can disturb people’s ordinary decision-making process. The social engineer can try to pressure his or her target by demanding a quick response.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

liking

A

One of the tools of social engineers is to be likable and to present the requests they make as completely reasonable.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

piggy backing

A

Piggy backing is a situation where the attacker enters a secure area with an employee’s permission.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

shoulder surfing

A

Shoulder surfing refers to stealing a password or PIN (or other secure information) by watching the user type it, either in close proximity or remotely.

32
Q

SPIM

A

SPIM is spam (or mass unsolicited messages) but over instant messaging or Internet messaging services.

33
Q

social media

A

Most companies and the individuals that work for them publish a large amount of information about themselves on the web and on social media sites like Facebook, LinkedIn, Twitter, Instagram, and YouTube.

34
Q

deep web

A

The deep web is where cyber threat actors, such as organized crime and hacktivists, exchange information beyond the reach of law enforcement.

35
Q

dark net

A

The dark net is a type of deep web, established as an overlay to Internet infrastructure by software that acts to anonymize usage and prevent a third-party from knowing about the existence of the network or analyzing any activity taking place over the network.

36
Q

dark web

A

The dark web is another type of deep web that has sites, content, and services accessible only over a dark net.

37
Q

Consensus/social proof

A

With consensus/social proof impersonation, an attacker fools users into believing that a malicious website is legitimate by posting fake reviews. The victims believe the reviews and place their trust in the website.

38
Q

Familiarity/liking

A

One of the tools of social engineers is to be likable and to present the requests they make as completely reasonable.

39
Q

Authority

A

Many people find it difficult to refuse a request by someone they perceive as superior to them. Social engineers can try to exploit this behavior to intimidate their target by pretending to be someone of authority.

40
Q

Bulk text messages

A

SMiShing is a phishing technique that uses simple message service (SMS) text communications as the attack vector. The text message may include a link to a fake website asking a user to log in.

41
Q

Fake security alert

A

A hoax is a fake security alert. In some instances, when combined with a phishing technique, it can cause the user to provide private information or make a payment.

42
Q

Fraudulent invoice

A

Invoice scams are a type of identity fraud. The fraudster will usually spoof the invoice details of a genuine supplier but change the bank account number.

43
Q

A dictionary word

A

Password crackers can exploit weaknesses in a protocol to calculate the hash and match it to a dictionary word or brute force it.

44
Q

A rainbow table

A

Rainbow tables are associated with attacks where an attacker uses a set of related plaintext passwords and their hashes to crack passwords.

45
Q

A Pre-Shared Key (PSK)

A

A Pre-Shared Key (PSK) refers to using a passphrase to generate the key used to encrypt communications. Group authentication is another term for PSK since a group of users shares the same secret.

46
Q

Wi-Fi Protected Access (WPA)

A

Wi-Fi Protected Access (WPA) is an encryption scheme for protecting Wi-Fi communications, designed to replace WEP.

47
Q

replay attack

A

In a replay attack, the attacker captures some data, like a cookie file, used to log on or start a session legitimately. The attacker resends the data to re-enable the connection.

48
Q

clickjacking attack

A

Clickjacking occurs when the attacker inserts an invisible layer into a trusted web page that can intercept or redirect input without the user realizing it.

49
Q

API attack

A

An application programming interface (API) intrusion occurs when an attacker takes advantage of unsecure communication with application services to perform denial of service attacks using multiple API calls, for example.

50
Q

document object model (DOM) based

A

Document Object Model (DOM) Cross-Site Scripting (XSS) exploits vulnerabilities in client-side scripts to modify the content and layout of a web page.

51
Q

stored cross-site scripting (XSS)

A

Stored (or persistent) Cross-Site Scripting (XSS) is a server-side script attack that inserts code into a back-end database used by the trusted site.

52
Q

reflected cross-site scripting (XSS)

A

Reflected Cross-Site Scripting (XSS) is a server-side input validation exploit that injects a script into a website. Once the victim visits the infected website, the malicious code executes in the user’s browser.

53
Q

cross-site request forgery (XSRF)

A

A Cross-site Request Forgery (XSRF) is a malicious script hosted on the attacker’s site that can exploit a session started on another site in the same browser. This is successful if the server does not check if the user actually made the request.

A client-side request forgery or cross-site request forgery is an attack that forces a user to execute unwanted actions to a web server that the user is currently authenticated to.

54
Q

command injection

A

A command injection attack runs OS shell commands from the browser and allows commands to operate outside of the server’s directory root, forcing commands to run as the web “guest” user.

55
Q

directory trasversal

A

Directory traversal is an injection attack that submits a request for a file outside the web server’s root directory by submitting a path to navigate to the parent directory (../). Access permissions on the file are the same as on the web server directory.

Directory traversal is an application attack that allows access to commands, files, and directories that may or may not be connected to the web document root directory.

56
Q

transitive access

A

Transitive access describes the problem of authorizing a request for a service that depends on an intermediate service.

57
Q

SQL injection

A

A structured query language (SQL) attack embeds or inserts SQL code to a website to query and output information from a database such as password hashes, for example.

58
Q

dynamic link library injection (DLL)

A

DLL injection is a software vulnerability that can occur when a Windows-based application attempts to force another running application to load a dynamic-link library (DLL) in memory, that could cause the victim application to experience instability or leak sensitive information.

59
Q

XML injection

A

XML injection is fundamentally the same thing, but targeted against web servers using XML applications rather than SQL.

60
Q

shimming

A

Shimming is the process of developing and implementing additional code between an application and the operating system to enable functionality that would otherwise be unavailable.

61
Q

refactoring

A

Refactoring means the code performs the same function by using different methods. Refactoring means that the antivirus software may no longer identify the malware by its signature.

62
Q

improper input handling

A

Improper input handling exposes software to input validation attacks. When an attacker exploits improper input handling, it crashes the process hosting the code, performs

63
Q

an integer

A

An integer overflow attack causes the target software to calculate a value that exceeds the upper and lower bounds.

64
Q

a pointer

A

A pointer is a reference to an object in memory. Attempting to access that memory address is called dereferencing. An integer is a positive or negative whole number.

65
Q

a shim

A

A shim is a code library that intercepts and redirects calls to enable legacy mode on a system. The shim database represents a way that malware with local administrator privileges can run on reboot (persistence).

66
Q

a race condition

A

A race condition is a software vulnerability that occurs when the execution processes are dependent on the timing of certain events, and those events fail to execute in the order and timing intended.

67
Q

a buffer overflow

A

To exploit a buffer overflow vulnerability, the attacker passes data that deliberately overfills the buffer (an area of memory) that the application reserves to store the expected data.

68
Q

a pointer dereference

A

Pointer dereference is a software vulnerability that can occur when the code attempts to remove the relationship between a pointer and the thing it points to (pointee). Dereferencing may crash the application and corrupt memory.

69
Q

a replay attack

A

A replay attack consists of intercepting a key or password hash, then reusing it to gain access to a resource. Using once-only session tokens or timestamping sessions prevents this type of attack.

70
Q

a pass-the-hash-attack

A

Pass-the-hash occurs when the attacker steals hashed credentials and uses them to authenticate to the network. Using once-only session tokens or timestamping sessions prevents this type of attack.

71
Q

a downgrade attack

A

A downgrade attack facilitates a Man-in-the-Middle (MitM) attack by requesting that the server use a lower specification protocol with weaker ciphers and key lengths.

72
Q

a birthday attack

A

A birthday attack is a type of brute force attack aimed at exploiting collisions in hash functions. This type of attack can forge a digital signature.

73
Q

resource exhaustion

A

A resource exhaustion attack overloads resources like CPU time, memory, or disk capacity using distributed denial of service (DDoS) requests.

74
Q

server-side request forgery

A

A server-side request forgery abuses the functionality and services of backend servers to read and update internal resources. This can expose, for example, database information, even without an authenticated session.

75
Q

client-side request forgery

A

A client-side (or cross-site) request forgery is an attack that forces a user to execute unwanted actions to a web server that the user is currently authenticated to.