Security + Password Attacks Flashcards

1
Q

Birthday attack

A

the attacker tries to find two different input messages that produce the same hash value, called a collision

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Spraying attack

A

a type of brute force attack where a malicious actor attempts the same password on **many accounts before moving on to another one and repeating the process.**

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Dictionary attack

A

is a method of breaking into a password-protected computer, network or other IT resource by systematically entering every word in a dictionary, or word list, as a password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Replay attack

A

*a network attack * intercepts a network communication between two parties to delay, redirect, or repeat it.

For example, you enter a password to log into a social media platform. The hacker listens to this data transmission between your device and a server, captures the password, and then resends it to the server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Brute-force attack

A

a **hacking method **that uses trial and error to crack passwords, login credentials, and encryption keys.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Rainbow tables

A

a password cracking method that uses a special table (a “rainbow table”) to crack the password hashes in a database.

Applications don’t store passwords in plaintext, but instead encrypt passwords using hashes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Plaintext/unencrypted

A

a type of attack in computer science where the attacker has knowledge of the plaintext and the corresponding ciphertext, which is then used to decrypt the rest of the ciphertext.

An attacker can use one unencrypted file from an encrypted archive, such as a ZIP file, to calculate the key needed to decrypt the entire archive.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Malicious flash drive

A

allow attackers to obtain a user’s passwords, access their devices, and even irreversibly damage their computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Card cloning

A

a method used by criminals to steal credit card information and make unauthorized purchases. Fraudsters install devices on or inside ATMs, point-of-sale (POS) terminals, or fuel pumps to capture card data and PIN entries

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Skimming

A

Fraudsters often use a device called a skimmer that can be installed at gas pumps or ATM machines

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Collision

A

a situation when **two or more data packets** try to occupy the same network channel at the same time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Tainted training data for

A

attacker intentionally provides incorrect or biased data to the machine learning model during the training phase.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

machine learning (ML)

A

AI

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Supply-chain attacks

A

uses third-party tools or services** *Attackers injected a backdoor into a popular software update of SolarWinds,tricking user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly