Determine type of attack via indicators Flashcards
What is Malware
Software that does something bad. Overlap occurs within malware classification
What is Ransomware
Malware that attempts to extort money from victim.
What is Trojans
Malware concealed within an installer package for software that appears to be legitimate.
What is Worms
Memory-resident malware that can run without user intervention and replicate over network resources. It activates when something is accessed.
What is Potentially unwanted programs (PUPs)
Software installed alongside a package selected by the user or perhaps bundled with a new computer system. Also known as Greyware. Not malicious but you don’t want it.
What is Fileless virus/Fileless malware
The virus itself is not written to the disk. Uses shellcode. Look up in more detail before the test
What is Command and control
An infrastructure of hosts and services with which attackers direct, distribute, and control malware over botnets.
What is Bots
An automated script or tool that performs some malicious activity.
What is Cryptomalware
The crypto-malware class of ransomware attempts to encrypt data files on any fixed, removable, and network drives. If the attack is successful, the user will be unable to access the files without obtaining the private encryption key, which is held by the attacker. If successful, this sort of attack is extremely difficult to mitigate, unless the user has up to date backups of the encrypted files.
What is Logic bombs
A trap that activates when a condition is met.
What is Spyware
Malware that can perform adware-like tracking, but also monitor local application activity, take screenshots, and activate recording devices, such as a microphone or webcam. Another spyware technique is perform DNS redirection to pharming sites.
What is Keyloggers
Spyware that actively attempts to steal confidential information by recording keystrokes.
What is Remote access Trojan (RAT)
Backdoor malware that mimics the functionality of legitimate remote control programs, but is designed specifically to operate covertly.
What isRootkit
Malware running with System level privileges is referred to as a rootkit.
What is Backdoor
Any type of access method to a host that circumvents the usual authentication method and gives the remote user administrative control.
What is Password attacks
A broad term covering attacks to capture passwords
What is Spraying
Trying multiple common passwords.
What is Dictionary
Uses a list or dictionary to generate possible passwords
What is Brute force
Tries every possible combination within the size.
What is Offline attack
An attack that does not interact with the authentication protocol directly. Hacked database of passwords or might interact with user computers to get data to launch another attack to figure out passwords.
What is Online attack
An attack wherein the attacker interacts with authentication service directly.
What is Rainbow tables
The attacker uses a precomputed lookup table of all possible passwords and their matching hashes.
What is Plaintext/unencrypted
Its just written out and easy to steal.
What is Physical attacks
An attack that occurs irl. A flashdrive left in a parking lot with malicious code.
