ISC 3 - Security & Confidentiality Flashcards
What is a replay attack?
a type of man-in-the-middle (MITM) attack in which a cybercriminal eavesdrops on secure network communications, intercepts it, and then “replays” the message at a later time to the intended target to gain access to the network and the data that is behind the firewall
What is a return-oriented attack?
a technique that uses pieces of legitimate original system code (each a gadget) in a sequence to perform operations useful to the attacker. Each gadget ends with a “return” instruction causing the next gadget to execute and carry out complex operations
What type of attack is race conditions?
an attacker exploits a system or application that relies on a specific sequence of operations. By forcing the application to perform two or more operations out of order or simultaneously, an attacker may gain unauthorized access or execute a fraudulent act
What are covert channels?
mechanisms used to transmit data using methods not originally intended for data transmission by the system designer. They violate the entity’s security policy but do not exceed the entity’s access authorization, so they can communicate data in small parts
What are state-sponsored actors?
funded, directed, or sponsored by a nation. Known to steal and exfiltrate intellectual property, sensitive information, and even funds to further their nation’s espionage causes.
What is a hacktivist?
a type of hacker operating to promote social causes or political agendas
What is an insider?
an employee that either organically developed into a person with malicious intentions or intentionally infiltrated an organization to achieve nefarious objectives
What is an Advanced Persistent Threat (ATP)?
a hacking ring; could be sponsored by state governments or operate
What is malware?
consists of software or firmware intended to perform unauthorized processes that have an adverse impact on the confidentiality, integrity, or availability of an information system. Examples: viruses, worms, Trojan horses, adware, spyware, and other code-based programs that infect a host
What are rogue mobile apps?
malicious apps that appear legitimate. A fraudulent party creates a mobile application that is installed by a victim unsuspectingly and that app then steals information, gives the attacker unauthorized access, or executes some other malicious act
What is spear phishing?
a social engineering attack in which employees in a corporate entity are targeted by posing as a legitimate department or employee, such as HR or the IT director. The goal is to obtain confidential information such as usernames, passwords, or personal data that can be used for exploitation
What is DNS spoofing?
a spoofing attack that involves a perpetrator modifying the domain-name-to-IP address mapping known as the Domain Name System (DNS).
What is a mobile code?
any software program designed to move from computer to computer to “infect” other applications by altering them in some way to include a version of the code. A virus is malicious mobile code, and a polymorphic virus is when the code mutates by changing its structure to avoid detection.
What is a SQL injection?
an application attack in which an attacker injects malicious SQL code into existing SQL code on a company’s website to gain unauthorized access to a company’s data
What is buffer overflow?
a type of cyberattack in which attackers overload a program’s buffer, the temporary storage, with more input than it is designed to hold.
