Test #2 Flashcards
What is the goal of security programs?
Mitigate risk (Not eliminate but reduce)
What threat considerations should we make (6)
Threat vectors, threat sources and targets, types of attacks, malicious mobile code, advanced persistent threats (ATPs), manual attacks
What is a threat vector?
A threat vector is a term used to describe where a threat originates and the path it takes to reach a target.
Types of Malicious Mobile Code (3)
Virus, Worm, and Trojan
Malicious Code Lifecycle
Find, exploit, infect, repeat
What is a virus?
A virus is a self-replicating program that uses other host files or code to replicate.
What is a payload?
The damage routine of a virus
What is a worm?
A computer worm uses its own coding to replicate, although it may rely on the existence of other related code to do so.
What is a Trojan
Trojan horse programs, or Trojans, work by posing as legitimate programs that are activated by an unsuspecting user.
What is an Advanced Persistent Threat?
The use of sophisticated malware for targeted cybercrime is known as advanced persistent threats (APTs).
What is a physical attack?
When a person gains information by physically removing a part of a system or whole system
What are Network-layer attacks?
Network-layer attacks attempt to compromise network devices and protocol stacks. Network-layer attacks include packet-sniffing and protocol-anomaly exploits.
What is packet-sniffing?
Sniffing occurs when an unauthorized third party captures network packets destined for computers other than their own. Packet sniffing allows the attacker to look at transmitted content and may reveal passwords and confidential data.
How can we stop packet sniffing?
Encryption
What is a buffer overflow?
Buffer overflows occur when a program expecting input does not do input validation
