Threats and attacks Flashcards

1
Q

What is a threat in the context of security?

A

A threat represents a potential security harm to an asset.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What happens when a threat succeeds

A

The threat materializes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Define an attack.

A

An attack is a threat that is carried out and if successful, leads to an undesirable violation of security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is an active attack?

A

An attempt to alter system resources or affect their operation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a passive attack?

A

An attempt to learn or make use of information from the system that does not affect system resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

List types of active attacks on communication lines and networks.

A
  • Masquerade - One entity pretends to be another
  • Modify messages
  • Denial of service
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a buffer overflow?

A

A programming error that occurs when a program writes more data to a buffer (a temporary storage location in memory) than it can hold.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What can happen when a buffer overflows?

A

The excess data can overwrite adjacent memory locations, leading to unpredictable behavior, data corruption, crashes, or vulnerabilities that attackers can exploit.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What can attackers do with a buffer overflow?

A

They can crash a system or insert specially crafted code to gain control of the system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are scripting attacks?

A

A type of cyber attack that exploits vulnerabilities in web applications through malicious scripts. These attacks typically involve injecting harmful code into a web application, which is then executed by a user’s browser

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is SQL injection?

A

A web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Define malware.

A

A program that is inserted into a system with the intent of compromising confidentiality, integrity, or availability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a virus?

A

A piece of malicious code that replicates by attaching itself to another piece of executable code. When the other executable code is run, the virus also executes and has the opportunity to infect other files and perform any other nefarious actions it was designed to do (the payload). Infection can be through exchange programs or carrier files on disk or USB stick; or over a network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How do worms differ from viruses?

A

Worms penetrate networks and systems without needing to attach to other code; they can reproduce independently.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a Trojan horse?

A

A piece of software that appears to do one thing but hides some other functionality.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is ransomware?

A

A type of malware that encrypts user data and demands payment to access the key for recovery.

17
Q

What are logic bombs?

A

Malicious software that sits dormant until an event invokes its payload.

18
Q

What is a botnet?

A

A network of compromised computers controlled remotely by an attacker. These infected devices, called bots or zombies, are used to perform malicious activities without the owner’s knowledge
Can be used for ddos, spamming, spreading malware, etc.

19
Q

Define spyware.

A

A type of malware that secretly gathers information from a user’s device.

20
Q

What is a keylogger?

A

A type of malware that records every keystroke a user types on a keyboard.

21
Q

What is phishing?

A

A cyber attack where attackers impersonate legitimate entities to deceive individuals into revealing sensitive information.

22
Q

What distinguishes spear phishing from regular phishing?

A

Spear phishing is a targeted form of phishing that customizes messages for specific individuals or organizations.

23
Q

What is a backdoor?

A

A method of bypassing normal authentication procedures to gain unauthorized access to a system.

24
Q

Define a rootkit.

A

A type of malware designed to gain unauthorized access while hiding its presence. Rootkits allow attackers to maintain control over a system and evade detection, often functioning at a low level within the operating system.

25
Q

What is an attack surface?

A

The reachable and exploitable vulnerabilities in a system.

26
Q

List the categories of attack surfaces.

A
  • Network attack surface - Refers to vulnerabilities over a network or the internet. Included here are network protocol vulnerabilities such as denial-of-service attacks, disruption of communications links, etc.
  • Software attack surface - This refers to vulnerabilities on application, utility, or operation system code. A focus in this category is Web server software.
  • Human attack surface - Refers to vulnerabilities created by personal or outsiders, such as social engineering, human errors, and trusted insiders.
27
Q

What is an attack tree?

A

A branching, hierarchical data structure that represents a set of potential techniques for exploiting security vulnerabilities.