SG 4 - Study Notecards Flashcards
What is sniffing?
Collecting network packets for decoding and analysis
What is ARP ?
The Address Resolution Protocol
Used to convert IP addresses to MAC addresses
What is ring 0 ?
The innermost security ring of a system. It has the most direct hardware access
What is social engineering?
Getting an user to perform an action or give up info they shouldn’t
What is privilege escalation?
Trying to obtain more capabilities on a system than you currently have
What are rainbow tables?
Precomputed password hashes, which can make password cracking A LOT faster
What is persistence?
An attacker attempting to maintain access to a system after the initial compromise
What is a rootkit?
A piece of software that may be used to obscure the existence of malware and may also provide backdoor access to a system for an attacker
What is John the Ripper?
A password cracker
What is malware?
Malicious software
There are multiple forms of malware
What is a debugger?
A software program that can be used to analyze other programs and potentially reverse-engineer the software to understand its functionality
What is disassembly?
Taking an executable program and converting it to assembly language to make it slightly more readable
What is a container?
A way of isolating applications into a separate memory space so it appears as though they are running on a completely different system
What is C2 ?
Command and Control
Command-and-control servers are used by attackers to send commands to malware residing on endpoints
What is Spoofing?
Pretending to be a system or user other than the one you are
