SG 7 - Study Notecards Flashcards
What is Packet Crafting?
Generating a pacet that has gields set in a way specified by the attackerm which may include a payload in addition to headers
What is Kerberoasting ?
An attack technique that uses Kerebros requests made over the network to gather info, which could lead to credential compromise
What is a Shodan?
A website that can be used to locate internet of Things (IoT) devices around the world
What is msfvenom ?
- A tool that comes with Metasploit
- Allows someone to package up Metasploit payloads to create malware
What is Ghidra ?
A tool that can be used to reverse-engineer malware
What is Process Injecting?
Injecting code into an existing process to take control of its execution path, hiding the running code
What is Living Off The Land ?
Where an attacker uses tools already on a target system.
Example: Using PowerShell on Windows systems
What is Exploit-DB ?
A website that contains proof of concept code for exploitation of systems and vulnerabilities
What is Operational Technology (OT) ?
Consists of systems and components that support industrial control systems, such as power plants, water control facilities, etc.
What is Cloud-Native Design?
The use of virtualization techniques, as well as different types of data storage in order to provide more resilient applications
What is BPF ?
This is a way to filter packets for the purpose of capturing or display
Berkeley Packet Filter
What is a Security Policy?
A high level statement of the security objectives of an Org
What is Phishing?
A social engineering attack where the attacker sends an email to an user trying to get them to give up info
What is IPSec ?
- A set of functionality introduced in IPv6
- Adds confidentiality and integrity controls to packets being transmitted
- It has been added on top of IPv4
