Threat and attack terminology

Question 1

Malicious software that gathers information, intercept personal data and make it available to third parties. Hes primary purposeis to display ads and generate revenue for the creator.

Answer 1

adware

Question 2

Protocol used to map known IP addresses to unkown physical address

Answer 2

ARP

Question 3

An attack that convinces the network that the attacker’s MAC address is the one associated with an allowed address so that traffic is wrongly sent to attacker’s address

Answer 3

ARP Poisoning

Question 4

Software that identifies the presence of Virus

Answer 4

Antivirus

Question 5

A virus that is protected in a way that makes dissasembiling it difficult.

Answer 5

Armored virus

Question 6

involves the MAC (Media Access Control) address of the data being faked.

Answer 6

ARP spoofing commonly known as ARP poisoning

Question 7

Any unauthorized intrusion into the normal operations of a computer or computer network.

Answer 7

attack

Question 8

The area of an application that is available to users—those who are authenticated and, more importantly, those who are not.

Answer 8

attack surface

Question 9

An opening left in a program application (usually by the

developer) that allows additional access to data.

Answer 9

backdoor

Question 10

An automated software program (network robot) that collects information on the web.In its malicious form, is a compromised computer being controlled remotely.

Answer 10

bot

Question 11

A type of denial-of-service (DoS) attack that occurs when more data is put into a buffer than it can hold, thereby overflowing it

Answer 11

buffer overflow

Question 12

Using multiple transparent or opaque layers to trick a user into clicking a button or link on another page when they had intended to click on the top page.

Answer 12

clickjacking

Question 13

A virus that creates a new program that runs in the place

of an expected program of the same name.

Answer 13

companion virus

Question 14

A form of web-based attack in which unauthorized commands are sent from a user that a website trusts.

Answer 14

cross-site request forgery (XSRF)

Question 15

Running a script routine on a user’s machine

from a website without their permission.

Answer 15

cross-site scripting (XSS)

Question 16

A type of attack that prevents any users—even

legitimate ones—from using a system.

Answer 16

DoS

Question 17

The act of attempting to crack passwords by testing them against a list of dictionary words.

Answer 17

dictionary attack

Question 18

A derivative of a DoS attack in which

multiple hosts in multiple locations all focus on one target to reduce its availability to the public.

Answer 18

DDoS Distributed denial of service

Question 19

An attack method in which a daemon caches DNS reply
packets, which sometimes contain other information (data used to fill the packets). The extra data can be scanned for information useful in a break-in or man-in-the-middle attack.

Answer 19

DNS poisoning

Question 20

The DNS server is given information about a name server that it thinks is legitimate when it isn’t.

Answer 20

DNS Spoofing

Question 21

The network service used in TCP/IP

networks that translates hostnames to IP addresses.

Answer 21

Domain Name System (DNS)

Question 22

Putting too much information into too small of a space that has been set aside for numbers.

Answer 22

Integer Overflow

Question 23

Making the data look as if it came from a trusted host when it didn’t

Answer 23

IP Spoofing

Question 24

A permission method in which users are granted only the privileges necessary to perform their job function.

Answer 24

least privilege

Question 25

The policy of giving a user only the minimum

permissions needed to do the work that must be done.

Answer 25

least privilege policy

Question 26

Any code that is hidden within an application and causes something unexpected to happen based on some criteria being met. For example, a programmer could create a program that always makes sure her name appears on the payroll roster; if it doesn’t, then key files begin to be
erased.

Answer 26

Logic bomb

Question 27

A software exploitation virus that works by using the macro feature included in many applications, such as Microsoft Office.

Answer 27

Macro Virus

Question 28

A threat from someone inside the organization

intent on doing harm.

Answer 28

insider threat

Question 29

An attack that occurs when someone/something that is

trusted intercepts packets and retransmits them to another party.

Answer 29

Man-in-the-middle

Question 30

A virus that attacks a system in more than one way.

Answer 30

multipartie virus

Question 31

A large Internet Control Message Protocol (ICMP) packet

sent to overflow the remote host’s buffer. Usually causes the remote host to reboot or hang.

Answer 31

Ping of Death

Question 32

An attribute of some viruses that allows them to mutate and appear differently each time they crop up. The mutations make it harder for virus scanners to detect (and react) to the viruses.

Answer 32

polymorphic

Question 33

The result when a user obtains access to a resource that

they wouldn’t normally be able to access.It can also be done purposefully by an attacker seeking full access.

Answer 33

Privilege escalation

Question 34

Software that demands payment before restoring the data or system infected.

Answer 34

ransomware

Question 35

An attack that captures portions of a session to play back later to convince a host that it is still talking to the original connection.

Answer 35

replay attack

Question 36

A virus that attacks or bypasses the antivirus software installed on a computer.

Answer 36

retrovirus

Question 37

A form of malware that tries to convince the user to pay for a fake threat.

Answer 37

rogueware

Question 38

Software program that has the ability to obtain root-level access and hide certain things from the operating system.

Answer 38

rootkit

Question 39

A small library that is created to intercept API calls transparently.

Answer 39

shim

Question 40

An attempt by someone or something to masquerade as

someone/something else.

Answer 40

spoofing

Question 41

Software programs that work—often actively—on behalf of a third party.

Answer 41

spyware

Question 42

A virus that attempts to avoid detection by masking itself from applications.

Answer 42

stealth virus

Question 43

Any application that masquerades as one thing in order to get past scrutiny and then does something malicious.

Answer 43

Trojan horse

Question 44

Creating domains that are based on the misspelling of

another.

Answer 44

typo squatting

Question 45

Registering domains that are similar to those for a known

entity but based on a misspelling or typographical error.

Answer 45

URL hijacking

Question 46

A program intended to damage a computer system.

Answer 46

Virus

Question 47

Identifying a site that is visited by those whom they

are targeting, poisoning that site, and then waiting for the results.

Answer 47

wathering hole attack

Question 48

An advanced attack that tries to get around detection and send a packet with every single option enabled.

Answer 48

Xmas attack

Question 49

An attack that begins the very day an exploit is discovered.

Answer 49

Zero day exploit

Question 50

Any system taking directions from a master control computer.

Answer 50

Zombie

Question 51

allows a remote user to access the system for the purpose of administering it. Although this can be extremely valuable for legitimate administration, improperly accessed it offers the opportunity to exploit powerful features of the operating system.

Answer 51

RAT - Remote Access Tool