Malware Types and social engineering techniques Flashcards

1
Q

Viruses and Worms

A

Types of malicious software (malware) that can replicate themselves and spread across a network.
Virus- needs a host file or program to spread
Worm- can spread independently by actively searching for vulnerable systems on the network to infect

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Adware/Spyware

A

Adware- “adware” is a type of malware that displays unwanted advertisements

Spyware- secretly monitors a user’s activity and collects personal information without their knowledge

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Rootkit

A

a type of malware designed to give hackers access to and control over a target device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Botnet

A

a network of private computers infected with malicious software and controlled as a group without the owners’ knowledge, e.g., to send spam messages.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Keylogger

A

a computer program that records every keystroke made by a computer user, especially in order to gain fraudulent access to passwords and other confidential information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Ransomware

A

a type of malicious software designed to block access to a computer system until a sum of money is paid.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Trojan

A

a type of malware that disguises itself as a legitimate program or file to gain access to a device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Antivirus and anti-malware

A

Antivirus and anti-malware are both computer programs that protect devices from malware.

Antivirus: Originally designed to detect and remove viruses, antivirus software scans for known malware patterns and removes or blocks suspicious activity.

Anti-Malware: Can detect and remove a wider range of malicious software, including viruses, spyware, and ransomware. Anti-malware uses techniques to detect new and more sophisticated malware strains.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Phishing

A

Uses fraudulent emails or websites to trick victims into sharing sensitive data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Vishing

A

Uses voice calls or voicemails to trick victims into sharing sensitive data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Whaling

A

Whaling attacks, often referred to as CEO fraud or executive phishing, are sophisticated cyberthreats targeting an organization’s high-profile individuals.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Shoulder Surfing

A

a social engineering attack where a person steals a victim’s personal information by looking over their shoulder or listening to them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Tailgating

A

a security breach that occurs when someone gains access to a restricted area by following an authorized person

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Impersonation

A

a cyber security tactic where a malicious actor pretends to be someone else to steal data or funds

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Dumpster Diving

A

a cybercrime where hackers search through trash to find sensitive information, such as bank statements, credit card numbers, or passwords

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Evil Twin

A

a cyberattack where a hacker creates a fake Wi-Fi network that looks like a legitimate one to trick users into connecting

17
Q

Distributed denial of service (DDoS)

A

a cybercrime that involves flooding a website or network with traffic to make it inaccessible or degrade its performance

18
Q

Denial of service (DoS)

A

a cyber-attack that attempts to make a network resource or machine unavailable to its intended users

19
Q

Zero-day attack

A

a cyber attack that exploits a software, hardware, or firmware vulnerability that is unknown to the vendor or antivirus companies

20
Q

On-path attack

A

a cyberattack where an attacker intercepts and modifies communication between two parties

21
Q

Spoofing

A

a cybercrime where a person or program impersonates another entity to gain access to sensitive information or systems

22
Q

Brute-force attack
Dictionary attack

A

Brute Force: An attacker uses automated software to try every possible combination of letters, numbers, and symbols until they crack the password

Dictionary: An attacker uses a wordlist of common words and phrases to try and crack a password

23
Q

Structured Query Language (SQL) injection

A

a type of cyber attack that uses malicious SQL statements to exploit vulnerabilities in a web application’s code

24
Q

Cross-site scripting (XSS)

A

a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites

25
Q

Insider threat

A

a potential for someone within an organization to harm its security, either intentionally or accidentally

26
Q

Social-engineering vulnerabilities

A

Non-compliant systems.
Unpatched systems.
Unprotected systems:
Missing antivirus.
Missing firewall.
End-of-life operating systems.
Bring your own device (BYOD).