Information Security Attacks Flashcards

1
Q

Describe the following classification of attacks:
a) Passive
b) Active
c) Close-In
d) Insider
e) Distribution

A

a) Intercept and monitor traffic but do not tamper with the data.
b) Tamper with the data while in transmission.
c) Performed when attacker is in close proximity of the target.
d) Using privileged access to intentionally cause harm to an organization.
e) When attackers tamper with hardware/software prior to installation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is hacking?

A

Exploiting system vulnerabilities to gain unauthorized acces to a systems resource.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Describe the following steps in EC-Councils Hacking Methodology:
a) Footprinting and Reconnaissance
b) Scanning
c) Gaining Access
d) Maintaining Access
e) Clearing Tracks

A

a) Preparatory phase where the attacker gathers information about a target prior to ana attack.
b) When the attacker scans the network to gather informated about the hosts, ports, services, OS details and device types.
c) When the attacker obtains access to the OS or applications on the target computer or network.
d) When the attacker tries to retain persistent ownership of the system.
e) When the attacker hides their malicious attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Describe these steps of the Cyber Kills Chain:
a) Reconnaissance
b) Weaponization
c) Delivery
d) Exploitation
e) Installation
f) C & C
g) Actions on Objectives

A

a) Gather info on target
b) Create the malicious payload
c) Send the payload via email, USB, etc.
d) Exploit the vulnerability of target system
e) Instal malware on target system
f) Creates a channel to communicate with attacker to pass data back and forth.
g) Perform actions to achieve intended objectives/goals.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Describe the following:
a) Tactics
b) Techniques
c) Procedures

A

a) Describe the way an attacker performs the attack.
b) Are the technical methods used by an attacker.
c) Is the step-by-step process attackers use to launch an attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

MITRE Attack Framework
a) Recon
b) Weaponize
c) Deliver
d) Exploit
e) Control
f) Execute
g) Maintain

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the Diamond Model of Instrusion and its components?

A

It is a framework that provides a structured way to organize information about an attack. Its components are:
a) Adversary - who was behind the attack
b) Victim - where the attack was peformed
c) Capability - how the attack was performed
d) Infrastructure - What the adversary used to reach the victim.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is Packet SNiffing?

A

The process of monitoring and capturing data packets passing through a given network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a Man-in-the-middle (MITM) attack?

A

Is used to intrude on an existing connection to intercept the messages being exchanged.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is DNS Poisoning?

A

Is the unauthorized manipulation of IP addresses in the DNS cache. Corrupted entries can lead user to a malicious website.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is Domain Hijacking?

A

When domain ownership is changed to the attacker’s server witht their consent of the owner.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is ARP Spoofing/Poisoning?

A

Involves sending a large number of forged or manipulated entries to the ARP cache.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a DHCP Starvation Attack?

A

Is the process of sending fake DHCP requests to use up all the available IP address within a network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is MAC Spoofing?

A

When an attacker uses a legitimate users MAC addres to receive all the traffic destined for the user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is DHCP Spoofing?

A

The process of setting up a rogue DHCP server to assign bogus IP address to hosts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is Switch Port Stealing?

A

Is an attack that exploits the dynamic MAC address table of a switch, allowing an attacker to intercept network traffic by repeatedly stealing the association between a port and a device’s MAC address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is MAC flooding?

A

Involves flooding the CAM table of a switch with fake MAC and IP address pairs until the table is full.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is IP Spoofing?

A

Changing the source IP address so it appears the traffic is coming from somewhere else.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is DoS?

A

Is an attack that prevents/reduces/restricts accessibility of a systems resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is DDoS?

A

Uses a multitude of compromised systems (Botnet) to attack a single attack, to cause a DoS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is DRDoS?

A

Involves using layers of intermediary hosts to reflect the attack traffic to the target.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What are APTs?

A

Advanced Persistent Threats; where an attacker gains unauthorized access to a system for a long period of time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Describe the following:
a) SQL Injections
b) Command Injections
c) LDAP injections

A

a) Injecting malicious SQL queries in to user input forms.
b) Injecting malicious code through a web app.
c) Injecting malicious LDAP statements.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is XSS?

A

When attackers inject malicious client-side scripts into web pages.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is Parameter Tampering?

A

Manipulating the parameters exchanged between clients and servers.

24
Q

What is Directory Traversal Attacks?

A

When attackers abuse the ../ sequqnce to acces restricted directories.

25
Q

What is CSRF?

A

When an attacker uses a users legitimate active session to send malicious request via the web app.

26
Q

What is DNS amplification?

A

When an attacker uses the DNS recursive method to perform DNS amplification attacks via DDoS.

27
Q

What is SSRF?

A

When attackers send crafted requests directly to the internal or backend servers.

28
Q

What is XML Injection?

A

Is an SSRF attack where an attacker places in a malicious XML input to a system that has weak XML parsing.

29
Q

What is Man-In-the-Browser?

A

When an attacker uses a trojan to intercept calls between the browser an its security mechanisms or libraries.

30
Q

What is a Session Replay Attack?

A

When the attacker captures the authentication token of a user, then uses that token to replay the request to the server.

31
Q

What is SSL stripping?

A

When the attacker downgrades the traffic from HTTPS to HTTP.

32
Q

What are the following password attacks?
a) Dictionary
b) Brute-Force
c) Rule-based

A

a) A dictionary file is loaded into the cracking application.
b) Every combination of characters is tried until the password is broken.
c) When the attacker gets some information about the password.

33
Q

What is Hash Injection?

A

Involves an attacker injecting a stolen hash into the system to gain unauthorized access without needing the actual password.

34
Q

What is a Rainbow Table?

A

A precomputed table that contains word lists like dictionary files and their hash values.

35
Q

What is Buffer Overflow?

A

A vulnerability when a application accepts more data than the allocated buffer.

36
Q

What is DLL Hijacking?

A

When an attacker places a malicious DLL in the application directory.

37
Q

What are the following Social Engineering Attacks?
a) Reverse social-engineering
b) Piggybacking
c) Tailgating

A

a) When the victim seeks out the attacker who is acting as an authority.
b) When an authorized allows an unauthorized person to pass through a secure door.
c) Piggybacking, but when the attacker is wearing a fake ID badge.

38
Q

What is Phishing?

A

Sending an illegitimate email claiming to be from a legitimate source to acquire users personal or account info.

39
Q

Describe the types of phishing:
a) Spear-phishing
b) Whaling
c) Pharming
d) Spimming

A

a) Target phishing attack aimed at specfic individuals
b) Phishing attacks that target high-profile execs.
c) The attacker redirects traffic to a fraudulent website.
d) Spam that involves IM platforms.

40
Q

What is typesquatting?

A

When an attacker registers a domain name that is intentionally misspelled to send unsuspecting visitors to a malicious website.

41
Q

What is a Rogue AP Attack?

A

A rogue wireless AP is placed in a network to hijack the connections of legitimate users.

42
Q

What is AP MAC Spoofing?

A

When a hacker spoofs the MAC address of a legitimate AP device.

43
Q

What is an Evil Twin attack?

A

When a Rogue AP pretends to be a legitimate AP by replicating the network name.

44
Q

Describe:
a) Disassociation attacks
b) De-authentication attacks

A

a) Attacker send a disassociate request to take the client offline.
b) Attacker send a de-authenticate request to take the client offline. Client is no longer authenticated with the network.

45
Q

Describe the following Bluetooth attacks:
a) Bluesmacking
b) Bluejacking
c) Bluesnarfing
d) Bluesniff
e) Bluebugging
f) Blueprinting
g) KNOB
h) BlueBorne

A

a) Overflowing bluetooth devices with random packets.
b) Sending unsolicited message over Bluetooth.
c) Theft of information from a Bluetooth device.
d) PoC for Bluetooth WarDriving
e) Remotely accessing Bluetooth devices.
f) Collecting info about bluetooth devices such as manufacturer, device model, firmware version.
g) Eavesdrop data such as keystrokes, chats and docs.
h) Gaining full access and control of a Bluetooth device

46
Q

What is App Sandboxing?

A

Helps protect systems and users by limiting the resources the app can access.

47
Q

What is SMiShing?

A

Spam via SMS.

48
Q

What is a rolling code attack?

A

When an attacker intercepts the OTP to unlock a car, then replays it to steal the car.

49
Q

What is a side-channel attack?

A

Is a method used by attackers to gather sensitive information from a system by observing its physical characteristics, rather than exploiting flaws in the system’s software or algorithms.

50
Q

What is a Man-in-the-Cloud Attack?

A

The attacker steals a victims synch token and uses the token to gain access to the victims files.

51
Q

What are Cloud Hopping Attacks?

A

Spear-phishing attacks that are targeted at cloud MSPs.

52
Q

What is Cloud Cryptojacking?

A

Unauthorized use of a victims ciomputer to mine crypto.

53
Q

What is a Cloudborne Attack?

A

When an attacker implants a malicious backdoor onto a vulnerable bare-metal cloud server firmware.

54
Q

Describe these cryptography attacks:
1) Ciphertext-only Attack
2) Adaptive Chosen-plaintext Attack
3) Chosen-plaintext Attack
4) Related-key Attack

A

1) The attacker only has access to encrypted messages (ciphertext) and attempts to deduce the plaintext or encryption key.
2) The attacker can obtain ciphertexts for arbitrarily chosen plaintexts and uses this capability to progressively choose new plaintexts based on prior ciphertexts to break the encryption.
3) The attacker can choose arbitrary plaintexts and obtain the corresponding ciphertexts to try and derive the key or encryption method.
4) The attacker exploits relationships between multiple keys (usually a slight variation of the target key) to deduce the actual key.

55
Q

Describe these cryptography attacks:
1) Known-plaintext Attack
2) Chosen-ciphertext Attack
3) Chosen-key Attack
4) Timing Attack

A

1) The attacker has access to both the plaintext and the corresponding ciphertext and tries to deduce the key or encryption algorithm.
2) The attacker can choose arbitrary ciphertexts to decrypt and tries to derive the key or plaintext from this process.
3) The attacker chooses a specific key to force the encryption algorithm to reveal weaknesses, potentially breaking the system.
4) A type of side-channel attack where the attacker measures how long it takes to execute cryptographic operations to deduce sensitive information, like the cryptographic key.

56
Q

What is a hash collision?

A

Is performed by finding two different inputs that produce the same has output.

57
Q

What is a DUHK Attack?

A

Is a cryptographic vulnerability that allows attackers to obtain encryption keys used to secure VPNs and web sessions.

58
Q

What is a DROWN attack?

A

Is a cross-protocol attack that exploits vulnerabilities in SSLv2 to break the encryption of TLS connections.