Threats, Attacks and Vulnerabilities Flashcards

1
Q

What is Malware

A

Malicious software that can cause harm to the user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are some example of malware?

A
Keystroke malware
Botnet
Adware
Viruses and worms
Crypto malware
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How to get malware

A

Vulnerability exploitation

Installation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What does the virus need in order to reproduce itself?

A

Execute a program

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How does the anti-virus protect against viruses?

A

Through virus signatures discovered every week

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are some virus kinds?

A

Program virus (part of a program)
Boot sector virus
Script virus
Macro virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a worm?

A

Virus that can move itself through the network very quickly

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How can you mitigate worms?

A

NGFW

IDS/IPS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What was the wannacry worm?

A

It infected a computer and encrypted its files
It looks for other systems in the network that has the same vulnerabilities
Once it finds it, it installs itself and runs on the vulnerable computer
It installs a backdoor from where wannacry is downloaded

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is ransomware?

A

Cryptograph the computer and ask for money in exchange of the decryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How to avoid a ransomware attack?

A

Have a backup
Keep OS up to date
Keep applications up to date
Keep anti-virus up to date

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are Trojans or Remote Access Trojans (RATs)?

A

It is a software that pretends to be something else

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a backdoor?

A

A way to go back into the system without going through the visible frontdoor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How to avoid Trojans?

A

Don’t run unknown software
Update anti-virus and anti-malware
Always have backup

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a rootkit?

A

A software generally invisible to the software in the kernel, which makes it hard to remove

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a keylogger?

A

A software that saves the keystrokes and send it to a pre-defined location.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is an adware?

A

Software that pops-up advertisement that can hinder the performance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is a spyware?

A

It watches for what is done in the computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is a botnet?

A

A special kind of malware that turns the computer into bots that waits for a command, usually comes from trojan horse or software installation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is a logic bomb?

A

A specific kind of malware that waits for an event to happen. Usually difficult to identify and recover from it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is phishing?

A

A mixture of social engineering and spoofing that tries to deceive the user and make him click or send login information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

How to avoid phishing?

A

Check the URL, spelling, fonts, graphics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is Vishing?

A

Voice phishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is spear phishin?

A

Customized phishing to focus on a specific target with a sense of real content

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What is whaling?

A

Spear phishing a high stake target

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What is Tailgating?

A

To use someone else to gain access to a building (ex: dress like the people and blend in)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

How to prevent tailgating?

A

Make visitors visible and identifiable
One scan, one person at a time
Train organization to ask who they are?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What is impersonation?

A

To pretend to be someone you aren’t

Can come after a throughout study from the organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

How to prevent impersonation attacks?

A

Never volunteer information
Don’t disclosure personal details
Verify before revealing info

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What is dumpster diving?

A

To go into the dumpster and searching for confidential information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What is important to dumpster diving?

A

The timing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Is it legal to dumpster dive?

A

In most of USA, yes. But it is recommended to verify.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

How to protect the rubbish?

A

Secure the garbage
Shred your documents
Look at the trash and do a training based on it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

What is shoulder surfing?

A

To look at someone else’s screen

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

How to prevent shoulder surfing?

A

Control your input
Privacy filter
Keep monitor out of sight
Be Careful of who is behind you

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What are hoaxes?

A

Threats that don’t really exist (ex: hoax about a virus)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

What is a watering hole attack?

A

Instead of attacking the machine itself, it attacks where people access (ex: industry related sites, local coffee shop) and infects who connect to them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

How to avoid watering hole attack?

A

Layered defense
Firewall
IPS
Anti-virus and Anti-malware installed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Social engineering principles

A
In person or online
Authority
Intimidation
Social proof
Scarcity and urgency
Familiarity and trust
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

What is a Denial of Service (DOS)?

A

To make a service unavailable for any objective

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

How to avoid DoS?

A

Patch every system and have it updated

42
Q

Are DoS always intentional?

A

No, it can be unintentional (ex: Network loop, bandwidth, natural disaster)

43
Q

What is a DDoS?

A

The denial of service from a variety of places (ex: army of botnets)

44
Q

What is DDoS amplification?

A

Small attacks that turn into big attacks through another device or service. Usually based on old protocols that have no verification functionality.

45
Q

Example of a DDoS amplification?

A

Multiple DNS entry records that are very long (request -> long response)

46
Q

How does a DNS Amplification DDoS occur?

A

A Command & Control sends the command to the botnet
The botnet requests a Open DNS entry as being the targeted server
The large response is all sent to the target that can’t handle it

47
Q

What is a MITM attack?

A

Someone between point A and B looking at everything that passes by without being noticed

48
Q

Example of MITM attack

A

ARP Poisoning

49
Q

How does ARP poisoning work?

A

The MITM pretends to be another host by sending ARP responses that change the ARP cache in a device, making it look like another.

50
Q

What is buffer overflow?

A

Occurs when information spills out of the original space meant to take

51
Q

How can you prevent buffer overflow?

A

Perform a balance check

52
Q

What is data injection?

A

Adding your own information into a data stream (ex: HTML, SQL, XML, LDAP, etc.)

53
Q

How to avoid data injection?

A

Data validation

Better programming

54
Q

What is Cross site scipting? (XSS)

A

Cross site security flaw, where browser tabs were able to access another tab’s information.

55
Q

Example of XSS

A

Script embedded in URL to execute in a browser tab.

56
Q

What is Cross site request forgery? (XSRF, CSRF)

A

Takes advantage of the trust between web app and user.

The bad guy creates a forged request of a bank site to a bank site visitor that clicks and executes the request.

57
Q

What is privilege escalation?

A

When someone gains a higher level access than the access granted to you.

58
Q

What is a DNS poisoning?

A

Modify the DNS Server to modify the destination IP address when looked up.

59
Q

How does DNS Spoofing happen?

A

Bad guy gains control over the DNS server and changes the IP address of the corresponding URL.

60
Q

What is domain hijacking?

A

To gain access to the domain registration and change the primary DNS Server to a specific DNS Server under control.

61
Q

What are zero day attacks?

A

Exploit of a new vulnerability that it has not been patched yet

62
Q

What is a replay attack?

A

Send a network information that makes the hacker look like the actual end user.

63
Q

How pass the hash work?

A

A user sends a legitimate authentication request to the server
A copy is sent to the hacker’s workstation
The hacker uses the information that legitimate message as if he is the legitimate user

64
Q

How to avoid pass the hash?

A
Salted hash (different every time)
Fully encrypted communication
65
Q

What is URL hijacking?

A

To take legitimate traffic to a URL and redirect it to somewhere else

66
Q

What are some types of URL hijacking?

A

Typosquatting (miss spelling)
Brandjacking (register the brand name)
Clickjacking (to click something that is invisible)
Cookies to hijack session (information stored on the browser)

67
Q

What is driver manipulation?

A

To take advantage of the trust that can exist between hardwre and OS.

68
Q

What is malware refactoring?

A

To change the appearance and software each time it is downloaded to try to avoid antiviruses and signature based protection

69
Q

What is spoofing?

A

One device that pretends to be someone/something it isn’t.

70
Q

Some examples of spoofing

A
DNS Spoofing
E-mail address spoofing
Caller ID spoofing
MITM attacks
MAC Spoofing
IP address spoofing
71
Q

What is a wireless replay attack?

A

Similar to wired replay attack, but much easier to capture the data.

72
Q

Why is WEP (Wired Equivalent Privacy) encryption not used any more?

A

Because it had cryptographic security flaws, suck as ARP request replay attack to gain access to WEP key.

73
Q

What are rogue access points?

A

To plug-in another Access Point onto the network

74
Q

What are evil twins?

A

Configure a new AP to have the same SSID, security settings and password.

75
Q

Wha is wireless jamming?

A

To jam the wireless communication and decrease its signal intentional, or not intentionally.

76
Q

What is a WPS (Wi-Fi Protected Setup) Attack?

A

Attack that takes advantage of its design, that validates its 8 digit pin by the first 4 digits then by its 3 digits = 10,000 + 1,000 possibilities, making brute force attacks to gain access to passwords much more viable

77
Q

What is bluejacking?

A

To send an unsolicited message to a mobile device. It can be used with an address book object to send a message.

78
Q

What is bluesarfing?

A

To access the data on the mobile device through bluetooth, where if you knew the file name, you could download it without authentication.

79
Q

What is RFID (Radio frequency identification)?

A

Access badges, inventory tracking, pet identification, any tracking that is generally is powerd externally through radio frequency.

80
Q

What is a RFID attack?

A

To capture the data being communicated, spoof the reader, deny its service, or decrypt its communication.

81
Q

What is NFC (near field communication)?

A

Two-way wireless communication based on RFID. It uses an access token usually built-in to a device.

82
Q

What are NFC/RFID security cocerns?

A

Traffic that goes through wireless network
Frequency jamming
Relay or MITM attack
Loss of RFC device control

83
Q

What are wireless disassociatoin attack?

A

To surf along the internet and suddenly losing it continuously.

84
Q

How does a wireless disassociation attack occur?

A

Through 802.11 management frames that happen behind the scenes. It is used to configure, find APs, associate and disassociate with APs.

The original wireless standards did not consider security flaws and the requests were sent in the clear.

So disassociation frames can be sent continuously if a few information are known, such as the MAC adddress of the AP and the the target.

85
Q

What is Known Plaintext Attack (KPA)?

A

Where you have a part of the original text and work on it to decipher the rest

86
Q

What is a hash?

A

A one way function that has the same length as output

87
Q

What is a rainbow table?

A

Pre-built set of hashes that contain a large amount of already calculated hashes

88
Q

What is a salted hash?

A

Additional random value added to the original hash, making it different every time

89
Q

What is a dictionary attack?

A

Uses common words grouped as dictionaries and tries these combinations

90
Q

What is a brute force attack?

A

To keep trying the login process multiple times

91
Q

What is a brute force the hash attack?

A

Must have a list of users and hashes and try to brute force the hashed password offline.

92
Q

What are threat actors?

A

Entity responsible for an event that has impact on safety of another entity.

93
Q

What is a scipt kiddie?

A

Someone that uses pre coded script, not necessarily knowing what it does.

94
Q

What is a hacktivist?

A

A hacker that has a goal, or a mission and can use sophisticated attacks.

95
Q

What is a penetration test?

A

To simulate an attack through exploit potential vulnerabilities.

96
Q

What are the general steps of pen test?

A
Passive reconnaissance (social media, news, forums)
Active reconnaissance (ping scan, port scan, DNS query, service scan)
Exploit vulnerability
97
Q

What is the difference between black, white and grey box?

A

The amount of known information.

98
Q

What is a vulnerability scanning?

A

A usually minimally invasive scanning, such as port scanning, system identifying used to gather much information as possible.

99
Q

What is a race condition?

A

A common case in money transfer, where two people try to transfer an X$ amount at the same time, and before one of them is processed, the other one is executed, possibly resulting in more money being made out of nowhere.

100
Q

What is an end-of-life vulnerability?

A

When no more support is given by the vendor.

101
Q

What is are embedded system vulnerabilities?

A

Vulnerability on embedded systems, usually not upgraded and self contained, not having many updates frequently.