Security Fundamentals Flashcards
Define vulnerability
Any potential weakness that can compromise a system
Define exploit
Something that can potentially be used to exploit a vulnerability
Define threat
The potential of a vulnerability to be exploited
A hacker exploiting a vulnerability in your system is a threat
Define mitigation technique
Something that can protect against threats
These should be implemented everywhere a vulnerability can be exploited
A DoS attack threatens what aspect of a system
Availability
A DoS attack floods a system to the extent that regular traffic can’t get through
A single DoS attack is usually not done, and instead a _____ is used
DDoS
Distributed Denial of Service
Briefly describe a DDoS attack and how it is different from a DoS attack
DDoS uses many machines (botnet) to send SYN messages to a single target, so that it is harder for the target to block the attack after it is detected or traced back.
DoS attacks use only one attacking machine typically
A spoofing attack is when:
A fake source address is used in an attack.
An example is a DHCP exhaustion attack. The attacker uses spoofed MAC addresses to flood DHCP discover messages. The target server’s DHCP pool becomes full, resulting in a DoS to other devices.
Not all spoofing attacks are also DoS attacks, but a DHCP exhaustion attack is.
Describe a reflection attack
The attacker sends traffic to a reflector, and spoofs the source address of its packets using the target’s IP address. The reflector sends the reply to the target’s IP address. Can result in a DoS.
Describe an amplification attack
A reflection attack becomes an amplification attack when the amount of traffic sent by the attacker is small, but it triggers a large amount of traffic to be send from the reflector to the target.
Describe a man-in-the-middle attack
When an attacker places himself between the source and destination to eavesdrop on communications, or to modify traffic before it reaches its destination.
An example is ARP spoofing/poisoning, where an attacker uses ARP to make the target believe the attacker’s MAC address corresponds to a legitimate IP address
ARP Spoofing/Poisoning is what type of attack:
Man-in-the-middle
Describe a reconnaissance attack
Not strictly an attack itself, but used to gather information about a target which can be used for a future attack.
This is often public information. For example, using WHOIS queries to tailor a social engineering attack
Describe malware
A variety of harmful programs that can infect a computer.
Describe a virus
Infects other software (a host program). The virus spreads as the host software is shared by users. Typically corrupts or modifies files on the target computer.
Describe a worm
Doesn’t require a host program, a standalone piece of malware able to spread on its own and without user interaction. Spread of worms can congest a network, but the payload of a worm can cause additional harm to target devices
Describe a trojan horse
Harmful software disguised as legitimate software. Spread through user interaction such as opening email attachments or downloading a file from the internet.
Describe a social engineering attack
An attack designed to manipulate people into allowing an attacker to compromise a system. Phishing, spear phishing, whaling, Vishing, Smishing.
Describe a watering hole attack
Compromising a site that the victim frequently visits.
Describe a password related attack
Attempting to guess a target’s password, usually via either dictionary attacks (common words) or brute force
AAA stands for
Authentication, Authorization, Accounting
Authentication is:
Process of verifying a user’s identity
Authorization is:
Process of compartmentalizing access. Granting access to appropriate areas of system, denying it to others
Accounting is:
Process of recording user’s activities on the system. I.E. logging when a user makes a change to a file
AAA servers typically support the two following protocols:
RADIUS: Open standard. UDP 1812 and 1813
TACACS+: Cisco proprietary. TCP 49
A program designed to make employees aware of potential security risks and threats is called a:
User awareness program
Describe an example of a user awareness program
Simulate phishing attacks
A dedicated series of training sessions which educate users on corporate security policies, how to create strong passwords, and how to avoid potential threats would be referred to as a:
User training program
Describe physical access control
Method of protecting equipment and data from potential attackers by only allowing authorized users into protected areas such as network closets or data center floors
Ensuring that systems are running and accessible by users is referred to as system _____
avaliability
Confidentiality means that:
Data/system can only be accesses by authorized users
Which of the following terms refers to the real possibility that a potential weakness is taken advantage of to attack a system?
a) Threat
b) Vulnerability
c) Exploit
d) Mitigation technique
a) Threat
Your company implements door locks that require a badge to be scanned and a pass code to be entered. What is this an example of? (pick 2)
a) User training
b) User awareness
c) Physical access control
d) Multi-factor authentication
e) AAA
f) Biometrics
c) Physical access control
d) Multi-factor authentication
Which of the following is not an example of multi-factor authentication?
a) Swiping a key card and then doing a retina scan
b) Entering a password and then tapping a notification on your phone
c) Doing a retina scan and then doing a fingerprint scan
d) Swiping a key card and then entering a PIN
C
For MFA, you want to pick 2 different categories from something you know, have, and are. Retina and fingerprint are both “are”s
Which of the following is considered accounting in the AAA model?
a) Granting a user permission to modify a file
b) Using MFA to verify a user’s identity
c) Restricting a user from viewing a file
d) Logging the date and time a user logged in to the system
D
A & C are authorization
B is authentication
Which of the following are most likely to be considered forms of authorization? (pick 2)
a) Verifying a user’s fingerprint pattern
b) Verifying a user’s password
c) Allowing a user to access a specific file
d) Logging a verified user’s file access
e) Assigning a role to a verified user
C and E
A and B are authentication
D is accounting
