Domain 1.2 - Compare and contrast types of attacks. Flashcards
____________ is the process by which intruders gain access to your facilities, your network, and even your employees by exploiting the generally trusting nature of people.
Social engineering
What is Phishing?
A form of social engineering in which you ask someone for a piece of information that you are missing by making it look as if it is a legitimate request.
How is Spear Phishing different from Phishing?
Phishing that is tailored for a specific individual, a group, or organization is Spear Phishing.
Whaling is Spear Phishing for what types of users?
C-level corporate executives, politicians and celebrities.
Define Vishing
Phishing with Voice.
What is it called when you follow someone through a door they just unlocked?
Tailgating
Impersonation
Pretending to be someone you are not.
If I email you a link to a Fake Anti-Virus, what is that considered?
A Hoax
Everyone else is doing it. I am going to do it to.
Consensus (or Social Proof)
Convincing the person who is being tricked that there is a limited supply of something can often be effective if carefully done. is the principle of
Scarcity
What is the Three-way Handshake?
When you connect to a server your system sends a SYN packet, the server responds with a SYN/ACK, then your computer sends an ACK. This establishes the connection.
What is a SYN flood?
The attacker’s computer sends a SYN packet to a target server. The server responds with a SYN/ACK. The attacker does not send a final ACL, but instead sends more SYN packets.
How does a replay attack work?
After a successful Man-In-the-Middle (MITM) attack occurs. in which the attacker intercepts data between a target and a service the target is reaching. The attacker uses that intercepted data to reconnect to the service as the target user.
How do you prevent a Buffer Overflow?
Prevented with Input Validation
What kind of attack is this:
’ Select * FROM tblUSERS WHERE username = ‘” or ‘1’ =’1’ AND PASSWORD = ‘ ‘ or ‘1’=’1’ ‘
SQL Injection
When an attacler gains access to a restricted directory using HTTP, it is called ________ ________.
Directory Traversal.
An attacker would exploit a vulnerability within a website or web application that the victim would visit, essentially using the vulnerable website as a vehicle to deliver a malicious script to the victim’s browser.
Cross-site scripting (XSS)
What does XSS Stand for?
Cross-Site Scripting.
How do you prevent XSS?
Input Validation
When a website acquires your credentials
XSS
XSRF
Cross-site request forgery
CSRF
Cross-site request forgery
Involves unauthorized commands coming from a trusted user to the website.
XSRF/CSRF
Cross-site request forgery uses this
the current authenticated users credentials.
Best way to prevent XSRF/CSRF
Disable the running of scripts.
When a website uses your credentials
Cross-site request forgery XSRF/CSRF
Vertical Privilege Escalation
requires the attacker to grant himself higher privileges
Horizontal Privilege Escalation
used to assume the identity of another user with similar privileges.
Involves a user gaining more rights and privileges than they should have.
Privilege Escalation
What is ARP Spoofing?
ARP spoofing is a type of attack in which a malicious actor sends falsified ARP (Address Resolution Protocol) messages over a local area network.
This results of this attack link an attacker’s MAC address with the IP address of a legitimate computer or server on the network.
ARP Spoofing
DNS Poisoning is what?
The DNS server is given information about a name server that it thinks is legitimate but isn’t. The result is the DNS server sends you to a web address of my choosing instead of the website you were attempting to reach.
What does DNS stand for
Domain Name Server
What does DNS do?
It ties a fully qualified domain name (FQDN) to an IP address.
What exploit is referred to as a Zero Day?
A zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it
What exploit takes advantage of a weakness in NTLM and Lan Manager, where it was possible for an attacker to send an authenticated copy of the password hash value with a valid username and authenticate to any remote server?
Pass The Hash
What does Clickjacking involve?
Clickjacking involves a transparent layer onto of a link/icon you click on. When you click on the transparent/translucent layer without now it, you are redirected somewhere else.
____________ describes when the item used to validate a user’s session, such as a cookie, is stolen and used by another to establish a session with a host that thinks it is still communicating with the first party.
Session hijacking
What is it called when a squatter predicts URL typos and then registers those domain names to direct traffic to their own site.
URL Hijacking/Typo Squatting
Shimming involves what?
A shim is a small library that is created to intercept API (Application Program Interface) calls transparently and do one of three things: handle the operation itself; change the arguments passed; or redirect the request elsewhere.
When you change the MAC address of your device to be that of a different device in order to gain access that the other device has.
MAC Spoofing.
Initialization Vector
A weakness in WEP that can allow the encryption algorithm to be cracked in as little at 5 min.
Any access point added to your network that is not authorized is considered a what?
A Rogue Access point.
What is an Evil Twin?
An attack in which a rogue wireless access point poses as a legitimate wireless service provider to intercept information that users transmit.
A technology that allows a device to connect to your wireless router at the push of a button.
Wi-Fi Protected Setup (WPS). this is very susceptible to brute force attacks.
How do you detect and stop a rogue access point?
WIPS - WiFi Intruder Prevention System
The gaining of unauthorized access through a bluetooth connection
Bluesnarfing
Bluejacking
Bluejacking is the sending of unsolicited messages over Bluetooth to another device.
NFC stands for
Near Field Communication
What is the birthday theory/Probability theory.
With 23 people in the room, you have a 50 percent chance that 2 will have the same birthday and only 75 people are needed for a 99.9 percent chance.
What is a rainbow table?
A database of Hashed Usernames and Passwords up to 14 characters, used to compared to a Username/Password hash files stolen from a server to determine usable credentials.
What attack involves attempting a list of common words hoping to find one that works.
Dictionary Attack
This attack tries every character one at a time, building up to 14 characters. Will eventually crack your password, given unlimited time and resources.
Brute Force Attack
How does a downgrade attack work?
The attacker tries to trick the target into downgrading to a less secure method of communication. Then exploits that less secure technology. IE downgrading from TLS 1.2 to SSL V3.
As part of your training program, you’re trying to educate users on the importance of security. You explain to them that not every attack depends on implementing advanced technological methods. Some attacks take advantage of human shortcomings to gain access that should otherwise be denied. What term do you use to describe attacks of this type?
A. Social engineering
B. IDS system
C. Perimeter security
D. Biometric
A. Social engineering
What is the form of social engineering in which you simply ask someone for a piece of information that you want by making it look as if it is a legitimate request?
A. Hoaxing
B. Swimming
C. Spamming
D. Phishing
D. Phishing
Which of the following is the best description of shoulder surfing?
A. Following someone through a door they just unlocked
B. Figuring out how to unlock a secured area
C. Watching someone enter important information
D. Stealing information from someone’s desk
C. Watching someone enter important information
As the security administrator for your organization, you must be aware of all types of attacks that can occur and plan for them. Which type of attack uses more than one computer to attack the victim?
A. DoS
B. DDoS
C. Worm
D. UDP attack
B. DDoS
An administrator at a sister company calls to report a new threat that is making the rounds. According to him, the latest danger is an attack that attempts to intervene in a communications session by inserting a computer between the two systems that are communicating. Which of the following types of attacks does this constitute? A. Man-in-the-middle attack B. Backdoor attack C. Worm D. TCP/IP hijacking
A. Man-in-the-middle attack
Which of the following involves unauthorized commands coming from a trusted user to the website?
A. ZDT
B. HSM
C. TT3
D. XSRF
D. XSRF
An IV attack is usually associated with which of the following wireless protocols?
A. WEP
B. WAP
C. WPA
D. WPA2
A. WEP
Which of the following types of attacks involves the sending of unsolicited messages over a Bluetooth connection?
A. Bluesmurfing
B. Bluesnarfing
C. Bluewhaling
D. Bluejacking
D. Bluejacking
As the Security Administrator, you discovered that a PC was compromised while a user was browsing the internet. You discovered that while the system uses TLS it was forced to use SSL 1.0. What attack was used by the attacker?
A. Collision Attack
B. Downgrade Attack
C. Replay Attack
D. Brute Force Attack
B. Downgrade Attack
Which cryptographic attack is based on having a strong probability vs a guaranteed match?
A. Brute Force Attack
B. Dictionary Attack
C. Birthday Attack
D. Known Text Attack
C. Birthday Attack
