Network Attacks Flashcards
_____ is a scripting language for Microsoft Office that uses macros to perform a sequence of actions in the context of a word processor, spreadsheet, or presentation file.
Visual Basic for Applications (VBA)
_____ refers to using an exploit in Bluetooth to steal information from someone else’s phone. The exploit (now patched) allows attackers to circumvent the authentication mechanism.
Bluesnarfing
_____ is an RFID attack where an attacker uses a fraudulent RFID reader to read the signals from a contactless bank card.
Skimming
A Bluetooth-discoverable device is vulnerable to _____, similar to spam, where someone sends an unsolicited text (or picture/video) message or vCard (contact details). This can be a vector for Trojan malware.
bluejacking
_____ is based on a particular type of radio frequency ID or RFID. It is commonly available on smartphones for processing wireless payments.
NFC or near field communication
An _____ attack modifies the __ of an encrypted wireless packet during transmission to compute the RC4 keystream to decrypt all other wireless traffic. This attack becomes useless when WPA or WPA2 wireless protection is enabled.
Initialization Vector, IV
_____ is used against network switches that aim to exhaust the memory used to store the switch’s MAC address table.
MAC flooding
_____ is a scripting language for Microsoft Office that uses macros to perform a sequence of actions in the context of a word processor, spreadsheet, or presentation file.
Visual Basic for Applications (VBA)
An _____ is a network attack that involves connections between embedded system devices.
operational technology attack
An _____ attack targets vulnerabilities in the headers and payloads of specific application protocols. For example, one type of amplification attack targets DNS services with bogus queries.
application
A _____ attack aims at consuming network bandwidth and denying it to legitimate hosts. For example, a SYN flood attack works by withholding the client’s ACK packet during TCP’s three-way handshake.
network
_____ occurs when the attacker would craft a malicious URL and convince the victim to submit it to the web server.
HTTP Response Splitting
_____ is a malicious script hosted on the attacker’s site that can exploit a session started on another site in the same browser.
Cross-site Request Forgery (XSRF)
_____ are data stored on a user’s computer by websites that use Adobe Flash Player.
Locally Shared Objects (LSOs), or Flash cookies
A _____ attack uses _____ packets to remove a known wireless access point (WAP) from a client’s list of available networks. This is a type of DoS on wireless networks.
disassociation
