Introduction to Ethical Hacking Flashcards
What is Eavesdropping?
Snooping on the communication between users or devices in order to record private information to launch passive attacks
What is Session Hijacking?
An attack whereby an active session of the user is intercepted and stolen by an attacker
What is Spoofing?
The process of fooling the target device or user by tampering the original message/request and pretending to be trusted origin.
What is Privilege Escalation?
The process of leveraging OS or application’s bug, design flaw or misconfiguration in order to obtain elevated access to resources you otherwise wouldn’t be able to access.
What is Psychological Warfare?
Psychological warfare is the use of various techniques such as propaganda and terror to demoralize one’s adversary in an attempt to succeed in battle
What is Hacker Warfare?
Hacker warfare can vary from the shutdown of systems, data errors, theft of information, theft of services, system monitoring, false messaging, and access to data
What is C2 (Command and Control) Warfare?
C2 warfare refers to the impact an attacker possesses over a compromised system or network that they control
What is Electronic Warfare?
Electronic warfare uses radio-electronic and cryptographic techniques to degrade the communication
What is Economic Warfare?
Economic warfare affects the economy of a business or nation by blocking the flow of information
What is Intelligence-based Warfare?
Intelligence-based warfare is a sensor-based technology that directly corrupts technological systems
What are the five elements of Information Security?
Confidentiality, Integrity, Availability, Authenticity and Non-Repudiation.
What is Confidentiality defined as?
Assurance that the information is accessible only to those authorized to have access
What is Integrity defined as?
The trustworthiness of data or resources in terms of preventing improper or unauthorized changes
What is Availability defined as?
Assurance that the systems responsible for delivering, storing, and processing information are accessible when required by the authorized users
What is Authenticity defined as?
Refers to the characteristic of a communication, document, or any data that ensures the quality of being genuine
What is Non-Repudiation defined as?
A guarantee that the sender of a message cannot later deny having sent the message and that the recipient cannot deny having received the messag
What is an Insider Attack?
Insider attacks involve using privileged access to violate rules or intentionally cause a threat to the organization’s information or information systems
Examples include theft of physical devices and planting keyloggers, backdoors, and malware
What is a Distribution Attack?
Distribution attacks occur when attackers tamper with hardware or software prior to installation Attackers tamper with the hardware or software at its source or in transit
Attackers tamper with the hardware or software at its source or in transit
What is a Passive Attack?
Passive attacks do not tamper with the data and involve intercepting and monitoring network traffic and data flow on the target network
Examples include sniffing and eavesdropping
What is an Active Attack?
Active attacks tamper with the data in transit or disrupt the communication or services between the systems to bypass or break into secured systems
Examples include DoS, Man-in-the-Middle, session hijacking, and SQL injection
What is a Close-in Attack?
Close-in attacks are performed when the attacker is in close physical proximity with the target system or network in order to gather, modify, or disrupt access to information
Examples include social engineering such as eavesdropping, shoulder surfing, and dumpster diving
What is Cyberwarfare?
ibicki defines cyber warfare as the use of information systems against the virtual personas of individuals or groups. It is the broadest of all information warfare. It includes information terrorism, semantic attacks (similar to Hacker warfare, but instead of harming a system, it takes over the system while maintaining the perception that it is operating correctly), and simula-warfare (simulated war, for example, acquiring weapons for mere demonstration rather than actual use)
What is Operational Threat Intelligence?
It provides contextual information about security events and incidents that help defenders disclose potential risks, provide greater insight into attacker methodologies, identify past malicious activities, and perform investigations on malicious activities in a more efficient way
What is Strategic Threat Intelligence?
Strategic Threat Intelligence provides high-level information regarding cybersecurity posture, threats, details about the financial impact of various cyber activities, attack trends, and the impact of high-level business decisions
What is Technical Threat Intelligence?
Technical Threat Intelligence provides rapid distribution and response to threats. For example, a piece of malware used to perform an attack is tactical threat intelligence, whereas the details related to the specific implementation of the malware come under technical threat intelligence.
What is Tactical Threat Intelligence?
Tactical Threat Intelligence plays a major role in protected the resources of the organization. It provides information related to the TTPs (Techniques, Tactics, and Procedures) used by threat actors (attackers) to perform attacks
What are the 4 steps of risk management (in order)?
Risk Identification -> Risk Assessment -> Risk Treatment -> Risk Tracking and Review
What are the 5 steps of Threat Modeling (in order)?
Identify Security Objectives -> Application Overview -> Decompose the Application -> Identify Threats -> Identify Vulnerabilities
What is Threat Modeling?
Threat modeling is a risk assessment approach for analyzing the security of an application by capturing, organizing, and analyzing all the information that affects it. The threat model consists of three major building blocks: understanding the adversary’s perspective, characterizing the security of the system, and determining threats
What is Information Assurance?
Information Assurance refers to the assurance of the integrity, availability, confidentiality, and authenticity of information and information systems during the usage, processing, storage, and transmission of information. Security experts accomplish information assurance with the help of physical, technical, and administrative controls
What is Incident Management?
Incident management is a set of defined processes to identify, analyze, prioritize, and resolve security incidents to restore the system to normal service operations as soon as possible, and prevent recurrence of the incident
What is Defense-in-depth?
Defense-in-depth is a security strategy in which security professionals use several protection layers throughout an information system. This strategy uses the military principle that it is more difficult for an enemy to defeat a complex and multi-layered defense system than to penetrate a single barrier. Defense-in-depth helps to prevent direct attacks against an information system and its data because a break in one layer only leads the attacker to the next layer
What are some preventative infosec processes?
Patch Management, Vulnerability Management, and IDS Deployment.
What are some reactive infosec processes?
Incident Handling, Forensics and Disaster Recovery
Which country has the Lanham (Trademark) Act?
The United States
Which country has the Copyright, Etc. and Trademarks (Offenses And Enforcement) Act 2002?
UK
Which country has The Patents (Amendment) Act, 1999, Trade Marks Act, 1999, The Copyright Act, 1957?
India
