Intro to Cybersecurity Chapter 2 Flashcards
What are blended cyber attacks?
Blended attacks use multiple techniques to infiltrate and attack a system.
What is Buffer overflow?
This vulnerability occurs when data is written beyond the limits of a buffer.
What is Non-validated input?
Forcing the program to behave in an unintended way
What are Race conditions?
This vulnerability is when the output of an event depends on ordered or timed outputs.
What is Ransomware?
This malware is designed to hold a computer system or the data it contains captive until a payment is made.
What is Scareware?
This is a type of malware designed to persuade the user to take a specific action based on fear.
What is a Rootkit?
This malware is designed to modify the operating system to create a backdoor.
What is a Virus?
A virus is malicious executable code that is attached to other executable files, often legitimate programs.
What is a Trojan horse?
A Trojan horse is malware that carries out malicious operations under the guise of a desired operation.
What are Worms?
Worms are malicious code that replicate themselves by independently exploiting vulnerabilities in networks.
What is a Man-In-The-Middle (MitM) attack?
MitM allows the attacker to take control over a device without the user’s knowledge.
What is Man-In-The-Mobile (MitMo) attack?
A variation of man-in-middle, MitMo is a type of attack used to take control over a mobile device.
What is Spyware?
This malware is design to track and spy on the use.
What is Adware?
Advertising supported software is designed to automatically deliver advertisements.
What is a Bot.
From the word robot, a bot is malware designed to automatically perform action, usually online.
What are the symptoms of Malware?
- There is an increase in CPU usage.
- There is a decrease in computer speed.
- The computer freezes or crashes often.
- There is a decrease in Web browsing speed.
- There are unexplainable problems with network connections.
- Files are modified.
- Files are deleted.
- There is a presence of unknown files, programs, or desktop icons.
- There are unknown processes running.
- Programs are turning off or reconfiguring themselves.
- Email is being sent without the user’s knowledge or consent.
What is Social Engineering?
Social engineering is an access attack that attempts to manipulate individuals into performing actions or divulging confidential information
What is pretexting?
This is when an attacker calls an individual and lies to them in an attempt to gain access to privileged data.
What is tailgating?
This is when an attacker quickly follows an authorized person into a secure location.
What is quid pro quo?
This is when an attacker requests personal information from a party in exchange for something,
What are three methods of Wi-fi password cracking?
- Social engineering
- Brute-Force attacks
- Network sniffing
What are brute-force attack tools?
Ophcrack, L0phtCrack, THC Hydra, RainbowCrack, and Medusa.
What is Phishing?
Phishing is when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source.
What is spear phishing?
Spear phishing is a highly targeted phishing attack. While phishing and spear phishing both use emails to reach the victims, spear phishing emails are customized to a specific person.
What are the four steps of exploitation?
Step 1. Gather information about the target system.
Step 2.One of the pieces of relevant information learned in step
Step 3. When the target’s operating system and version is known, the attacker looks for any known vulnerabilities
Step 4. When a vulnerability is found, the attacker looks for a previously written exploit to use.
What is an Advanced Persistent Threat?
They consist of a multi-phase, long term, stealthy and advanced operation against a specific target.
What is a Denial-of-Service (DoS) attack?
A DoS attack results in some sort of interruption of network service to users, devices, or applications.
What are the two types of DoS Attacks?
Overwhelming Quantity of Traffic
Maliciously Formatted Packets
What is a DDoS?
A Distributed DoS Attack (DDoS) is similar to a DoS attack but originates from multiple, coordinated sources.
What is SEO Poisoning?
The most common goal of SEO poisoning is to increase traffic to malicious sites that may host malware or perform social engineering.
What is a blended attack?
Blended attacks are attacks that use multiple techniques to compromise a target.
What are examples of blended attacks?
Nimbda, CodeRed, BugBear, Klez and Slammer
What is Impact Reduction?
Reducing the impact of a data breach to lessen the impact of stolen data, damaged databases, or damage to intellectual property, and the company’s reputation.
