Domain 3: Threats and Vulnerablilities Flashcards

1
Q

OVAL

A

open vulnerability assessment language.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

IRC

A

internet relay chat (used by bots, zombies and control centers).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

SPIM

A

spam over instant messaging.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

XSS

A

cross-site scripting (cookie stealing).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Viruses

A

simple, needs user interaction. single host.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Worms

A

no user interaction. replicates fast.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Trojan Horse

A

concealed as a “good” program.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Backdoor

A

Illicit server process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Steganography

A

hiding program or message inside an image.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Logic Bomb

A

waits for activity or date. inside job.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Rootkit

A

hides malicious activity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Replay

A

successful logon captured by a protocol analyzer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Phishing

A

sent to millions, no targeting.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Spear Phishing

A

targeting an individual.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Whaling

A

high-value targets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Vishing

A

phishing over VoIP.

17
Q

Pen Testing Tool

A

program used by ethical hackers to send exploits

18
Q

Vulnerability Assessment Tool

A

tool that determines vulnerability by passive techniques

19
Q

Return Address Pointer

A

a memory location for resuming processing

20
Q

Pharming

A

redirecting users to malicious sites via DNS

21
Q

Open Relay

A

way of forwarding spam

22
Q

Alternate Date Streams

A

technique for hiding files

23
Q

Buffer Overflow

A

corrupting the memory of a host