Securing Individual Systems

Question 1

Phishing

Answer 1

Unsolicited emails that typically request info

Question 2

Spear phishing

Answer 2

Similar to phishing but it uses details it knows about you to look legit

Question 3

Snapshot

Answer 3

System image

Question 4

What does rollback refer to?

Answer 4

Small part of a system

Ex: rolling back a driver or app version

Question 5

DOS

-Attacks can be broadly broken down into volumetric, protocol, and application attacks

Answer 5

Denial of Service

Question 6

What is session hijacking?

Answer 6

Two clients talking to each other and you get in the middle of them in real time - Like MIM but real time during their session
ex: FireSheep

Question 7

What is an application Attack?

-Also known as a slow loris attack

Answer 7

Client initiates communication with server but then stops replying over and over

Question 8

Vishing

Answer 8

Voice based solicitations requesting info about you

Question 9

Live Boot Media

Answer 9

Ex: Ubuntu disk being able to boot up with a runable version

• Example of non-persistence
• Persistence would be actually installing it

Question 10

MIM

• 3rd party intercepting between a two party conversation
• Uses information to the third party’s advantage

Answer 10

Man-in-the-Middle

Question 11

Domain Jacking

Answer 11

Waiting for someones domain contract to end and buying their website name to change it and try to resell it back

Question 12

What is a botnet?

Answer 12

Group of computers with malware on them that can be controlled by one computer

Question 13

Elasticity

Answer 13

Able to scale up temporarily to handle more traffic

Question 14

What is a volumetric attack?

Answer 14

Ping or UDP’s being sent to server in large amounts without giving server time to respond

Question 15

Distributive Allocations

Answer 15

Have backups in different locations

Question 16

Non-Persistance

Answer 16

Being able to go back to a known state - data that is collected but will not be saved on restart

Question 17

DDOS

-Uses multiple systems to attack a single host

Answer 17

Distributed Denial of Service

Question 18

Type of attack where you use a username and password hash to enter it as the user without having to even crack it

Answer 18

Replay Attack

Question 19

Sending malicious ARP packets to default gateway

-this can change the ARP to think you are a different computer on the network

Answer 19

ARP Poisoning or ARP Spoofing

Question 20

Spim

Answer 20

Phishing but in instant messenger services

Question 21

What is Ettercap?

Answer 21

A spoofing tool

Question 22

Typo Squatting

Answer 22

Making a website close to another in hopes people will mistype and end up on your
ex: www.gogle.com

Question 23

What is a protocol attack?

Answer 23

SYN flood / TCP SYN attack

-floods server with SYN requests

Question 24

Type of attack where you act as a client to downgrade encryption to a web server

Answer 24

Downgrade Attack

Question 25

What is an Amplification Attack?

-Smurf Attack

Answer 25

Attacker spoofs website IP address and sends out broadcast to network - networks all start replying back to target - this generates a lot of packets being sent around to network just by sending one packet in

Question 26

Using Fake information to fool someone

ex: making your IP address appear to be someones elses so that another computer will trust you

Answer 26

Spoofing

Question 27

Denial of service attack is what?

Answer 27

Prevents others from access a system

Question 28

Privilege Escalation

Answer 28

Getting enough privilege to do something that can cause damage