Deck A Prt. 1 Flashcards
.bash_history
Is the file in Linux that stores the passwords and has to be cleaned from time to time to clear the passwords
ARIN Tool
An Online tool for ENUMERATION. the hacker gathers the server IP address of the target Organization using WHOIS Footprinting. This Tool can be used to retrieve information such as the network range of the target organization and to identify the network topology and operating system used in the network.
Agent Based Scanner
Is A type of scanner that ATTACKERS install on the Targe Machine and scan several machines on the same Network to Identify Vulnerabilities to perform further EXPLOITATION
Banner Grabbing
Is a Common Information gathering technique that attackerss use to gather information about the target web server using the nmap -sV OPTION
Bluesnarfing
Is Bluetooth Attack in which the attacker is stealing information from a wireless device though Bluetooth
Bluto Tool
Is used to perform DNS ENUMERATION to gather information about DNS servers and to identify the hosts connected in the Targe Network. This is a popular AUTOMATED tool that is used to retrieve information about DNS Zone Data including DNS domain names, computer names, IP Addresses, DNS records, and network WHOIS Records.
Cloud Carrier
Is a NIST Term for a Telecom Company that provides Internet Connectivity and transports services between the Organization and Cloud Service Provider
Cloud Hopper Attack
Is the Attack in which the ATTACKER accesses the target Customer Profiles with their MSP(Managed Service Provider) Cloud account, compress the customer data, and stored them in the MSP. Later they use this piece of information to launch further attacks on the target organization.
Community Cloud
A CLOUD MODEL in which clients can join with a group of users or organizations to share a cloud environment
DHCP Starvation Attack
Is a DoS Attack on the DHCP servers where attackers broadcast forged DHCP requests and lease all the DHCP addresses available in the DHCP scope until the server is not able to issue any more IP Addresses
DNS Tunneling
The attacker configures multiple domains pointing to the same host to switch quickly between the domains and avoid detection and bypass the firewalls.
Digital Signature
Is a hash of the message Encrypted with senders Private Key. The Sender signs the hash of the message with his Private key.
Directory Traversal Attack
Is the attack in which the Web Serves does not properly ignore the ../ ../ ../ ../ character string and instead returns the file listing of a folder higher up in the folder structured of the server. A DIRECTORY TRAVERSAL (Path Traversal) Attack exploits insufficient Security Validation or Sanitization of user supplied file names, such that characters representing “Traverse to parent directory” are passed through to the operating system file systems API. Directory Climbing, & Backtracking.
Docker Daemon
Is a component within Docker container Framework that can process API requests and handle various Docker objects, such as containers, volumes, images and networks.
Document Root
Is a Folder/Directory on a web server that Contains the Web pages visible to the public. (Called DOCROOT) the folder names are often /www/public or /public_html.