Introduction To Ethical Hacking Flashcards
What is Information Security
Information security refers to the protection of information systems and data of an organization by mitigating information risks.
Explain Confidentiality
Only Authorized people can see this data or access this system or network.
💡 Controls: * Encryption * classification * access control * proper disposal (e.g. of DVDs, CDs, etc.)
Explain Integrity
The data has not been changed or modified in anyway specially unauthorized way
💡 Controls: * Hashing * access control
Explain Availability
Authorized shall have access whenever they want
Think of DOS attack, if I shut down your ability to gain access to a website you availability is lost, is no longer available
💡 Controls: * redundancy* data back-ups * antivirus * DDoS prevention
Explain Authenticity
transit or communication methods was used was authentic.
💡 Controls: * users (biometrics) * smart cards * data
Non-Repudiation
Guarantee that the sender of a message cannot later deny having sent the message and that the recipient cannot deny having received the message.
💡 Controls: digital signatures, logging
An attack depends on three components
Attack = Motive(Goal) + Vulnerability + Method (exploit)
What are the Motives behind attacks
- Disrupting business continuity
- Information theft and manipulating data
- Financial loss to the target
- Taking revenge
- Demanding ransom
What is threat
Threatmeans anything that has potential of causing damage to the system.
What are Attack Classification
- Passive Attacks
- Active Attacks
- Close-In Attacks
- Insider Attacks
- Distribution Attacks
What are Passive Attacks
Gain information about targeted computers and networkswithout direct interaction with the systems.
Google Search,
Public records,
Social Media,
Passive Attacks Example
- Packet Sniffing
- Network Traffic Analysis
- Decryption
What are Active Attacks
Involves direct interaction with the target.
Make a phone call to the target,
Tools like:
Nmap, Nessus, OpenVAS, Nikto and Metasploit can be considered as Active Recon.
What are Close-In Attacks
These attacks are possible through close proximity
1. Being physically near the target
Close-In Attacks
- Social Engineering attacks
- Shoulder surfing attacks
- Dumpster Diving attack
- Eavesdropping
What are Insider Attacks
- Assumed Level of trust
- performed with a trusted person.
- Physical access
Example of Insider Attacks
- Intellectual Property
- Customer PII
- Stolen devices
- Installing malware and Keyloggers
What are Distribution Attack
Tamper with the hardware or software prior installation.
Aka Supply-Chain Attack
Compromising software and/or Hardware before customer installation
Examples of Distribution Attacks
- Solarwinds
What is Information Warfare?
Attempting to gain a competitive advantage through attacks against target’s IT system
Weapons include
- viruses
- worms
- trojan horses
- electronic jamming
C2 Warfare - (Command & Control Warefare)
The Control over compromised target system with centralized management
Intelligence-Based Warfare
The design and protection of system that seek sufficient knowledge to dominate the battlespace and the denial of such knowledge to the adversary
Electronic Warfare
I want to stop communications between advasary (Enemies)
AKA “Jamming”
What is Psychological Warfare
Attacking the morale and mental resolve off opponent
Attempt to get the opponent to GIVE UP
- Propaganda
- Terrorism
Hacker Warfare
Soldiers of Information Security’
Acquire information about subject A, sell it to subject B.
- Attack Targets System (DOS/DDOS)
- Theft of data and/or System
- Disinformation campaign
Economic Warfare
Interfere with targets’s economic/Financial Capabilities
Weaken Target’s economy
- Theft of IP
- Reputational Influence
Cyber Warfare
use of information systems against virtual personas
Similar to information warfare in it’s definition
- Includes
- Information Terrrorism
- Semantic Attacks
- Take over of target system by where the appearance of normal operation (stuxnet)
Defensive Information Warfare
- use actions or strategies to defend against attacks.
- Detection/ Prevention
- Alerts
- Response
- Deterrents
- Emergency Preparedness
Offensive Information Warfare
- Attacks against an opponent
- involve attacks against attackers.
- Web Attacks
- System Attacks
- MITM/ Replay/ Session Hijacking
- Malware Attacks
What is Cyber Kill Chain
The Cyber Kill Chain is a framework that is used to for identification and prevention of cyber activity
Developed by LockHead-Martin around 2011
The seven steps of the Cyber Kill Chain, It provide greater insight into attack phase, which helps security professionals to understand the adversary’s tactics, techniques and procedures.
7 Phases of Cyber Kill Chain
Reconnaissance
Weaponization
Delivery
Exploitation
Installation
Command & Controls
Actions and Objectives
What is Tactics, Techniques & Procedures
TTPS; Tactics, Techniques and Procedures:- are helpful to analyze threats and threat actors that used to strengthen the security of the organization.
The purpose is to identify patterns of behavior which can be used to defend against specific strategies and threat vectors used by malicious actors.
Explain Tactics
Guidelines that describe the way attackers perform their attacks from beginning to the end;
- I want to gather networking information about my target
- I want to find out what services my target is running
- What vulnerabilities does my target have
Explain Techniques
The technical methods that attackers use to achieve their goals; help to identify vulnerabilities and implement measures in advance.
- Perform DNS queries using dig
- Perform network scan and banner grabbing
- Perform vulnerability scanning against my target
Explain Procedures
Defines as the organizational approaches followed by threat actor to launch their attacks, help to identify what an attacker is looking for.
Adversary Behaviors Identification
Adversary Behavioral identification involves the identification of the common methods or techniques to launch attacks to penetrate an organization’s network
Adversary Behaviors Identification is refers to identification of the techniques are that used to penetrate a system
