Threats, Attack, And Vulnerabilities Flashcards

1
Q

What is Prepending?

A

Prepending is when a domain name purposely has an extra character in the beginning.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Identity Fraud?

A

Identity Fraud is when someone steals a person’s identity for financial gain or to gain information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is an Invoice Scam?

A

An invoice scam is when an attacker sends an invoice to a company so they may receive money for a product they did not order.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is Credential Harvesting?

A

It is when an attacker uses an attack Vector (ex. DNS poisoning, MITM, Phishing, etc) to amass a large number of credentials (username/password)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is Reconnaissance?

A

Reconnaissance is when someone is covertly gathering information on a system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a Hoax?

A

A hoax is when an attacker tricks the user into believing something, so that they may gain information or allow an attacker to gain access to the system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Impersonation

A

Impersonation is the act of pretending to be someone else for either financial gain or jokes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Watering hole

A

A watering hole attack is an act of identifying a site that many employees from an organization visit and uses that and uses that site infects the employee’s devices with malware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Diagram

A

The diagram is a schematic representation of the structure, the way something works, or even a plan.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Data Loss Prevention (DLP)

A

Data Loss Prevention is a solution that detects and prevents data breaches

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is Masking?

A

Masking is using characters or numbers in place of sensitive data. This is to make it unreadable by anyone who is not authorized to view it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is Encrypt?

A

Encrypt is the act of converting readable data into an encoded format. The only way to view it is through the process that decrypts the data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is “At rest”?

A

Data at rest is data that has reached its destination and is not being accessed or used.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is “in Transit”?

A

Data in transit also known as data in motion is just data moving from one location to another.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is Tokenization?

A

Tokenization is the process of replacing a piece of sensitive data with surrogate values known as a token.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are Rights Management?

A

This is a term for control systems that allow rights owners to exert control over information immediately.

17
Q

What is Incident Response?

A

It is an organized way of addressing the aftermath of a security breach or cyberattack.

18
Q

What is TLS/SSL?

A

TLS/SSL verifies a website’s digital certificate is signed by an authority trusted by the client.

19
Q

What is Hashing?

A

Hashing is the process of transforming a key or a string of characters into another value.

20
Q

What are Hot sites?

A

Hot sites back up data in real-time and are quickly operable in any disaster.

21
Q

What are cold sites?

A

Cold site customer provides the hardware, the office space, and data storage which is a technical requirement

22
Q

What is a warm site?

A

Warm sites have network connectivity and the hardware pre-installed.

23
Q

What is a honeypot?

A

A honeypot is a security mechanism that lures attackers to a virtual trap. The virtual system is exploited by the attackers and is studied to find solutions for bettering the security policies.

24
Q

What is a honey file?

A

Honey files are used as bait for attackers when attackers access the files there is an alarm that is triggered.

25
Q

What is a honey net?

A

It is a network set up as a decoy on a server to lure in attackers.

26
Q

What is a DNS sinkhole?

A

A DNS sinkhole is a mechanism aimed at protecting users who attempt to connect to a malicious site by redirecting them to a controlled IP address.