Threats and Vulnerabilities Flashcards
What is DOS Attack?
- Denial Service of Attack
- A machine floods a victim with requests
- TCP SYN Flood (Multiple TCP sessions)
- Smurf Attack (ICMP Flood)
- DDOS (Multiple computer flood similar to BotNet and Zombie)
What is MITM Attack?
- Man In The Middle (On-Path Attack)
- Attacker in between victim and destination
What is Session Hijacking?
An attacker guesses the session ID that is in use between a
client and a server
What is DNS Poisioning?
Involves corrupting the DNS cache to redirect users to malicious websites, making it a potent technique for intercepting web traffic and stealing sensitive information.
What is Rogue DHCP Server?
A DHCP server on a network which is not under the administrative control of the network administrators
What is Spoofing?
An attacker masquerades as another person by falsifying their identity
What is IP Spoofing?
Modifying the source address of an IP packet to hide the identity of the sender or impersonate another client
What is MAC Spoofing?
- A technique for changing a factory-assigned Media Access Control (MAC) address of a network interface on a networked device.
- Affect every computer on this network subnet.
What is MAC Filtering?
Relies on a list of all known and authorized MAC addresses
What is ARP Spoofing?
- A type of attack in which a malicious actor sends falsified ARP (Address Resolution Protocol) messages over a local area network.
- Results in the linking of an attacker’s MAC address with the IP address of a legitimate computer, server, or gateway on the network.
- Targets single host’s traffic
What is VLAN Hopping?
Attacker exploits misconfigurations to gain unauthorized access to different VLAN
What is Double Tagging?
- Attacker exploits trunk port vulnerabilities to direct traffic to another VLAN
- VLAN Hopping Attack
What is Switch Spoofing?
An attacker modifying a device’s MAC address to appear as an authorized switch port
What is Malware?
Designed to infiltrate a computer system and possibly damage it without the user’s knowledge or consent
What is Virus?
Made up of malicious code that is run on a machine without the user’s knowledge and infects it whenever that code is run
What is Worm?
A piece of malicious software that can replicate itself without user
interaction
What is Trojan Horse?
A piece of malicious software disguised as a piece of harmless or
desirable software
What is RAT?
- Remote Access Trojan
- Provides the attacker with remote control of a victim machine
What is Ransomware?
Restricts access to a victim’s computer system or files until a ransom or payment is received