Dion Cards Flashcards
What is the AAA of Security?
Authentication
Authorization
Accounting
What is Authentication in the AAA of Security?
When a person’s identity is established with proof or by a system
What are the 5 ways Authentication can be established?
Something you are Something you know Something you have Something you do Somewhere you are
What is Authorization in the AAA of Security?
Its when a user is given access to something - e.g. data or area of a building
What is Accounting in the AAA of Security?
The tracking of data, computer usage and network resources.
Non-repudiation occurs when you have proof someone did an action.
What are the 4 main types of security threat?
Malware
Unauthorized Access
System Failure
Social Engineering
What is malware?
Malicious software
What is Unauthorized Access threat?
Happens when someone accesses data/resources without the owner’s consent
What is System Failure as a threat?
Happens when a computer or application fails
What is the threat of Social Engineering?
Manipulation of users to give up confidential info or to perform detrimental actions
What are three types of controls/categories that can mitigate threats?
Physical Controls
Technical Controls
Administrative Controls
Give some examples of Physical Controls (6)
Fence Locked doors Alarm systems Surveillance cameras ID Cards Security Guards
Give some examples of Technical Controls (5)
Smart cards Encryption ACLs (Access Control Lists) Intrusion Detection Systems Network Authentication
Give some examples of Administrative Controls (5)
Policies Procedures Security Awareness Training Contingency Planning Disaster Recovery Planning
What are the 5 types of hacker!?
White Hat
non malicious, has company permission
Black Hat
malicious, no permission
Gray Hat
no company affliction, no permission. Trying to shame/educate, not personal gain
Blue Hat - has permission from company, but not employed by company
Elite - exploit things first
What is an Advanced Persistent Threat?
Highly trained and funded groups of hackers e.g. Nation states
What is a Virus?
Viruses require user action in order to reproduce and spread
What are the 9 types of virus?
- Boot Sector
- Macro
- Program
- Multipartite
- Encrypted
- Polymorphic
- Metamorphic
- Stealth
- Armored
- Hoax
What is a Multipartite Virus?
A virus that combines boot and program viruses that first attacks the boot sector and system files.
What is a Macro virus?
A virus that is embedded into a document and is executed when the document is opened
What is a polymorphic virus?
Advanced version of an encrypted virus that changes itself every time it is executed by altering the decryption module to avoid detection.
What is a metamorphic virus?
A virus that rewrites itself entirely, before it attempts to infect a file.
What is an Armored virus?
A virus with a layer of protection to confuse a program or person analyzing it
What is a worm?
Like a virus, but can replicate on its own, without user interaction.
What is a RAT?
Remote Access Trojan. The most common form of trojan horse - provides the hacker with remote control of a victim’s computer
What is greyware?
Software that isn’t benign or malicious, just behaves improperly without serious consequences.
What is a DLL injection?
DLL Injection is commonly used by rootkits to maintain their persistent control. The malicious code is inserted into a running process on a Windows machine via Dynamic Link Libraries that a loaded at runtime.
What is Drive Manipulation?
Compromises the kernel-mode device drivers at privilege/system level. A shim is placed in between to intercepts calls.
What is a watering hole?
Malware that is placed somewhere you know your users will go -
:) www.wynspeare.com
:( www.winspeare.com
What is C2?
Command and Control - used with botnets
What is active interception?
Occurs when a computer is placed between the sender and receiver and is able to capture or modify the traffic between them.